pt.gayout.com Open in urlscan Pro
2001:41d0:203:98e7::888 Public Scan

URL:
https://pt.gayout.com/
Submission: On April 30 via api (April 30th 2021, 1:14:59 am UTC) from VN

Summary HTTP 216 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 43 IPs in 9 countries across 32 domains to perform 216 HTTP transactions. The main IP is 2001:41d0:203:98e7::888, located in France and belongs to OVH, FR. The main domain is pt.gayout.com.
TLS certificate: Issued by R3 on April 29th 2021. Valid for: 3 months.

This is the only time pt.gayout.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 6	2001:41d0:203... 2001:41d0:203:98e7::888	16276 (OVH) (OVH)
47	212.199.184.174 212.199.184.174	9116 (GOLDENLIN...) (GOLDENLINES-ASN Partner Communications Main Autonomous System)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.21.68 13.32.21.68	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:303... 2606:4700:3036::6815:325d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
11	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	5.57.16.90 5.57.16.90	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2 5	37.10.0.220 37.10.0.220	43996 (BOOKING-B...) (BOOKING-BV Booking.com)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
28	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	2600:9000:20e... 2600:9000:20e8:8c00:1f:e2ee:200:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	63.33.127.66 63.33.127.66	16509 (AMAZON-02) (AMAZON-02)
7	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:303... 2606:4700:3032::6815:57ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
6	46.236.13.147 46.236.13.147	24931 (DEDIPOWER) (DEDIPOWER)
1	99.84.144.54 99.84.144.54	16509 (AMAZON-02) (AMAZON-02)
2	81.29.72.47 81.29.72.47	24931 (DEDIPOWER) (DEDIPOWER)
4	54.72.18.9 54.72.18.9	16509 (AMAZON-02) (AMAZON-02)
1	13.224.106.100 13.224.106.100	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2013	15169 (GOOGLE) (GOOGLE)
216	43

6 2001:41d0:203:98e7::888 (France) 3 redirects

ASN16276 (OVH, FR)

pt.gayout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 212.199.184.174 (Yehud, Israel)

ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL)
PTR: actvserv2.spd.co.il

www.gayout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.21.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-68.fra56.r.cloudfront.net

assets.brandfolder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3036::6815:325d (United States)

ASN13335 (CLOUDFLARENET, US)

tdns6.gtranslate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
external-frt3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.57.16.90 (Netherlands)

ASN43996 (BOOKING-BV Booking.com, NL)
PTR: bstatic.com

aff.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.10.0.220 (Netherlands) 2 redirects

ASN43996 (BOOKING-BV Booking.com, NL)

www.booking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

scontent-frt3-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:20e8:8c00:1f:e2ee:200:93a1 (United States)

ASN16509 (AMAZON-02, US)

cf.bstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.127.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-127-66.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:57ae (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.144.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-54.txl52.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.29.72.47 (Leeds, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net

diapi.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.72.18.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-18-9.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.106.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-100.mad50.r.cloudfront.net

analytics-wg.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

w-it.m-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	gayout.com 3 redirects pt.gayout.com www.gayout.com	649 KB
28	facebook.com www.facebook.com	440 KB
21	bstatic.com aff.bstatic.com cf.bstatic.com	149 KB
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	386 KB
13	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	13 KB
12	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	161 KB
11	fbcdn.net scontent-frt3-2.xx.fbcdn.net scontent-frt3-1.xx.fbcdn.net static.xx.fbcdn.net external-frt3-2.xx.fbcdn.net scontent.xx.fbcdn.net	174 KB
11	google.com cse.google.com www.google.com clients1.google.com translate.google.com adservice.google.com	173 KB
10	googleapis.com translate.googleapis.com www.googleapis.com	103 KB
8	webgains.com track.webgains.com diapi.webgains.com	137 KB
6	webgains.io analytics.webgains.io api.webgains.io analytics-wg.webgains.io	105 KB
5	booking.com 2 redirects www.booking.com	69 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	gtranslate.net tdns6.gtranslate.net	10 KB
3	m-t.io w-it.m-t.io	401 B
3	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net ad4mat.net	5 KB
3	gstatic.com www.gstatic.com	116 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
2	openx.net 2 redirects rtb.openx.net	756 B
2	rlcdn.com 2 redirects id.rlcdn.com	888 B
2	googletagservices.com www.googletagservices.com	63 KB
2	google.de www.google.de adservice.google.de	272 B
2	facebook.net connect.facebook.net	64 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	yandex.ru 1 redirects mc.yandex.ru	44 KB
1	awin1.com www.awin1.com	702 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	456 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	quantserve.com cms.quantserve.com	464 B
1	googleadservices.com partner.googleadservices.com	260 B
1	brandfolder.com assets.brandfolder.com	30 KB
216	32

	Domain	Requested by
47	www.gayout.com	pt.gayout.com www.gayout.com
28	www.facebook.com	connect.facebook.net www.facebook.com
20	cf.bstatic.com	www.booking.com cf.bstatic.com
9	translate.googleapis.com	pt.gayout.com translate.google.com translate.googleapis.com srcdoc
8	pagead2.googlesyndication.com	www.gayout.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	track.webgains.com	as.ad4m.at analytics.webgains.io
6	assets.ad4m.at	as.ad4m.at
6	www.google.com	cse.google.com www.google.com
6	pt.gayout.com	3 redirects www.gayout.com
5	external-frt3-2.xx.fbcdn.net
5	ad4m.at	googleads.g.doubleclick.net ad4m.at
5	www.booking.com	2 redirects aff.bstatic.com cf.bstatic.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	mc.yandex.com	2 redirects pt.gayout.com
5	tdns6.gtranslate.net	pt.gayout.com
4	api.webgains.io	analytics.webgains.io
4	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
3	w-it.m-t.io	analytics-wg.webgains.io
3	www.gstatic.com	pt.gayout.com translate.googleapis.com
2	diapi.webgains.com	track.webgains.com
2	as.ad4m.at	ad4m.at as.ad4m.at
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	id.rlcdn.com	2 redirects
2	static.xx.fbcdn.net	www.facebook.com
2	scontent-frt3-1.xx.fbcdn.net	www.facebook.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	connect.facebook.net	www.gayout.com connect.facebook.net
2	www.google-analytics.com	pt.gayout.com www.google-analytics.com
2	mc.yandex.ru	1 redirects pt.gayout.com
2	cse.google.com	pt.gayout.com www.google.com
1	analytics-wg.webgains.io	analytics.webgains.io
1	analytics.webgains.io	track.webgains.com
1	www.awin1.com	as.ad4m.at
1	ad4mat.net	ad4m.at
1	scontent.xx.fbcdn.net
1	static-de.ad4mat.net	ad4m.at
1	pixel.rubiconproject.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	scontent-frt3-2.xx.fbcdn.net	www.facebook.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	aff.bstatic.com	www.gayout.com
1	translate.google.com	pt.gayout.com
1	clients1.google.com	pt.gayout.com
1	www.googleapis.com	pt.gayout.com
1	assets.brandfolder.com	pt.gayout.com
216	54

This site contains links to these domains. Also see Links.

Domain
www.gayout.com
am.gayout.com
ar.gayout.com
bn.gayout.com
zh-cn.gayout.com
cs.gayout.com
nl.gayout.com
fr.gayout.com
de.gayout.com
gu.gayout.com
iw.gayout.com
hi.gayout.com
hu.gayout.com
it.gayout.com
jw.gayout.com
ko.gayout.com
ms.gayout.com
mr.gayout.com
fa.gayout.com
pl.gayout.com
ro.gayout.com
ru.gayout.com
es.gayout.com
th.gayout.com
tr.gayout.com
ur.gayout.com
vi.gayout.com
www.youtube.com
plus.google.com
twitter.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
ar.gayout.com R3	`2021-04-29` - `2021-07-28`	3 months	crt.sh
gayout.com R3	`2021-04-16` - `2021-07-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.brandfolder.com Amazon	`2020-11-13` - `2021-12-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-22` - `2021-07-22`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.bstatic.com DigiCert ECC Secure Server CA	`2019-12-13` - `2021-12-17`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.booking.com DigiCert ECC Secure Server CA	`2020-10-14` - `2021-10-18`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
q-cf.bstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-12` - `2022-01-10`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
www.awin1.com DigiCert Secure Site ECC CA-1	`2020-04-21` - `2021-07-21`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-20` - `2021-06-08`	2 years	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh
w-it.m-t.io GTS CA 1D4	`2021-04-09` - `2021-07-09`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://pt.gayout.com/
Frame ID: 5A02B1F29B94E0462BC173082DFE19BD
Requests: 98 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 7EDC31188BDA2BD8C3527AF1AE4EFD4C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html
Frame ID: 181946BB80708B6E6A10A73A5E761BAB
Requests: 1 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1131196&fid=1619745282920&
Frame ID: FF85281B1303DFDEA19AF32C5AEE826F
Requests: 11 HTTP requests in this frame

Frame: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&
Frame ID: 249B67F223E50728E9F7192B9530921B
Requests: 12 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: FC64D84010DB43FAD00704BAAF49A598
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1047644867309294&output=html&adk=1812271804&adf=3025194257&lmt=1619745279&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpt.gayout.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619745282895&bpp=17&bdt=3272&idt=113&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8388844495769&frm=20&pv=2&ga_vid=535165903.1619745283&ga_sid=1619745283&ga_hid=1548476869&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739392&oid=3&pvsid=2392059193750853&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=141
Frame ID: CD9E747ABA479D5D9441A862D54A79B2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
Frame ID: BB36BF60017B34D50B882CDF867D73AD
Requests: 36 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f9fe930c05714%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=1000&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small
Frame ID: 418280DFB3947D1F91BF814837F288C0
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1047644867309294&output=html&h=600&slotname=8873754962&adk=1402457258&adf=3846147594&pi=t.ma~as.8873754962&w=160&lmt=1619745279&psa=0&format=160x600&url=https%3A%2F%2Fpt.gayout.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619745282912&bpp=5&bdt=3289&idt=164&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8388844495769&frm=20&pv=1&ga_vid=535165903.1619745283&ga_sid=1619745283&ga_hid=1548476869&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739392&oid=3&pvsid=2392059193750853&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NEIo17qjyr&p=https%3A//pt.gayout.com&dtd=174
Frame ID: 5201BD6A4AAA3738360C27359B99C671
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1047644867309294&output=html&h=600&slotname=8873754962&adk=1402457258&adf=2694998385&pi=t.ma~as.8873754962&w=160&lmt=1619745279&psa=0&format=160x600&url=https%3A%2F%2Fpt.gayout.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619745282917&bpp=1&bdt=3294&idt=212&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8388844495769&frm=20&pv=1&ga_vid=535165903.1619745283&ga_sid=1619745283&ga_hid=1548476869&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1440&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739392&oid=3&pvsid=2392059193750853&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wmiLCwF9XO&p=https%3A//pt.gayout.com&dtd=227
Frame ID: 0B86D54B71A0BA0DAEDA553135DC8A45
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 7674CD2B3FCCEC0294CD0ECD3E1ADC3F
Requests: 2 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1gjam1m5cfbpc2vm0gtb49k05nej8tyb973q7s6wyyhh9gts968ts1s9ayhhcxrceg6t3y6en11czav2rsbb15sswq3chhpb1pwgk9ss3yc964k2m852pxgh9rvcnhqvp7t6404h4prtykan8n9j2y7mqtkdhvckde85ab1wys4ppc8fqn81b4ymc2t3meybtwncp21gvj0hftt33rtma5m754fnkm0j2cep897sme18p7rc2aw23rgfvvcbg1aqe50q77x7stm79524dtdyn2jmh1v7kdkgfed37jssjbafgkb2m4mk6fwjvbxk6hkd4ex0xyc1k9hdbsmqdpaq1e82ghjsnc5mm926cepcns142yt82bf98z5zdpe1g7v0jwczd84mq8fgmejxf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%26client%3Dca-pub-1047644867309294%26adurl%3D
Frame ID: 70CF82B0C87686983A7EFB4B7D7BBD0D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7137971C6555DA49C43F02C8BD0F47E3
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 1913DB01C325F18FD2B69C48F623A57F
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: 03E0DC7A67A2D016D5CD3840600E04F5
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0
Frame ID: 81BBD0B52F3D91E72881877512B395E6
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

216
Requests

100 %
HTTPS

63 %
IPv6

32
Domains

54
Subdomains

43
IPs

9
Countries

2909 kB
Transfer

6762 kB
Size

4
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gayout.com/
Title: English

Search URL Search Domain Scan URL

URL: https://am.gayout.com/
Title: Amharic

Search URL Search Domain Scan URL

URL: https://ar.gayout.com/
Title: Arabic

Search URL Search Domain Scan URL

URL: https://bn.gayout.com/
Title: Bengali

Search URL Search Domain Scan URL

URL: https://zh-cn.gayout.com/
Title: Chinese (Simplified)

Search URL Search Domain Scan URL

URL: https://cs.gayout.com/
Title: Czech

Search URL Search Domain Scan URL

URL: https://nl.gayout.com/
Title: Dutch

Search URL Search Domain Scan URL

URL: https://fr.gayout.com/
Title: French

Search URL Search Domain Scan URL

URL: https://de.gayout.com/
Title: German

Search URL Search Domain Scan URL

URL: https://gu.gayout.com/
Title: Gujarati

Search URL Search Domain Scan URL

URL: https://iw.gayout.com/
Title: Hebrew

Search URL Search Domain Scan URL

URL: https://hi.gayout.com/
Title: Hindi

Search URL Search Domain Scan URL

URL: https://hu.gayout.com/
Title: Hungarian

Search URL Search Domain Scan URL

URL: https://it.gayout.com/
Title: Italian

Search URL Search Domain Scan URL

URL: https://jw.gayout.com/
Title: Javanese

Search URL Search Domain Scan URL

URL: https://ko.gayout.com/
Title: Korean

Search URL Search Domain Scan URL

URL: https://ms.gayout.com/
Title: Malay

Search URL Search Domain Scan URL

URL: https://mr.gayout.com/
Title: Marathi

Search URL Search Domain Scan URL

URL: https://fa.gayout.com/
Title: Persian

Search URL Search Domain Scan URL

URL: https://pl.gayout.com/
Title: Polish

Search URL Search Domain Scan URL

URL: https://ro.gayout.com/
Title: Romanian

Search URL Search Domain Scan URL

URL: https://ru.gayout.com/
Title: Russian

Search URL Search Domain Scan URL

URL: https://es.gayout.com/
Title: Spanish

Search URL Search Domain Scan URL

URL: https://th.gayout.com/
Title: Thai

Search URL Search Domain Scan URL

URL: https://tr.gayout.com/
Title: Turkish

Search URL Search Domain Scan URL

URL: https://ur.gayout.com/
Title: Urdu

Search URL Search Domain Scan URL

URL: https://vi.gayout.com/
Title: Vietnamese

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCrPdpAkKpTu1hahYyN1h_kA
Title:

Search URL Search Domain Scan URL

URL: http://www.youtube.com/
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/102717113489300202441/posts?hl=en
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/GayOut_Events
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GayOut-975320759208338/
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gayout_events/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://pt.gayout.com/modules/mod_gtranslate/tmpl/lang/switcher.png HTTP 301
https://www.gayout.com/modules/mod_gtranslate/tmpl/lang/switcher.png

Request Chain 41

https://pt.gayout.com/modules/mod_gtranslate/tmpl/lang/arrow_down.png HTTP 301
https://www.gayout.com/modules/mod_gtranslate/tmpl/lang/arrow_down.png

Request Chain 67

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9258.Y2IV-KfpanScHcNMZymROKD_VjLUpmmKeR6POlCV8D9pLoKjFOf1ZO8TbsXiILbH.k7ZoKyqPwbC75rVYc8l-s6w-VoM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9258.kn9kV0wykWgw15SlI9D1o_Q7LtBxzvoozaQrzZrgPlvwSXOC6zZISM62pnbSDpm7bLw_5Z3mftySqXPSpn1mjg%2C%2C.iSA_jdUiLyf-BMSabhsH03WGqJA%2C

Request Chain 69

https://mc.yandex.com/watch/36618640?wmode=7&page-url=https%3A%2F%2Fpt.gayout.com%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A9451%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A940723635842%3Ahid%3A648874735%3Az%3A120%3Ai%3A20210430031440%3Aet%3A1619745280%3Ac%3A1%3Arn%3A478852030%3Au%3A1619745280542247989%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1619745270677%3Ads%3A1%2C32%2C8908%2C13%2C1%2C0%2C%2C620%2C67%2C%2C%2C%2C9566%3Adsn%3A1%2C32%2C8907%2C13%2C1%2C0%2C%2C610%2C68%2C%2C%2C%2C9566%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1619745281%3At%3AGayOut%20-%20Mundo%20Gay%20Eventos HTTP 302
https://mc.yandex.com/watch/36618640/1?wmode=7&page-url=https%3A%2F%2Fpt.gayout.com%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A9451%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A940723635842%3Ahid%3A648874735%3Az%3A120%3Ai%3A20210430031440%3Aet%3A1619745280%3Ac%3A1%3Arn%3A478852030%3Au%3A1619745280542247989%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1619745270677%3Ads%3A1%2C32%2C8908%2C13%2C1%2C0%2C%2C620%2C67%2C%2C%2C%2C9566%3Adsn%3A1%2C32%2C8907%2C13%2C1%2C0%2C%2C610%2C68%2C%2C%2C%2C9566%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1619745281%3At%3AGayOut%20-%20Mundo%20Gay%20Eventos

Request Chain 71

https://pt.gayout.com/plugins/system/joompush/asset/js/joompush.js HTTP 301
https://www.gayout.com/plugins/system/joompush/asset/js/joompush.js

Request Chain 91

https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1319615&fid=1619745282920& HTTP 302
https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1131196&fid=1619745282920&

Request Chain 92

https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319615&fid=1619745282925& HTTP 302
https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&

Request Chain 167

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitULiWFyLLLo4SoYXH98fbETi4w4d1UEQ5a-C3ze6hTnOGOqfqHCvTHDmMwwQ4FxwFtauYtdwd5CgSolN29SDNS1GMDUUUxv7&google_gid=CAESEASITG6fNcGkaJmh2jJ_ZIE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUl0YUJBQUFCSjA3Z0gtcw&google_push=AQvitULiWFyLLLo4SoYXH98fbETi4w4d1UEQ5a-C3ze6hTnOGOqfqHCvTHDmMwwQ4FxwFtauYtdwd5CgSolN29SDNS1GMDUUUxv7

Request Chain 168

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitULrUChuMIOTJRZpMLgyHtLJmE29RHzt0KgCIu07HJyYwo6uuij0GwYLmOKoSxSk5ImFLEXPoC5eVi0lB2KCOcBq1py9Uz9X&google_gid=CAESEActakdVGylFWgw8kErmGr8&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIS0rYQGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVMclVDaHVNSU9USlJacE1MZ3lIdExKbUUyOVJIenQwS2dDSXUwN0hKeVl3bzZ1dWlqMEd3WUxtT0tvU3hTazVJbUZMRVhQb0M1ZVZpMGxCMktDT2NCcTFweTlVejlY HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwazN3UTg4QkdaekRzOXUyVnplbTRGSXlSS2VQOHZ0ZFF5SC14R1pWd3Vwdw==&google_push

Request Chain 169

https://rtb.openx.net/sync/dds?google_gid=CAESEKz6Xc5znys9qnHJTeEmMHI&google_cver=1&google_push=AQvitUI4cday6BZkKj6r3k1TsK34jcA14m1Y1iPclCq0trjr-k4y80PAYwHUsCLWzaYbuv2DvmhsIWt8_KpdjpvKiPcM-Q_ISsM HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEKz6Xc5znys9qnHJTeEmMHI&google_cver=1&google_push=AQvitUI4cday6BZkKj6r3k1TsK34jcA14m1Y1iPclCq0trjr-k4y80PAYwHUsCLWzaYbuv2DvmhsIWt8_KpdjpvKiPcM-Q_ISsM&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI4cday6BZkKj6r3k1TsK34jcA14m1Y1iPclCq0trjr-k4y80PAYwHUsCLWzaYbuv2DvmhsIWt8_KpdjpvKiPcM-Q_ISsM&google_hm=3LrC5bvtxWQpyuUhpb60WQ==

Request Chain 170

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMsXDrv0LUXnnwYja2eUuNI&google_cver=1&google_push=AQvitUK4i0O8-cdLjXHeK_1K6h_P_DB5qaBYx-xsiSyl36QXOEEcWFn1GMGqPT82crp1oGQuMAQlfwC883JF2DZfQazbFCA-RDRm HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMsXDrv0LUXnnwYja2eUuNI&google_cver=1&google_push=AQvitUK4i0O8-cdLjXHeK_1K6h_P_DB5qaBYx-xsiSyl36QXOEEcWFn1GMGqPT82crp1oGQuMAQlfwC883JF2DZfQazbFCA-RDRm&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7apg1WkhRJCPip_n-IYkkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK4i0O8-cdLjXHeK_1K6h_P_DB5qaBYx-xsiSyl36QXOEEcWFn1GMGqPT82crp1oGQuMAQlfwC883JF2DZfQazbFCA-RDRm

Request Chain 171

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBPRYdFKuxL2nT-wbvYfHdU&google_cver=1&google_push=AQvitUJmA8KG5MufTOYpB5OkXMBwV2qrZpoHEfqXkfUuicZ3wZ8r8n-z1QgzLL8KO_YoLtkzg9L_DaoENW_gw-Im221WPPOGVhs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08zTUlSVzEtUi05TDhU&google_push=AQvitUJmA8KG5MufTOYpB5OkXMBwV2qrZpoHEfqXkfUuicZ3wZ8r8n-z1QgzLL8KO_YoLtkzg9L_DaoENW_gw-Im221WPPOGVhs

Request Chain 172

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOPEuiwQi1k83GystlLGt64&google_cver=1&google_push=AQvitULPqUhI0UxcdtV29rXRJKQy7Gz4YxvuGg6w0QMUdyR30YUarZLEjzqFICoTvHttOTSxezHTW98fFVSWFzZWEeMPw_bv9DFR HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOPEuiwQi1k83GystlLGt64&google_cver=1&google_push=AQvitULPqUhI0UxcdtV29rXRJKQy7Gz4YxvuGg6w0QMUdyR30YUarZLEjzqFICoTvHttOTSxezHTW98fFVSWFzZWEeMPw_bv9DFR&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YItaBF4aYhpuPpiL9XRWTQAABKMAAAAB&google_cver=1&google_push=AQvitULPqUhI0UxcdtV29rXRJKQy7Gz4YxvuGg6w0QMUdyR30YUarZLEjzqFICoTvHttOTSxezHTW98fFVSWFzZWEeMPw_bv9DFR&google_gid=CAESEOPEuiwQi1k83GystlLGt64

216 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
pt.gayout.com/ 193 KB
27 KB 8942ms
8908ms Document
text/html 2001:41d0:203:98e7::888
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.gayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:203:98e7::888 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: gtranslate /
Resource Hash: 72680e40b06c410ab066c42e2fdaa84aba459f5f303c80e558200df7374949af

Request headers

Host: pt.gayout.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
server: gtranslate
content-language: pt
x-gt-cache-status: BYPASS
vary: User-Agent
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
date: Fri, 30 Apr 2021 01:14:39 GMT
access-control-allow-origin: *
set-cookie: 90e87e50b67241fc459451a438c43ee9=b1dq63eu67ffbgstc6ahv9onv4; path=/; domain=.gayout.com; HttpOnly
pragma: no-cache
last-modified: Fri, 30 Apr 2021 01:14:39 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
Content-Encoding: gzip

GET
H2 200 bootstrap.min.css
www.gayout.com/media/modals/css/ 4 KB
1 KB 213ms
66ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/media/modals/css/bootstrap.min.css
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: b675c42f697b3957fa81e7aaf7b5884f42d82c2060e5333f7b2b562e2af830ef

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Sun, 03 Jul 2016 15:04:11 GMT
server: nginx
etag: W/"5779296b-f90"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 jcemediabox.css
www.gayout.com/plugins/system/jcemediabox/css/ 6 KB
1 KB 331ms
185ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/plugins/system/jcemediabox/css/jcemediabox.css?1d12bb5a40100bbd1841bfc0e498ce7b
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 4fc216ed242cf1759ea9a3fd18de4ce4e610e6642a1406301d7dfb4dae062f46

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2018 15:00:24 GMT
server: nginx
etag: W/"5a71da08-1722"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 style.css
www.gayout.com/plugins/system/jcemediabox/themes/standard/css/ 7 KB
1 KB 215ms
68ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/plugins/system/jcemediabox/themes/standard/css/style.css?50fba48f56052a048c5cf30829163e4d
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: eb23e00b2963134b6445eeb6d5a764ccded7a2b51c1066910beb15fbab2b7cac

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2018 15:00:24 GMT
server: nginx
etag: W/"5a71da08-1b86"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 superfish.css
www.gayout.com/modules/mod_ext_superfish_menu/assets/css/ 3 KB
1 KB 270ms
124ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/modules/mod_ext_superfish_menu/assets/css/superfish.css
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 7c442020a40d62b0b1350b0a3ca3ec6a4cbf655da878839a12eca2e09b550f89

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2016 11:54:06 GMT
server: nginx
etag: W/"56a60cde-a41"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 mmenu.css
www.gayout.com/modules/mod_menu2panel/assets/ 8 KB
3 KB 330ms
184ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/modules/mod_menu2panel/assets/mmenu.css
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 4d305dfc78c067f837b65e351ad12a57a60c047b38b0ae8ea6832cb3dda37ad0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2016 15:02:38 GMT
server: nginx
etag: W/"5783b50e-20f2"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 bootstrap.css
www.gayout.com/components/com_comprofiler/plugin/templates/cb_gy/ 211 KB
25 KB 334ms
188ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/components/com_comprofiler/plugin/templates/cb_gy/bootstrap.css?v=abeb663b81e40f3c
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 7d73a92a2ff49ae0c5a4c372ae8912c7bc38f310c03726a28cf5b0357b314915

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Sun, 07 Feb 2016 14:17:01 GMT
server: nginx
etag: W/"56b751dd-34b20"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 template.css
www.gayout.com/components/com_comprofiler/plugin/templates/cb_gy/ 60 KB
7 KB 214ms
68ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/components/com_comprofiler/plugin/templates/cb_gy/template.css?v=abeb663b81e40f3c
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 446a3557adaeb7a0393315a752610709696e4ac9c5976aea2c9ccf57051df216

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Sun, 07 Feb 2016 14:17:01 GMT
server: nginx
etag: W/"56b751dd-f0d6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 cbconnect.css
www.gayout.com/components/com_comprofiler/plugin/user/plug_cbconnect/css/ 10 KB
2 KB 270ms
124ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/components/com_comprofiler/plugin/user/plug_cbconnect/css/cbconnect.css?v=556a50ec366305ad
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 66532c5e84dfe913aebf5c3547c509e121db20591003fbe1ff03b1eb013517b9

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Sun, 10 Jan 2021 12:18:57 GMT
server: nginx
etag: W/"5ffaf0b1-2760"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 jquery.min.js Show response
www.gayout.com/media/jui/js/ 95 KB
33 KB 381ms
236ms Script
application/javascript 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/media/jui/js/jquery.min.js?43d8fe0c111e81693a3173e780f745ae
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2017 12:20:08 GMT
server: nginx
etag: W/"59773778-17b8b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 May 2021 01:14:39 GMT

GET
H2 200 jquery-noconflict.js Show response
www.gayout.com/media/jui/js/ 21 B
256 B 381ms
235ms Script
application/javascript 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/media/jui/js/jquery-noconflict.js?43d8fe0c111e81693a3173e780f745ae
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2017 12:20:08 GMT
server: nginx
etag: W/"59773778-15"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 May 2021 01:14:39 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.gayout.com/media/jui/js/ 10 KB
4 KB 382ms
237ms Script
application/javascript 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/media/jui/js/jquery-migrate.min.js?43d8fe0c111e81693a3173e780f745ae
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2017 12:20:08 GMT
server: nginx
etag: W/"59773778-2748"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 May 2021 01:14:39 GMT

GET
H2 200 caption.js Show response
www.gayout.com/media/system/js/ 491 B
551 B 381ms
236ms Script
application/javascript 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/media/system/js/caption.js?43d8fe0c111e81693a3173e780f745ae
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2017 12:20:08 GMT
server: nginx
etag: W/"59773778-1eb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 May 2021 01:14:39 GMT

GET
H2 200 jquery.touchSwipe.min.js Show response
www.gayout.com/media/modals/js/ 11 KB
4 KB 380ms
235ms Script
application/javascript 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/media/modals/js/jquery.touchSwipe.min.js
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: f65f3aeed46b79940849fa2022f2cbdf368288de9046f2b3da075c42f9dde8f6

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Sun, 03 Jul 2016 15:04:11 GMT
server: nginx
etag: W/"5779296b-2d38"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 May 2021 01:14:39 GMT

GET
H2 200 jquery.colorbox-min.js Show response
www.gayout.com/media/modals/js/ 12 KB
5 KB 381ms
236ms Script
application/javascript 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/media/modals/js/jquery.colorbox-min.js
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: e7033c5dee8c34a1e70384711692e36a4fea1c5492bfa1b2828ec98f08829671

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Sun, 03 Jul 2016 15:04:11 GMT
server: nginx
etag: W/"5779296b-2e95"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 May 2021 01:14:39 GMT

GET
H2 200 script.min.js Show response
www.gayout.com/media/modals/js/ 4 KB
2 KB 380ms
236ms Script
application/javascript 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/media/modals/js/script.min.js?v=7.1.2
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 7dc515c961ca9d4d269aed521fa84eeb12efc3159114efc3d49bcb79aa64ef15

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Sun, 03 Jul 2016 15:04:11 GMT
server: nginx
etag: W/"5779296b-f68"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 May 2021 01:14:39 GMT

GET
H2 200 jcemediabox.js Show response
www.gayout.com/plugins/system/jcemediabox/js/ 57 KB
18 KB 380ms
236ms Script
application/javascript 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/plugins/system/jcemediabox/js/jcemediabox.js?0c56fee23edfcb9fbdfe257623c5280e
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 77b13ffcb475664252e3cd115b4567bbbc183e35592a5627fe6ec7b304d14cc1

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Wed, 31 Jan 2018 15:00:24 GMT
server: nginx
etag: W/"5a71da08-e3f6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 May 2021 01:14:39 GMT

GET
H2 200 jquery.mmenu.js Show response
www.gayout.com/modules/mod_menu2panel/assets/ 10 KB
3 KB 381ms
236ms Script
application/javascript 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/modules/mod_menu2panel/assets/jquery.mmenu.js
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 1a3470014fb0acc59e99e287ee9d6e4be8d3ad850a3775704a13fafc8124b417

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Sun, 03 Apr 2016 14:43:55 GMT
server: nginx
etag: W/"57012c2b-288d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 May 2021 01:14:39 GMT

GET
H2 200 core.js Show response
www.gayout.com/media/system/js/ 10 KB
4 KB 380ms
236ms Script
application/javascript 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/media/system/js/core.js?43d8fe0c111e81693a3173e780f745ae
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: d29e434aba4c4232ab3a5f34382c7290b8a5b7c0a086b132ae174b18337bfac0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2017 12:20:08 GMT
server: nginx
etag: W/"59773778-298d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 May 2021 01:14:39 GMT

GET
H2 200 keepalive.js Show response
www.gayout.com/media/system/js/ 462 B
521 B 380ms
236ms Script
application/javascript 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/media/system/js/keepalive.js?43d8fe0c111e81693a3173e780f745ae
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 1df72eb0c6f570ba6c078ebea6e42747f7e11f68bcccdb8c528f85ef39d46df0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2017 12:20:08 GMT
server: nginx
etag: W/"59773778-1ce"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 May 2021 01:14:39 GMT

GET
H2 200 system.css
www.gayout.com/templates/system/css/ 894 B
627 B 332ms
189ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/templates/system/css/system.css
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: df1cf59e59e3cc010a299f228741409091156fe3bd8f515f5c224c274bffaa01

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2017 12:20:08 GMT
server: nginx
etag: W/"59773778-37e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 font-awesome.min.css
www.gayout.com/templates/gayout/css/ 27 KB
6 KB 329ms
186ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/templates/gayout/css/font-awesome.min.css
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 8bad011345c7f6c9ee570f2b4e7ba51141ced4be0c6e398a6bad2f3b418c9c98

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Mon, 19 Nov 2018 16:40:42 GMT
server: nginx
etag: W/"5bf2e78a-6b42"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 fonts.css
www.gayout.com/templates/gayout/css/ 1 KB
529 B 266ms
123ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/templates/gayout/css/fonts.css
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 306fe072a4cf3385af2a0c0185a8ec28771733ce3979d4408eb5175928472ea2

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Mon, 19 Nov 2018 16:05:18 GMT
server: nginx
etag: W/"5bf2df3e-5e0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 flaticon.css
www.gayout.com/templates/gayout/css/icons/ 5 KB
1 KB 267ms
124ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/templates/gayout/css/icons/flaticon.css
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: b2f427b81d2cd6b074915f5bdc52f4515aafa958e2a2537a605caf17ca9edc51

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Sun, 04 Mar 2018 14:27:05 GMT
server: nginx
etag: W/"5a9c0239-1223"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 content.css
www.gayout.com/templates/gayout/css/ 2 KB
1 KB 327ms
184ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/templates/gayout/css/content.css
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 2b670c5f91e41bfa94429a80aaec904559a5ab9190dc26438554faecbb8fb852

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Wed, 14 Jun 2017 14:23:04 GMT
server: nginx
etag: W/"594146c8-9b9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 template.css
www.gayout.com/templates/gayout/css/ 176 KB
25 KB 271ms
128ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/templates/gayout/css/template.css
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 66081d0b628a316284e2b57426aec191cb6e69a460c1a8f61858b9b9a443381f

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Thu, 28 Nov 2019 16:16:49 GMT
server: nginx
etag: W/"5ddff2f1-2be0e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 responsive.css
www.gayout.com/templates/gayout/css/ 27 KB
5 KB 332ms
190ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/templates/gayout/css/responsive.css
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 9c4462e34e859b745421af878add4a9e78e3ddbbe0d730c79869ee83411bf7d7

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:39 GMT
content-encoding: gzip
last-modified: Thu, 18 Oct 2018 12:47:18 GMT
server: nginx
etag: W/"5bc880d6-6d8d"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:39 GMT

GET
H2 200 the-x.png
www.gayout.com/images/gy/ 304 B
500 B 67ms
67ms Image
image/png 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gayout.com/images/gy/the-x.png
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 7fd555008b4626ecf82c670b00969ba1f8c5c1310e4cf6d912da101109901e4f

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Mon, 24 Apr 2017 13:42:47 GMT
server: nginx
etag: "58fe00d7-130"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 304
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 10 KB
4 KB 68ms
48ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=7978460a82155dc19

Requested by

Host: pt.gayout.com
URL: https://pt.gayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

0ad91aedc638626e212d21333328814116780f6007437038cfca563476108860

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3534
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:14:40 GMT

GET
H2 200 logo.png
www.gayout.com/images/gy/ 3 KB
4 KB 67ms
66ms Image
image/png 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gayout.com/images/gy/logo.png
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: fe1dacb40fad76401e1e41e8c911ccedb5acce94e18584a6b1514b14051b8fa4

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Mon, 24 Apr 2017 13:42:35 GMT
server: nginx
etag: "58fe00cb-d7b"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3451
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H2 200 802.jpg
www.gayout.com/images/gy/ 90 KB
90 KB 67ms
66ms Image
image/jpeg 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gayout.com/images/gy/802.jpg
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 1201774bc3b37cd32026b1432adede6e5a9b13fe32169fb927fbdd4344a30be0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Tue, 05 Jun 2018 12:49:44 GMT
server: nginx
etag: "5b1686e8-16699"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 91801
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H2 200 Baner300X300.jpg
www.gayout.com/images/banners/ 18 KB
18 KB 71ms
71ms Image
image/jpeg 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gayout.com/images/banners/Baner300X300.jpg
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 5fad309eeae83a13f2436c828cf286095fa9945e4049de765eb37e622a210692

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Mon, 24 Apr 2017 12:46:18 GMT
server: nginx
etag: "58fdf39a-4779"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18297
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H2 200 view@2x.png
assets.brandfolder.com/o546w0-6icsjc-a8n2i1/ 29 KB
30 KB 29ms
8ms Image
image/png 13.32.21.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.brandfolder.com/o546w0-6icsjc-a8n2i1/view@2x.png
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d13731bcc49e63e626a2afa902c0ff43260dd0014cb4eda405a5ceb50104c788

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:57:38 GMT
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f7.cloudfront.net (CloudFront)
last-modified: Mon, 04 Apr 2016 14:57:54 GMT
server: AmazonS3
age: 166623
etag: "2c7836933221ac2ffbbe77180329c57d"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31556926, public
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: image/png
content-length: 29816
x-amz-cf-id: 55HczPrGCeov7FRQII97sPcA2zwTafK50kqOosjNh8Fro0CXIqXRlg==

GET
H2 200 main.js Show response
www.gayout.com/templates/gayout/js/ 17 KB
5 KB 67ms
66ms Script
application/javascript 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/templates/gayout/js/main.js
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 86b44317b0f095ac70ae6cb4180f9089370c288eee724a522eee15b51ec74651

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 14:57:34 GMT
server: nginx
etag: W/"5e44125e-4465"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 May 2021 01:14:40 GMT

GET
H2 200 system.css
www.gayout.com/media/system/css/ 1 KB
754 B 66ms
66ms Stylesheet
text/css 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/media/system/css/system.css
Requested by: Host: www.gayout.com
URL: https://www.gayout.com/templates/system/css/system.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 2f3123bf5f118d15ce4217e6ff89fde5b67cc022b09e9f1bff1ea6e931b3a853

Request headers

Referer: https://www.gayout.com/templates/system/css/system.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: gzip
last-modified: Tue, 25 Jul 2017 12:20:08 GMT
server: nginx
etag: W/"59773778-5a6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
expires: Sat, 01 May 2021 01:14:40 GMT

GET
H2 200 OpenSans-Regular.woff2
www.gayout.com/templates/gayout/css/fonts/Regular/ 46 KB
46 KB 268ms
86ms Font
application/octet-stream 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/templates/gayout/css/fonts/Regular/OpenSans-Regular.woff2
Requested by: Host: www.gayout.com
URL: https://www.gayout.com/templates/gayout/css/fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3

Request headers

Origin: https://pt.gayout.com
Referer: https://www.gayout.com/templates/gayout/css/fonts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Tue, 24 Nov 2015 10:28:47 GMT
server: nginx
etag: "56543bdf-b7a8"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 47016
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H2 200 fontawesome-webfont.woff2
www.gayout.com/templates/gayout/fonts/ 65 KB
65 KB 426ms
251ms Font
application/octet-stream 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/templates/gayout/fonts/fontawesome-webfont.woff2
Requested by: Host: www.gayout.com
URL: https://www.gayout.com/templates/gayout/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Origin: https://pt.gayout.com
Referer: https://www.gayout.com/templates/gayout/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Tue, 29 May 2018 15:17:55 GMT
server: nginx
etag: "5b0d6f23-10440"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 66624
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H2 200 OpenSans-Light.woff2
www.gayout.com/templates/gayout/css/fonts/Light/ 45 KB
45 KB 426ms
251ms Font
application/octet-stream 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/templates/gayout/css/fonts/Light/OpenSans-Light.woff2
Requested by: Host: www.gayout.com
URL: https://www.gayout.com/templates/gayout/css/fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 1e2ca939c8ea6e474d75968c821c6b0e9a7d326dab593bb97478012372b20617

Request headers

Origin: https://pt.gayout.com
Referer: https://www.gayout.com/templates/gayout/css/fonts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Tue, 24 Nov 2015 10:28:47 GMT
server: nginx
etag: "56543bdf-b34c"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 45900
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H2 200 OpenSans-Bold.woff2
www.gayout.com/templates/gayout/css/fonts/Bold/ 46 KB
46 KB 422ms
248ms Font
application/octet-stream 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/templates/gayout/css/fonts/Bold/OpenSans-Bold.woff2
Requested by: Host: www.gayout.com
URL: https://www.gayout.com/templates/gayout/css/fonts.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f

Request headers

Origin: https://pt.gayout.com
Referer: https://www.gayout.com/templates/gayout/css/fonts.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Tue, 24 Nov 2015 10:28:47 GMT
server: nginx
etag: "56543bdf-b654"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 46676
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H2 200 cssrelpreload.js Show response
www.gayout.com/templates/gayout/js/ 3 KB
1 KB 67ms
66ms Script
application/javascript 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/templates/gayout/js/cssrelpreload.js
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 1508b61b9a8524b02dc7d4319beef03360dad50a8a926d70524ce8299de0015b

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: gzip
last-modified: Wed, 29 Nov 2017 11:45:30 GMT
server: nginx
etag: W/"5a1e9dda-bc9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 May 2021 01:14:40 GMT

GET
H2 200 queue.js Show response
tdns6.gtranslate.net/tdn-bin/ 19 KB
8 KB 77ms
60ms Script
application/javascript 2606:4700:3036::6815:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns6.gtranslate.net/tdn-bin/queue.js
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36e498023f54ada3cc1298e84f7f99078381b67f0cae4587903aeac4a2f6c6bb

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9JdKAGpYIifkWBLWZtg29g0E8pdFi86l1A79edjfmrpw9eg4vHAHKGeCZZGWyXzbOoza4R7Dg3q7pqfTsJvozFKhjYzbuML5mU9hJ5x%2BAnrZR7%2Bm52AS7ZtJHdr9A%2FBTWQ%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: no-cache
cf-ray: 647cea20ef1ad6cd-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c1f0a8900000d6cdd327c000000001

GET
H2

200

switcher.png
www.gayout.com/modules/mod_gtranslate/tmpl/lang/
Redirect Chain

https://pt.gayout.com/modules/mod_gtranslate/tmpl/lang/switcher.png
https://www.gayout.com/modules/mod_gtranslate/tmpl/lang/switcher.png

207 B
403 B

76ms
75ms

Image
image/png

212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gayout.com/modules/mod_gtranslate/tmpl/lang/switcher.png
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 8c2ad9254589a597b65dae284a6da49dbfe1e3c8e628b03b80883d980fb6435e

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Mon, 07 Dec 2020 18:33:34 GMT
server: nginx
etag: "5fce757e-cf"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 207
expires: Sun, 30 May 2021 01:14:40 GMT

Redirect headers

x-gt-redirect-reason: request is a static file
Date: Fri, 30 Apr 2021 01:14:40 GMT
Server: gtranslate
Connection: keep-alive
Content-Length: 166
Location: https://www.gayout.com/modules/mod_gtranslate/tmpl/lang/switcher.png
Content-Type: text/html

GET
H2

200

arrow_down.png
www.gayout.com/modules/mod_gtranslate/tmpl/lang/
Redirect Chain

https://pt.gayout.com/modules/mod_gtranslate/tmpl/lang/arrow_down.png
https://www.gayout.com/modules/mod_gtranslate/tmpl/lang/arrow_down.png

208 B
404 B

66ms
66ms

Image
image/png

212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gayout.com/modules/mod_gtranslate/tmpl/lang/arrow_down.png
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 068f35dd132804c7effcbca65f9398d34351339ed2fa7b20ef5e9a6221e76516

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Mon, 07 Dec 2020 18:33:34 GMT
server: nginx
etag: "5fce757e-d0"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 208
expires: Sun, 30 May 2021 01:14:40 GMT

Redirect headers

x-gt-redirect-reason: request is a static file
Date: Fri, 30 Apr 2021 01:14:40 GMT
Server: gtranslate
Connection: keep-alive
Content-Length: 166
Location: https://www.gayout.com/modules/mod_gtranslate/tmpl/lang/arrow_down.png
Content-Type: text/html

GET
H2 200 gtr16-flags.png
www.gayout.com/templates/gayout/images/ 9 KB
9 KB 66ms
66ms Image
image/png 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gayout.com/templates/gayout/images/gtr16-flags.png
Requested by: Host: www.gayout.com
URL: https://www.gayout.com/templates/gayout/css/template.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 7b21312f7ec23daab9ea38f39572a6b2cb31b93767196a8a50b6ca0c766a9015

Request headers

Referer: https://www.gayout.com/templates/gayout/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Mon, 04 Jun 2018 16:16:37 GMT
server: nginx
etag: "5b1565e5-245f"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9311
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H2 200 mainmenu-tri.png
www.gayout.com/templates/gayout/images/ 182 B
378 B 70ms
70ms Image
image/png 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gayout.com/templates/gayout/images/mainmenu-tri.png
Requested by: Host: www.gayout.com
URL: https://www.gayout.com/templates/gayout/css/template.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: e313793ceb1a3eee2e2e7226f49a199e1783e6692129ba718d10df4a4bedef3a

Request headers

Referer: https://www.gayout.com/templates/gayout/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Sun, 04 Sep 2016 18:30:33 GMT
server: nginx
etag: "57cc6849-b6"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 182
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H2 200 spritesheet.png
www.gayout.com/templates/gayout/images/ 23 KB
23 KB 69ms
69ms Image
image/png 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gayout.com/templates/gayout/images/spritesheet.png
Requested by: Host: www.gayout.com
URL: https://www.gayout.com/templates/gayout/css/template.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: d8a74aa94f15fb440bd0ba99eef7d3d01fa1a7ec4d1ff82f1d12367825e9e42e

Request headers

Referer: https://www.gayout.com/templates/gayout/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Mon, 04 Jun 2018 13:19:38 GMT
server: nginx
etag: "5b153c6a-5a89"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23177
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H2 200 loading.gif
www.gayout.com/templates/gayout/images/ 78 KB
78 KB 100ms
98ms Image
image/gif 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gayout.com/templates/gayout/images/loading.gif
Requested by: Host: www.gayout.com
URL: https://www.gayout.com/templates/gayout/css/template.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 48d85d17515cb7b8a4fd06feeb1609624014506eebfd4e404b1c7869f9599a56

Request headers

Referer: https://www.gayout.com/templates/gayout/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Mon, 26 Nov 2018 18:02:43 GMT
server: nginx
etag: "5bfc3543-136f7"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 79607
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H2 200 foot-pattern.jpg
www.gayout.com/templates/gayout/images/ 9 KB
10 KB 102ms
100ms Image
image/jpeg 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gayout.com/templates/gayout/images/foot-pattern.jpg
Requested by: Host: www.gayout.com
URL: https://www.gayout.com/templates/gayout/css/template.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 07f098f227e90d5e23b3a2a6728d43ed1ddb88c8b7a34f7503d3cc8db8cee216

Request headers

Referer: https://www.gayout.com/templates/gayout/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Sun, 04 Sep 2016 18:30:15 GMT
server: nginx
etag: "57cc6837-2536"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9526
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H2 200 gtr_flags.png
www.gayout.com/templates/gayout/images/ 19 KB
19 KB 102ms
100ms Image
image/png 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gayout.com/templates/gayout/images/gtr_flags.png
Requested by: Host: www.gayout.com
URL: https://www.gayout.com/templates/gayout/css/template.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 3a464fa24f8876f2fbbb6d451b681542134619c87ac46407ad533acbce159296

Request headers

Referer: https://www.gayout.com/templates/gayout/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Mon, 19 Nov 2018 17:05:15 GMT
server: nginx
etag: "5bf2ed4b-4ad2"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19154
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H2 200 icons-soci-foot.png
www.gayout.com/templates/gayout/images/ 1 KB
1 KB 100ms
100ms Image
image/png 212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gayout.com/templates/gayout/images/icons-soci-foot.png
Requested by: Host: www.gayout.com
URL: https://www.gayout.com/templates/gayout/css/template.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: db6a5336e2618c87434332fd2b694237d21dc5ffccc2286eb3b92fb50e16c748

Request headers

Referer: https://www.gayout.com/templates/gayout/css/template.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Sun, 04 Sep 2016 18:30:25 GMT
server: nginx
etag: "57cc6841-464"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1124
expires: Sun, 30 May 2021 01:14:40 GMT

GET
H3-29 200 cse_element__de.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 275 KB
90 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7978460a82155dc19

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0cdcf3224a18d66039b74a6a0c70977585d75d5ed67ba23a6b5eab8c0a2ba7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 19:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 19304
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92401
x-xss-protection: 0
expires: Fri, 29 Apr 2022 19:52:56 GMT

GET
H3-29 200 default+de.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
9 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7978460a82155dc19

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 18:04:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
age: 112199
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
expires: Thu, 28 Apr 2022 18:04:41 GMT

GET
H3-29 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
4 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7978460a82155dc19

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:37:44 GMT
x-content-type-options: nosniff
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
age: 2216
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4495
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:27:44 GMT

POST
H2 200 t Show response
translate.googleapis.com/translate_a/ 319 B
585 B 77ms
55ms XHR
application/json 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/t?anno=3&client=te_lib&format=html&v=1.0&key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw&logld=vTE_20170501_01&sl=auto&tl=lt&sp=nmt&tc=2&ctt=1&tk=8608.457769&mode=1

Requested by

Host: pt.gayout.com
URL: https://pt.gayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

b8116713667260246a9e6ed70800af53d7bd65657d59e3cb8e1e7bfecbdb21de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: lt
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:14:40 GMT

POST
H2 200 t Show response
translate.googleapis.com/translate_a/ 649 B
569 B 139ms
119ms XHR
application/json 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pt.gayout.com
URL: https://pt.gayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

8a3caa638ff4b4388666c6bb94d23deb22d69d7fa11620796400dd8f88c4e27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: sl
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 425
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:14:40 GMT

POST
H2 200 t Show response
translate.googleapis.com/translate_a/ 1 KB
874 B 207ms
192ms XHR
application/json 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pt.gayout.com
URL: https://pt.gayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

43d8a8bb1d35e7b56ac55df06b15dedbdc1b7fb77f16e2b964c0aa0f826c8b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: de
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 729
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:14:40 GMT

POST
H2 200 t Show response
translate.googleapis.com/translate_a/ 5 KB
2 KB 131ms
119ms XHR
application/json 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pt.gayout.com
URL: https://pt.gayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

5a80918362be428c3e2aff299d78f22bf0ccebb52242803598efd8683c89db96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: it
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2050
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:14:40 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 123 KB
43 KB 140ms
45ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: pt.gayout.com
URL: https://pt.gayout.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0dc25fa3b32fcdcb0c8d6960ce7a9ec11627d8769d78a0fcc5c8d06a8a4a757d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: br
last-modified: Thu, 29 Apr 2021 17:41:15 GMT
etag: "608a4fd7-abe7"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 44007
expires: Fri, 30 Apr 2021 02:14:40 GMT

GET
H/1.1 200
OK popup.html Show response
pt.gayout.com/plugins/system/jcemediabox/themes/standard/ 2 KB
891 B 154ms
153ms XHR
text/html 2001:41d0:203:98e7::888
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.gayout.com/plugins/system/jcemediabox/themes/standard/popup.html
Requested by: Host: www.gayout.com
URL: https://www.gayout.com/plugins/system/jcemediabox/js/jcemediabox.js?0c56fee23edfcb9fbdfe257623c5280e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:203:98e7::888 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: gtranslate /
Resource Hash: 6bb6c2b96f57c1ff39a6be65cdabfb069bb582428cf6dd990a4117bb1c1e228d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: pt.gayout.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Content-type: text/html; charset=UTF-8
Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: 90e87e50b67241fc459451a438c43ee9=b1dq63eu67ffbgstc6ahv9onv4
Connection: keep-alive
Referer: https://pt.gayout.com/
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://pt.gayout.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/html; charset=UTF-8

Response headers

x-gt-cache-status: BYPASS
Content-Encoding: gzip
last-modified: Wed, 31 Jan 2018 15:00:24 GMT
server: gtranslate
etag: W/"5a71da08-70a"
vary: Accept-Encoding
content-language: pt
cache-control: max-age=0, public
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html
date: Fri, 30 Apr 2021 01:14:40 GMT
expires: Fri, 30 Apr 2021 01:14:40 GMT

GET
H/1.1 200
OK tooltip.html Show response
pt.gayout.com/plugins/system/jcemediabox/themes/standard/ 932 B
742 B 479ms
478ms XHR
text/html 2001:41d0:203:98e7::888
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.gayout.com/plugins/system/jcemediabox/themes/standard/tooltip.html
Requested by: Host: www.gayout.com
URL: https://www.gayout.com/plugins/system/jcemediabox/js/jcemediabox.js?0c56fee23edfcb9fbdfe257623c5280e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:41d0:203:98e7::888 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: gtranslate /
Resource Hash: f56bda233baec82a67f1f5bbefc6be0a51c34a79a76230d1395334dc914830e0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: pt.gayout.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Content-type: text/html; charset=UTF-8
Accept: text/javascript, text/html, application/xml, text/xml, */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: 90e87e50b67241fc459451a438c43ee9=b1dq63eu67ffbgstc6ahv9onv4
Connection: keep-alive
Referer: https://pt.gayout.com/
Accept: text/javascript, text/html, application/xml, text/xml, */*
Referer: https://pt.gayout.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/html; charset=UTF-8

Response headers

x-gt-cache-status: BYPASS
Content-Encoding: gzip
last-modified: Wed, 31 Jan 2018 15:00:24 GMT
server: gtranslate
etag: W/"3be-56413bd249200-gzip"
vary: Accept-Encoding,User-Agent
content-language: pt
access-control-allow-origin: *
x-accel-version: 0.01
cache-control: max-age=0, public
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html
date: Fri, 30 Apr 2021 01:14:40 GMT
expires: Fri, 30 Apr 2021 01:14:40 GMT

GET
H3-29 200 async-ads.js Show response
cse.google.com/adsense/search/ 177 KB
62 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__de.js?usqp=CAI%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e51b8b0e1bd3964da2aa7ed33421f9df808a880cc6ba077cce99971e7efade4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "10395801431413339326"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:14:40 GMT

GET
H3-29 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/cse/static/element/323d4b81541ddb5b/default+de.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 21:29:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 186296
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1018
x-xss-protection: 0
expires: Wed, 27 Apr 2022 21:29:44 GMT

GET
H2 204 generate_204
www.googleapis.com/ 0
39 B 7ms
5ms Image
text/plain 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 204 generate_204
clients1.google.com/ 0
182 B 28ms
5ms Image
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3-29 200 save Show response
tdns6.gtranslate.net/tdn-bin/ 7 B
628 B 551ms
539ms XHR
text/plain 2606:4700:3036::6815:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns6.gtranslate.net/tdn-bin/save
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fK%2FYZGv%2Bu6LSvbWtY4RgV1anhkPWhE%2F3SuhQ5I4sModOhM1PT1%2FA7ke79jD6eOecZ081531ZsR165FxBDFm1%2Fbsb%2FupY4RLvLi2u5CZUq5xwHq6xJnv3T2iofDMjegJyJw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 647cea221cd74ed4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c1f0a94e00004ed43208b000000001

POST
H3-29 200 save Show response
tdns6.gtranslate.net/tdn-bin/ 7 B
660 B 458ms
458ms XHR
text/plain 2606:4700:3036::6815:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns6.gtranslate.net/tdn-bin/save
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ajehse7Hw3H2RI5BGZ7j4de9h52wbV7t2UxpbYXOF07YpWjix94okJb78xR3zIdLzKiPGgoZ7xIR0VWfrcr3gZGqtOTT1USqoU0AfH894zf0qgDBSC9Bn3llxA1EF%2B%2F2%2BA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 647cea225d254ed4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c1f0a97900004ed4ea307000000001

POST
H3-29 200 save Show response
tdns6.gtranslate.net/tdn-bin/ 7 B
630 B 507ms
507ms XHR
text/plain 2606:4700:3036::6815:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns6.gtranslate.net/tdn-bin/save
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lnZfwjzlwcDebzguJEAAJ9cLWrEUtS7byJ1duuZGXzI%2F07pgRduQmQktJQrdHQqt3VlPuN%2FVfRSr3oGkS4F8Lurt6fPcvlID8NqmjRH3ap%2BSMZphcCP02R%2FjGrkvNaen6g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 647cea225d274ed4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c1f0a97a00004ed4eb919000000001

POST
H3-29 200 save Show response
tdns6.gtranslate.net/tdn-bin/ 7 B
627 B 483ms
482ms XHR
text/plain 2606:4700:3036::6815:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns6.gtranslate.net/tdn-bin/save
Requested by: Host: pt.gayout.com
URL: https://pt.gayout.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pR5MHqwNKqja2UTqJGtebNuijiqPDGmwkxjuwfKfeG%2Bjb8REmGy1MfRKtFgfbChK47itdzmCdDanhWXCoo%2FyhX0v56UfAREBMdomRwZNolAK%2BJJXQQDH53zpx%2FHve3if5A%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 647cea22dd994ed4-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c1f0a9c300004ed44411e000000001

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9258.Y2IV-KfpanScHcNMZymROKD_VjLUpmmKeR6POlCV8D9pLoKjFOf1ZO8TbsXiILbH.k7ZoKyqPwbC75rVYc8l-s6w-VoM%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9258.kn9kV0wykWgw15SlI9D1o_Q7LtBxzvoozaQrzZrgPlvwSXOC6zZISM62pnbSDpm7bLw_5Z3mftySqXPSpn1mjg%2C%2C.iSA_jdUiLyf-BMSabhsH03WGqJA%2C

75 B
75 B

45ms
45ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9258.kn9kV0wykWgw15SlI9D1o_Q7LtBxzvoozaQrzZrgPlvwSXOC6zZISM62pnbSDpm7bLw_5Z3mftySqXPSpn1mjg%2C%2C.iSA_jdUiLyf-BMSabhsH03WGqJA%2C

Requested by

Host: pt.gayout.com
URL: https://pt.gayout.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9258.kn9kV0wykWgw15SlI9D1o_Q7LtBxzvoozaQrzZrgPlvwSXOC6zZISM62pnbSDpm7bLw_5Z3mftySqXPSpn1mjg%2C%2C.iSA_jdUiLyf-BMSabhsH03WGqJA%2C
date: Fri, 30 Apr 2021 01:14:40 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 45ms
45ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: pt.gayout.com
URL: https://pt.gayout.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Thu, 29 Apr 2021 17:41:15 GMT
etag: "608a4fd7-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 30 Apr 2021 02:14:40 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/36618640/
Redirect Chain

https://mc.yandex.com/watch/36618640?wmode=7&page-url=https%3A%2F%2Fpt.gayout.com%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A9451%3Afu%3A0%3Aen%3Autf-...
https://mc.yandex.com/watch/36618640/1?wmode=7&page-url=https%3A%2F%2Fpt.gayout.com%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A9451%3Afu%3A0%3Aen%3Aut...

203 B
284 B

46ms
45ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/36618640/1?wmode=7&page-url=https%3A%2F%2Fpt.gayout.com%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A9451%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A940723635842%3Ahid%3A648874735%3Az%3A120%3Ai%3A20210430031440%3Aet%3A1619745280%3Ac%3A1%3Arn%3A478852030%3Au%3A1619745280542247989%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1619745270677%3Ads%3A1%2C32%2C8908%2C13%2C1%2C0%2C%2C620%2C67%2C%2C%2C%2C9566%3Adsn%3A1%2C32%2C8907%2C13%2C1%2C0%2C%2C610%2C68%2C%2C%2C%2C9566%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1619745281%3At%3AGayOut%20-%20Mundo%20Gay%20Eventos

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

74fd0705ac2f2149261eb8cad89d6de0e865680a30a6c5a41ae58b1f2e691c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:40 GMT
x-content-type-options: nosniff
last-modified: Fri, 30-Apr-2021 01:14:40 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pt.gayout.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 203
x-xss-protection: 1; mode=block
expires: Fri, 30-Apr-2021 01:14:40 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:40 GMT
last-modified: Fri, 30-Apr-2021 01:14:40 GMT
location: /watch/36618640/1?wmode=7&page-url=https%3A%2F%2Fpt.gayout.com%2F&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A9451%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A940723635842%3Ahid%3A648874735%3Az%3A120%3Ai%3A20210430031440%3Aet%3A1619745280%3Ac%3A1%3Arn%3A478852030%3Au%3A1619745280542247989%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1619745270677%3Ads%3A1%2C32%2C8908%2C13%2C1%2C0%2C%2C620%2C67%2C%2C%2C%2C9566%3Adsn%3A1%2C32%2C8907%2C13%2C1%2C0%2C%2C610%2C68%2C%2C%2C%2C9566%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1619745281%3At%3AGayOut%20-%20Mundo%20Gay%20Eventos
strict-transport-security: max-age=31536000
access-control-allow-origin: https://pt.gayout.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 30-Apr-2021 01:14:40 GMT

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.4.0/ 389 KB
113 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.4.0/firebase.js

Requested by

Host: pt.gayout.com
URL: https://pt.gayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee4a08363fe42debed73dfe1674156f1f1131ae3aa3a54e22a2d33d845059726

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 10:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Sep 2017 23:29:37 GMT
server: sffe
age: 572928
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116044
x-xss-protection: 0
expires: Sat, 23 Apr 2022 10:05:54 GMT

GET
H2

200

joompush.js Show response
www.gayout.com/plugins/system/joompush/asset/js/
Redirect Chain

https://pt.gayout.com/plugins/system/joompush/asset/js/joompush.js
https://www.gayout.com/plugins/system/joompush/asset/js/joompush.js

2 KB
1 KB

67ms
66ms

Script
application/javascript

212.199.184.174
GOLDENLINES-ASN P...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gayout.com/plugins/system/joompush/asset/js/joompush.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.199.184.174 Yehud, Israel, ASN9116 (GOLDENLINES-ASN Partner Communications Main Autonomous System, IL),
Reverse DNS: actvserv2.spd.co.il
Software: nginx /
Resource Hash: 6dd9db5077d0b37a76cd13d0a547f03e0ec2bd141bce16a4552635e07500efb5

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:42 GMT
content-encoding: gzip
last-modified: Sun, 31 Dec 2017 10:57:48 GMT
server: nginx
etag: W/"5a48c2ac-7b9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
expires: Fri, 07 May 2021 01:14:42 GMT

Redirect headers

x-gt-redirect-reason: request is a static file
Date: Fri, 30 Apr 2021 01:14:42 GMT
Server: gtranslate
Connection: keep-alive
Content-Length: 166
Location: https://www.gayout.com/plugins/system/joompush/asset/js/joompush.js
Content-Type: text/html

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=googletranslate_loadapi

Requested by

Host: pt.gayout.com
URL: https://pt.gayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

98bc67564a6fc05f55ba7e8d5fc8c7c8a1d7aaeb10ef4660a2a184c65b06ce14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1876
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
3 KB 26ms
6ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googletranslate_loadapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:07:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 459
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 30 Apr 2021 02:07:03 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 4 KB
2 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: https://translate.google.com/translate_a/element.js?cb=googletranslate_loadapi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:05:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 567
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1673
x-xss-protection: 0
last-modified: Thu, 25 Feb 2021 22:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 30 Apr 2021 02:05:15 GMT

GET
H3-29 200 element_main.js Show response
translate.googleapis.com/element/TE_20210224_00/e/js/element/ 250 KB
89 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:56:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33500
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91310
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 18:08:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Apr 2022 15:56:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: pt.gayout.com
URL: https://pt.gayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5649
date: Thu, 29 Apr 2021 23:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 30 Apr 2021 01:40:33 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
15ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1548476869&t=pageview&_s=1&dl=https%3A%2F%2Fpt.gayout.com%2F&ul=en-us&de=UTF-8&dt=GayOut%20-%20Mundo%20Gay%20Eventos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=472041921&gjid=462603704&cid=535165903.1619745283&tid=UA-74463603-1&_gid=1429343435.1619745283&_r=1&_slc=1&z=989494556

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pt.gayout.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.gayout.com
URL: https://www.gayout.com/templates/gayout/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3df28cede092d9f3eb4ced65063bc126e298b7e03c1f587a3f42dadc6909dbfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48362
x-xss-protection: 0
server: cafe
etag: 11736008493392425597
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 01:14:42 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.gayout.com
URL: https://www.gayout.com/templates/gayout/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbe652fcac44a3ab78d9c897470e28204d3bc3a45db8ea6bbc945a25b371b9df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: pP8R66M0tKVcoZLDzKWiqg==
cross-origin-resource-policy: cross-origin
expires: Fri, 30 Apr 2021 01:27:03 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: Vv+atjQ7Grb+mEix/AqmiqXuH8qr+4J+M0B7JH3Cv4wYnK3Mv2dhzW4UObw11JiB+UHDXEFlVSe8KB+k7enEAQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 1856319df4f125a92c23942eb65ef5f0
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 30 Apr 2021 01:14:42 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "93e6c53a77c1d9ce570513e4a3236877"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK flexiproduct.js Show response
aff.bstatic.com/static/affiliate_base/js/ 6 KB
3 KB 85ms
26ms Script
application/javascript 5.57.16.90
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1619745282680

Requested by

Host: www.gayout.com
URL: https://www.gayout.com/templates/gayout/js/main.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

5.57.16.90 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

bstatic.com

Software

nginx /

Resource Hash

c553ef7271334af93285181e0b891ecc964712f12d02af54ecee9c58354c71e6

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:42 GMT
content-encoding: br
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-186e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
transfer-encoding: chunked
timing-allow-origin: *
nel: {"report_to":"default","max_age":600}
x-xss-protection: 1; mode=block
expires: Sun, 30 May 2021 01:14:42 GMT

GET
H3-29 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 43ms
33ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:55:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 91182
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Thu, 28 Apr 2022 23:55:00 GMT

GET
H3-29 200 translateelement.css
translate.googleapis.com/translate_static/css/ Frame 7EDC 18 KB
3 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/element/TE_20210224_00/e/js/element/element_main.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:07:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 460
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 30 Apr 2021 02:07:02 GMT

GET
H3-29 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
847 B 29ms
29ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 12:46:35 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 44887
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Fri, 29 Apr 2022 12:46:35 GMT

GET
H2 200 cleardot.gif
www.google.com/images/ 43 B
119 B 16ms
15ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/cleardot.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 22ms
21ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-74463603-1&cid=535165903.1619745283&jid=472041921&gjid=462603704&_gid=1429343435.1619745283&_u=IEBAAEAAAAAAAC~&z=1647222218

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 30 Apr 2021 01:14:42 GMT
content-type: text/plain
access-control-allow-origin: https://pt.gayout.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
66 B 17ms
16ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-74463603-1&cid=535165903.1619745283&jid=472041921&_u=IEBAAEAAAAAAAC~&z=1200162428

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-74463603-1&cid=535165903.1619745283&jid=472041921&_u=IEBAAEAAAAAAAC~&z=1200162428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 210 KB
62 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=a8486a3cc416c82c47b3e658f584c685&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6d6986042f8000e3874f8a3419c3500e6679691e157a01fe34cf5494c9f3505b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://pt.gayout.com
Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: H2rtcTZRRgrFcuX/+NdPIg==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 63587
x-fb-rlafr: 0
x-fb-debug: duXSbeBHs6zzqr/Nr9cMgMLKjx3Ef8IYA12QGJFxhCFNuLzphLj226baFefK+gEOtf2u1XL8AtcqlPpQ8TWn9w==
x-fb-content-md5: e21dc2b86b94d6fd8fd0a8ff3b58530b
x-frame-options: DENY
date: Fri, 30 Apr 2021 01:14:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "7b4b9a8b2af2ac6da5c65cbf065409c5"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Apr 2022 21:52:15 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/ 223 KB
82 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1047644867309294&plah=pt.gayout.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84347
x-xss-protection: 0
server: cafe
etag: 8033165652557143678
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 01:14:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/ Frame 1819 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210428/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pt.gayout.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pt.gayout.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 29 Apr 2021 01:17:06 GMT
expires: Thu, 13 May 2021 01:17:06 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 86256
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

flexiproduct.html Show response
www.booking.com/ Frame FF85
Redirect Chain

https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1319615&fid=1619745282920&
https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1131196&fid=1619745282920&

81 KB
33 KB

316ms
315ms

Document
text/html

37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1131196&fid=1619745282920&

Requested by

Host: aff.bstatic.com
URL: https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1619745282680

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

e325203bdd672c69aac90b9eda655efa937fb33a54f3e000a887bac34b80d20e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.booking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pt.gayout.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCo31hWlAsgY5ndt%2BtqEbU1MmUVlBz2VXpvyUX3VDFBVoOXoYbIWdnvvdJp6UUXCLm8EJIoCRw7wMRBd6POJ20bQKpiCsowmgkNGxWsdT8Rh5pC%2FD10p4BeToXj3Ko3CP1lFp%2Fo0Ma0KA0bxS874FEDS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pt.gayout.com/

Response headers

server: nginx
date: Fri, 30 Apr 2021 01:14:43 GMT
content-type: text/html; charset=UTF-8
content-length: 32881
cache-control: private
vary: User-Agent, Accept-Encoding
content-encoding: br
nel: {"report_to":"default","max_age":604800}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"group":"default","max_age":604800}
set-cookie: _pxhd=7b22f0e17e92f3891c499509a47c0bd040779d4a89ba5b29d7c6e2b64053a626%3A71c9d571-a951-11eb-9ea4-0f732407ce50; path=/; expires=Sat, 30-Apr-2022 01:14:43 GMT bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3WiMpUq167DmA36sydC6rjKg7GZtvHHxLc99X77RobGyBCtAnaYn9A7VLE6XL4wQjMOvz6igQaZ5hi7TclZJ8kaEfnDDVP3cvTEnwCssWwO5pCIOuaizCer9dlrfDT1yNAGJDoJenZB20MNy334e1Fm; domain=.booking.com; path=/; expires=Wed, 29-Apr-2026 01:14:43 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

server: nginx
date: Fri, 30 Apr 2021 01:14:43 GMT
transfer-encoding: chunked
location: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1131196&fid=1619745282920&
nel: {"report_to":"default","max_age":604800}
report-to: {"max_age":604800,"endpoints":[{"url":"https://nellie.booking.com/report"}],"group":"default"}
set-cookie: _pxhd=ac91e0b85a45a9f2195a3b0424742eef296a29189c7a1f22a38d6bd4b6edbdc1%3A71b05a01-a951-11eb-ad3c-85f4728b48d3; path=/; expires=Sat, 30-Apr-2022 01:14:43 GMT bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWznlSlRZNNCt3qxGtQsCkqapK6vQ%2B59p0%2Fo6ocaiogvJbjdT7GEmlzi1tLunHIEvDD0WJmQc1XMais1UVwdUN2ZaaN2bHCKH9mya8rPF2hiCI1exZo0chNjIku1SLlXT%2BsiV%2F9aifQ4U5q%2FJSSPPr%2Brv; domain=.booking.com; path=/; expires=Wed, 29-Apr-2026 01:14:43 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

flexiproduct.html Show response
www.booking.com/ Frame 249B
Redirect Chain

https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319615&fid=1619745282925&
https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&

82 KB
33 KB

241ms
241ms

Document
text/html

37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&

Requested by

Host: aff.bstatic.com
URL: https://aff.bstatic.com/static/affiliate_base/js/flexiproduct.js?v=1619745282680

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

0eb8759d1844e47b41a5d8b53180d86eef9e5f84836728d48ac0fd672cc257e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: www.booking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://pt.gayout.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCo31hWlAsgY5ndt%2BtqEbU1MmUVlBz2VXpvyUX3VDFBVoOXoYbIWdnvvdJp6UUXCLm8EJIoCRw7wMRBd6POJ20bQKpiCsowmgkNGxWsdT8Rh5pC%2FD10p4BeToXj3Ko3CP1lFp%2Fo0Ma0KA0bxS874FEDS
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pt.gayout.com/

Response headers

server: nginx
date: Fri, 30 Apr 2021 01:14:43 GMT
content-type: text/html; charset=UTF-8
content-length: 33117
cache-control: private
vary: Accept-Encoding, User-Agent
content-encoding: br
nel: {"report_to":"default","max_age":604800}
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://nellie.booking.com/report"}]}
set-cookie: _pxhd=2e3010d3c6b26d84a6b9fff4c739eff4b2cae15e56092a10bfeb3daa2e64fc70%3A71c9fc81-a951-11eb-8ca7-3d1157304c78; path=/; expires=Sat, 30-Apr-2022 01:14:43 GMT bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWzk%2FvPO5nhU0XnO5dVNJYlnybv1k8rRjlOUVC7M%2FI%2FZf3hHnuGJo4vAVL4OzctWF7vauHKdoo3s9vODmwuD3KY1wBWg54t3SyGkUlcLhSVwV%2Fuu3ofpWpixd4n963kBbTFHyrY0MC1JKJi3vgIUUvpZU; domain=.booking.com; path=/; expires=Wed, 29-Apr-2026 01:14:43 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

server: nginx
date: Fri, 30 Apr 2021 01:14:43 GMT
transfer-encoding: chunked
location: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&
nel: {"report_to":"default","max_age":604800}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":604800,"group":"default"}
set-cookie: _pxhd=0cb60eb58bc55762e6ecfd944dcc82f482506be302f3bac33aabc83b3762c126%3A71b08111-a951-11eb-8a94-e5ee6f244e14; path=/; expires=Sat, 30-Apr-2022 01:14:43 GMT bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCo31hWlAsgY5ndt%2BtqEbU1MmUVlBz2VXpvyUX3VDFBVoOXoYbIWdnvvdJp6UUXCLm8EJIoCRw7wMRBd6POJ20bQKpiCsowmgkNGxWsdT8Rh5pC%2FD10p4BeToXj3Ko3CP1lFp%2Fo0Ma0KA0bxS874FEDS; domain=.booking.com; path=/; expires=Wed, 29-Apr-2026 01:14:43 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3-29 200 l Show response
translate.googleapis.com/translate_a/ Frame FC64 3 KB
963 B 27ms
17ms Script
application/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LE1C4FHdym3BUJIycIE87g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-LE1C4FHdym3BUJIycIE87g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self', require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="TranslateApiHttp"
date: Fri, 30 Apr 2021 01:14:42 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"TranslateApiHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/TranslateApiHttp/external"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
260 B 15ms
15ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pt.gayout.com&callback=_gfp_s_&client=ca-pub-1047644867309294

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1047644867309294&plah=pt.gayout.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

69277104fbec1b4f46595f1189ac6ce4867c446c5874786c7feb59833e309977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
13ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=pt.gayout.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 01:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=pt.gayout.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 01:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
13ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpt.gayout.com%2F&tn=DIV&cls=top_strip&ign=false

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD9E 54 B
56 B 68ms
67ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1047644867309294&output=html&adk=1812271804&adf=3025194257&lmt=1619745279&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpt.gayout.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619745282895&bpp=17&bdt=3272&idt=113&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8388844495769&frm=20&pv=2&ga_vid=535165903.1619745283&ga_sid=1619745283&ga_hid=1548476869&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739392&oid=3&pvsid=2392059193750853&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=141

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1047644867309294&output=html&adk=1812271804&adf=3025194257&lmt=1619745279&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpt.gayout.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619745282895&bpp=17&bdt=3272&idt=113&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8388844495769&frm=20&pv=2&ga_vid=535165903.1619745283&ga_sid=1619745283&ga_hid=1548476869&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739392&oid=3&pvsid=2392059193750853&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=141
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pt.gayout.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pt.gayout.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Apr 2021 01:14:43 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Apr-2021 01:29:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Apr 2021 01:14:43 GMT
cache-control: private

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 25ms
24ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210428&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b05a70f3607a6dcb9571d123f91031794e73ad5faa79b08408fb3827b1e14b3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 01:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6964
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631702402874"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:14:43 GMT

GET
H2 200 page.php Show response
www.facebook.com/v3.2/plugins/ Frame BB36 57 KB
19 KB 76ms
75ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a8486a3cc416c82c47b3e658f584c685&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee7c80853b4bfaa20f8ac333212fe6331a351195bcf0740359b62081ca3a7407

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pt.gayout.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pt.gayout.com/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: c5CfHsPARgHb/XGhJa74X+2pONdNskx6JlGCGjVbFDwwXnVZRq7pvHJzTGxYy+2x2TZrBJ4XtcXm3GTF4H+z7w==
date: Fri, 30 Apr 2021 01:14:43 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/v3.2/plugins/ Frame 4182 47 KB
15 KB 82ms
79ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f9fe930c05714%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=1000&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a8486a3cc416c82c47b3e658f584c685&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

38d3a4c7ee48954e91f5f7b482b4e0d1d053339734cb5e5b820ca28416f96463

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f9fe930c05714%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=1000&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pt.gayout.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pt.gayout.com/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: xW3O/VecLkN4GXDnWsJMfna5d40dGnyFXzHaNt0ox7Fj4q2Pg8odx/K498HKfEYQFb/FTBdFB+MfD6/ZEgnoQw==
date: Fri, 30 Apr 2021 01:14:43 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5201 405 B
228 B 94ms
94ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1047644867309294&output=html&h=600&slotname=8873754962&adk=1402457258&adf=3846147594&pi=t.ma~as.8873754962&w=160&lmt=1619745279&psa=0&format=160x600&url=https%3A%2F%2Fpt.gayout.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619745282912&bpp=5&bdt=3289&idt=164&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8388844495769&frm=20&pv=1&ga_vid=535165903.1619745283&ga_sid=1619745283&ga_hid=1548476869&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739392&oid=3&pvsid=2392059193750853&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NEIo17qjyr&p=https%3A//pt.gayout.com&dtd=174

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

262d8e4b765c95725dbc801fef2c9d5f81f121a4c78fb34735a6da18aa3560ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1047644867309294&output=html&h=600&slotname=8873754962&adk=1402457258&adf=3846147594&pi=t.ma~as.8873754962&w=160&lmt=1619745279&psa=0&format=160x600&url=https%3A%2F%2Fpt.gayout.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619745282912&bpp=5&bdt=3289&idt=164&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8388844495769&frm=20&pv=1&ga_vid=535165903.1619745283&ga_sid=1619745283&ga_hid=1548476869&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739392&oid=3&pvsid=2392059193750853&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=NEIo17qjyr&p=https%3A//pt.gayout.com&dtd=174
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pt.gayout.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pt.gayout.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Apr 2021 01:14:43 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Apr-2021 01:29:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Apr 2021 01:14:43 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:14:43 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0B86 13 KB
7 KB 124ms
123ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1047644867309294&output=html&h=600&slotname=8873754962&adk=1402457258&adf=2694998385&pi=t.ma~as.8873754962&w=160&lmt=1619745279&psa=0&format=160x600&url=https%3A%2F%2Fpt.gayout.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619745282917&bpp=1&bdt=3294&idt=212&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8388844495769&frm=20&pv=1&ga_vid=535165903.1619745283&ga_sid=1619745283&ga_hid=1548476869&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1440&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739392&oid=3&pvsid=2392059193750853&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wmiLCwF9XO&p=https%3A//pt.gayout.com&dtd=227

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ab27ba665430dc53b5c11edb82abadc68c9d4694cf2c3e0b30d5943dfa05d6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1047644867309294&output=html&h=600&slotname=8873754962&adk=1402457258&adf=2694998385&pi=t.ma~as.8873754962&w=160&lmt=1619745279&psa=0&format=160x600&url=https%3A%2F%2Fpt.gayout.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619745282917&bpp=1&bdt=3294&idt=212&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8388844495769&frm=20&pv=1&ga_vid=535165903.1619745283&ga_sid=1619745283&ga_hid=1548476869&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1440&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739392&oid=3&pvsid=2392059193750853&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wmiLCwF9XO&p=https%3A//pt.gayout.com&dtd=227
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pt.gayout.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pt.gayout.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Apr 2021 01:14:43 GMT
server: cafe
content-length: 6724
x-xss-protection: 0
set-cookie: IDE=AHWqTUl9QRV7WpaGlznVeHzPa4cRuqNzi6Eif-iCCQbQo5BNcsc6LEiZgCq8IJN99cQ; expires=Wed, 25-May-2022 01:14:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Apr 2021 01:14:43 GMT
cache-control: private

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7674 12 KB
5 KB 18ms
17ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://pt.gayout.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pt.gayout.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 29 Apr 2021 22:01:38 GMT
expires: Fri, 29 Apr 2022 22:01:38 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11585
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 nYaMDT8QGXc.css
www.facebook.com/rsrc.php/v3/yS/l/0,cross/ Frame BB36 26 KB
6 KB 12ms
10ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yS/l/0,cross/nYaMDT8QGXc.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4682132ae5bf4666afaadcb480559335add334d8f99c7224bc863a03b56d03f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EjAOb/Tv34MCwrdNPyEgOg==
cross-origin-resource-policy: cross-origin
content-length: 6113
x-fb-rlafr: 0
x-fb-debug: TXDMyJuwHbIE9RL+8OUnp/RaW7RSryBfSIHMg4e+YD0+b5UtoHxGN/Vvk5fNDV0MT9pq8oug1Ft28q1OpyvTWA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Apr 2022 20:34:32 GMT

GET
H3-29 200 2sJZS5eGiyZ.js Show response
www.facebook.com/rsrc.php/v3/yo/r/ Frame BB36 292 KB
79 KB 12ms
10ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yo/r/2sJZS5eGiyZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8eb8e329fc4f6c74873ebc2dc761dd9f6cee6d2bd789dabce012eb18eee6f580

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lQ76UQqjPCTWLfL19gGiTg==
cross-origin-resource-policy: cross-origin
content-length: 81084
x-fb-rlafr: 0
x-fb-debug: ZBAsZXEDGTLfknZLpS4A09xlnFTvTJgfrf2O1PhknYaAFxMLKm9IM3YYk8Lxnfh69QV7O8kI7nzmMMAYtEtHPw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Apr 2022 23:09:29 GMT

GET
H3-29 200 -T_3VWEC8Ch.js Show response
www.facebook.com/rsrc.php/v3/yS/r/ Frame BB36 63 KB
19 KB 19ms
17ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yS/r/-T_3VWEC8Ch.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b37b99b0ba27589ff83639f4ab1b922e9fcdf3e695456a3aab0e6004fdd49f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 19:18:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: yIJfmpLhqviYATRcL7OHpQ==
cross-origin-resource-policy: cross-origin
content-length: 19634
x-fb-rlafr: 0
x-fb-debug: uN59wh/m8ixILvCLFRwAA/bEnkzCbT6AFfEjfZk+QBCy9pNZO7/RrVQvg9EcZZ0B6Aac3k/ZEz5n6TpUVTZElQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Apr 2022 19:18:47 GMT

GET
H3-29 200 N1Ujot6efHX.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yQ/l/en_US/ Frame BB36 128 KB
36 KB 19ms
17ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yQ/l/en_US/N1Ujot6efHX.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fddf9e42ec2c42150e0396945088c41b1291104d971e817b4a7551a6aee949e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:58:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: WwNmYOIR3n9K79uj4TWCaQ==
cross-origin-resource-policy: cross-origin
content-length: 36443
x-fb-rlafr: 0
x-fb-debug: a5Dm9fBGrfAYSqetss1TwUmf7R9i6oNlhUTWRoQJxC/HPjfkUSzv4YQTjLin+JuWyK8DPtLIC/wipePiw3oV5A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Apr 2022 15:58:29 GMT

GET
H3-29 200 KMa6-js1idc.js Show response
www.facebook.com/rsrc.php/v3iLl54/yN/l/en_US/ Frame BB36 33 KB
9 KB 19ms
17ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iLl54/yN/l/en_US/KMa6-js1idc.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e93c890255c2f00e56e0f1d83af4c08fd4456f8e2ae064f04c1d944ebb5ae26b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 18:12:31 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BugT2GA+FK1ULXN+N8Xqsw==
cross-origin-resource-policy: cross-origin
content-length: 9028
x-fb-rlafr: 0
x-fb-debug: 3/lOK30nOX8CEtbqlmUA64M6aXafD+/UiBup/ly6NIJNhQcO6nBwhclODBtNaKOf0098eCsyYzQUntM6XOPv1w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 22 Apr 2022 18:12:31 GMT

GET
H3-29 200 GveJc-W4OaU.js Show response
www.facebook.com/rsrc.php/v3/y3/r/ Frame BB36 153 KB
45 KB 20ms
17ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y3/r/GveJc-W4OaU.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cc8800adb1f4c227266b1b8ec0ab889d33b7d328f58f61b56b51da24254bf668

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 08:40:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KXk7t+o3cGfR8pWSpyGaMQ==
cross-origin-resource-policy: cross-origin
content-length: 46275
x-fb-rlafr: 0
x-fb-debug: nIOEWtxSVYyAQVQxlKEEnFgpMSKIKjix/YkIQN+w5ncNfWAgmc6WuyVXOtbX4qSEzoOYw3Om79OWecoKEMDFqQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Apr 2022 08:40:06 GMT

GET
H3-29 200 oYH4_Q4OBVP.js Show response
www.facebook.com/rsrc.php/v3/y3/r/ Frame BB36 5 KB
2 KB 20ms
18ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y3/r/oYH4_Q4OBVP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fdbb995458f6b6f28ba8ad20b662687f9b83edb8f74034f7243161086e7e54cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 10:01:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SNHyGmMRoqgA28EMocpyhA==
cross-origin-resource-policy: cross-origin
content-length: 1723
x-fb-rlafr: 0
x-fb-debug: +yM7DVaYIyWUjA7XBjm/WkchCZ/Aon/PS25O0Vqp92ZIvACWC8Y/QlnZ11TaOsAD9OPreE+yBhtbm3AzCh4Iyg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 26 Apr 2022 10:01:44 GMT

GET
H3-29 200 X0zaXtEr1Mw.js Show response
www.facebook.com/rsrc.php/v3/yT/r/ Frame BB36 9 KB
2 KB 20ms
18ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yT/r/X0zaXtEr1Mw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b25035aa09ac461e3e822e9206e4ae48ce81b7a2dc0062e0ca66288a1c630156

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 18:43:33 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5frdhaI2QBHURlNBgnqAfw==
cross-origin-resource-policy: cross-origin
content-length: 2493
x-fb-rlafr: 0
x-fb-debug: 2983RMSkBUOtIvGOBVYquHJcu7nLcnXjXv6DWYCxi96zCzHtfDxaU5OvswWg0BG+Cjjmu8S8dgF5TNVOuNaZIA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 22 Apr 2022 18:43:33 GMT

GET
H2 200 1919340_1020466861360394_8468627804464207354_n.jpg
scontent-frt3-2.xx.fbcdn.net/v/t1.18169-0/p118x118/ Frame BB36 8 KB
8 KB 12ms
7ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-2.xx.fbcdn.net/v/t1.18169-0/p118x118/1919340_1020466861360394_8468627804464207354_n.jpg?_nc_cat=110&ccb=1-3&_nc_sid=dd9801&_nc_ohc=VlO0TjqjnG8AX9e4pre&_nc_ht=scontent-frt3-2.xx&tp=6&oh=206e042ffd6fc8ea0c225781fb99d011&oe=60B1000E
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1e48ccaeb0b414ddcb1c8747d88e73b01acb5c91e28bfe435cec90f8286e12d2

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 2752153171
date: Fri, 30 Apr 2021 01:14:43 GMT
x-fb-trip-id: 686109401
last-modified: Wed, 16 Mar 2016 19:33:34 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3744863379
x-fb-config-version-olb-prod: 1085
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 7996

GET
H2 200 1610023_1020466794693734_7379556211068893308_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/ Frame BB36 1 KB
1 KB 24ms
6ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/1610023_1020466794693734_7379556211068893308_n.jpg?_nc_cat=106&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=4Xh7Lm0LndQAX8g9Uiu&_nc_ht=scontent-frt3-1.xx&tp=27&oh=6e181aea69787f32f0e2b9d2a582f57a&oe=60B29014
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 44bf1129f8652cba83be2b878b72a564546f518a65ffd5483100e251415434f6

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1326156091
date: Fri, 30 Apr 2021 01:14:43 GMT
x-fb-trip-id: 686109401
last-modified: Wed, 16 Mar 2016 19:33:27 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3038325868
x-fb-config-version-olb-prod: 1088
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1122

GET
H3-29 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 4182 400 B
449 B 35ms
10ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f9fe930c05714%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=1000&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f9fe930c05714%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=1000&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: KASiXt3PX7nPgje7J4l5ABied9/uc3azD/KFHbLLtzeppCOVn3YN7PyrlmZqapdF3YYLaDijfr1eyYxu4akihg==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 27 Apr 2021 15:55:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 400
timing-allow-origin: *
priority: u=3,i
x-fb-rlafr: 0
expires: Wed, 27 Apr 2022 15:55:46 GMT

GET
H3-29 200 Ov8rT2MwGUP.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yP/l/en_US/ Frame 4182 503 KB
132 KB 36ms
8ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yP/l/en_US/Ov8rT2MwGUP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

35b67e0ec44bd86e5620e51324db8658e993518232abc2334334fb3b2eefce5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f9fe930c05714%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=1000&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:45:41 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pi+h16y3CedBR9ciLv75HQ==
cross-origin-resource-policy: cross-origin
content-length: 134788
x-fb-rlafr: 0
x-fb-debug: cUdpcttIjjVi5AlJLgllUFMSYAu3mDdAM5dwd6QC3iRsN4MbmiXDzb81HcFgxsRm0xgvw1ybsB5SOfR6NHNO7g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Apr 2022 20:45:41 GMT

GET
H3-29 200 ApcBOUT5FoS.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame BB36 573 B
623 B 8ms
6ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/ApcBOUT5FoS.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/l/0,cross/nYaMDT8QGXc.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yS/l/0,cross/nYaMDT8QGXc.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: ZnZiUKvlmlsy0Wj9fbOT4YCGgfQheQHC5TomoMcl9XW9dKhgxmJKp4Uh4IwOk9v8Gi7Vx6dtvy4fesmqFIewHQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: Y/eW3MWFNJnkcpEqoXzG3Q==
date: Wed, 28 Apr 2021 18:33:43 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 573
x-fb-rlafr: 0
expires: Thu, 28 Apr 2022 18:33:43 GMT

GET
H3-29 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame BB36 74 KB
18 KB 223ms
223ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts%22%2C%22width%22%3A300%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Atrue%2C%22has_adapt_container_width%22%3Afalse%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Atrue%2C%22referer_uri%22%3A%22https%3A%2F%2Fpt.gayout.com%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7wKBz84e1QyUbFp62-m1FwAxu13wqovzEdEc8uwdK4o6O0TUhwem0nCq1ewcG0KE33wooa81Vrzo5-0me0sy0SU2swdq0Ho2ew2MoG&__csr=&__req=1&__beoa=0&__pc=PHASED%3Aplugin_default_pkg&__bhv=2&dpr=1&__ccg=EXCELLENT&__rev=1003708631&__s=%3A%3Aws0uwk&__hsi=6956753019791012813-0&__comet_req=0&locale=en_US&__sp=1

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yQ/l/en_US/N1Ujot6efHX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

658037f76d909f3aaf6fe497687126ab3a5f85473a46fd14357adfb14ed70c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: EehfD/xsx9+awXveP06pZ0Z5AM/bRqCIVe2WiewZoqKFf2tUgqGHI3awAXGbr2B2DKuFU99aqYmGwKA3SeZU9A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 30 Apr 2021 01:14:43 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame BB36 138 B
144 B 48ms
48ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yQ/l/en_US/N1Ujot6efHX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

86e0bf23359d374db6b612dfb616cdc7b3df54a9f3288c27341e93c90b26d9be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: nW/NdrgbfffmfrSERqClgbQ7hpZi1KDXUYdHbWqnRt2N7iE5ayOJ/49IebPdfIgpxbpFjU6TT6QxZKsNq+NF8g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 30 Apr 2021 01:14:43 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
vary: Origin, Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H3-29 200 3gKIw20zpPx.js Show response
www.facebook.com/rsrc.php/v3/yc/r/ Frame BB36 18 KB
6 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yc/r/3gKIw20zpPx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yo/r/2sJZS5eGiyZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

732f2d6e7767e7978cf70554aec8f7b40d5d6da4b601e528f136473c1b965c93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 18:10:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: +WweuYtea66RPAEX0Vl2fg==
cross-origin-resource-policy: cross-origin
content-length: 5954
x-fb-rlafr: 0
x-fb-debug: 4+/Mlcr1cGQfQTaLa4j50NLAAXM0lOOzKk6+xI2vZCR+RLayL+KkRxPxSPHdBu9Z6rALfEITQKFBFekm9iHUAw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Apr 2022 18:10:43 GMT

GET
H3-29 200 JopZtdti8dq.js Show response
www.facebook.com/rsrc.php/v3/y_/r/ Frame BB36 7 KB
2 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yo/r/2sJZS5eGiyZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 18:15:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mTMNw9OoY8KLmzHcqJmeVA==
cross-origin-resource-policy: cross-origin
content-length: 2270
x-fb-rlafr: 0
x-fb-debug: XgN3PD/Zhxk84gdpDIxQrwsSvyHR+ZSRKTvxEfDplsP1SBJNdIuDi88aniOu/Rwp0u8A3yQRe6Xhtc1BA2+W2g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 22 Apr 2022 18:15:35 GMT

GET
H3-29 200 onuUJj0tCqE.png
www.facebook.com/rsrc.php/v3/y2/r/ Frame BB36 4 KB
4 KB 7ms
6ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y2/r/onuUJj0tCqE.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/l/0,cross/nYaMDT8QGXc.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yS/l/0,cross/nYaMDT8QGXc.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 0leS92ApMpmipr73vwJS8kc5axX5XwNHImg9sSxYVpVISZ0ZA4eowcWkvAgLlnl/mPYJkrfDSMO+5REO5XvIiA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: OK0dmVpVmdoMRpKMP9eDcg==
date: Tue, 20 Apr 2021 02:21:24 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 3944
x-fb-rlafr: 0
expires: Wed, 20 Apr 2022 02:21:24 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 0B86 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1047644867309294&output=html&h=600&slotname=8873754962&adk=1402457258&adf=2694998385&pi=t.ma~as.8873754962&w=160&lmt=1619745279&psa=0&format=160x600&url=https%3A%2F%2Fpt.gayout.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619745282917&bpp=1&bdt=3294&idt=212&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8388844495769&frm=20&pv=1&ga_vid=535165903.1619745283&ga_sid=1619745283&ga_hid=1548476869&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1440&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739392&oid=3&pvsid=2392059193750853&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wmiLCwF9XO&p=https%3A//pt.gayout.com&dtd=227

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 00:58:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 961
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 00:58:42 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0B86 116 KB
35 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631691980669"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36080
x-xss-protection: 0
expires: Fri, 30 Apr 2021 01:14:43 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 0B86 13 KB
5 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:04:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 626
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 01:04:17 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0B86 0
0 19ms
18ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXeB-A1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJQBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELNGYgNLXXo_N0_b9esUmb4R9OoAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAGACgH6CwIIAYAMAbIXGAoWEhRwdWItMTA0NzY0NDg2NzMwOTI5NA&sigh=m4ukKCQJ8ig

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1047644867309294&output=html&h=600&slotname=8873754962&adk=1402457258&adf=2694998385&pi=t.ma~as.8873754962&w=160&lmt=1619745279&psa=0&format=160x600&url=https%3A%2F%2Fpt.gayout.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619745282917&bpp=1&bdt=3294&idt=212&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8388844495769&frm=20&pv=1&ga_vid=535165903.1619745283&ga_sid=1619745283&ga_hid=1548476869&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1440&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739392&oid=3&pvsid=2392059193750853&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wmiLCwF9XO&p=https%3A//pt.gayout.com&dtd=227
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 30 Apr 2021 01:14:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 0B86 0
0 36ms
20ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j13s5brvp35k4w4nkxhzjxvc6nvqkfkmdgm62hn76whdpyxr97bqp1e854fcefhf69zrv5jha87118bwpy6cvtnksz8q698303p67z6a10x2ewskvb5hzpbaen43zc37v6feh7yrnvyd4etmn5e0gq8seed5jedv6myh8rvgv8qw3k6tybhw4hd4yt1vanye1gjfh65ckw63rdcb1xdev3nmp3vytj6azs87qtb2495tbe1mcx3q5e16c3g95fkg6hgqtetefkx2kazegg6ay75njsjsxsb74z98k9bm0mhes2ss4drawz9nbd6663g8n1ysp5jvw3bjkjwc8d46tzwdjqk1wsk8q636zc1ycgb951xhednnz99rzedy3hp57dxw1caqq5kek0b&b=YItaAwACck8IEdx1AAQI4QjNwDLT2vUMOVpX_g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1047644867309294&output=html&h=600&slotname=8873754962&adk=1402457258&adf=2694998385&pi=t.ma~as.8873754962&w=160&lmt=1619745279&psa=0&format=160x600&url=https%3A%2F%2Fpt.gayout.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619745282917&bpp=1&bdt=3294&idt=212&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C160x600&nras=1&correlator=8388844495769&frm=20&pv=1&ga_vid=535165903.1619745283&ga_sid=1619745283&ga_hid=1548476869&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1440&ady=464&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739392&oid=3&pvsid=2392059193750853&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wmiLCwF9XO&p=https%3A//pt.gayout.com&dtd=227
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 30 Apr 2021 01:14:43 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame 70CF 2 KB
2 KB 44ms
22ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1gjam1m5cfbpc2vm0gtb49k05nej8tyb973q7s6wyyhh9gts968ts1s9ayhhcxrceg6t3y6en11czav2rsbb15sswq3chhpb1pwgk9ss3yc964k2m852pxgh9rvcnhqvp7t6404h4prtykan8n9j2y7mqtkdhvckde85ab1wys4ppc8fqn81b4ymc2t3meybtwncp21gvj0hftt33rtma5m754fnkm0j2cep897sme18p7rc2aw23rgfvvcbg1aqe50q77x7stm79524dtdyn2jmh1v7kdkgfed37jssjbafgkb2m4mk6fwjvbxk6hkd4ex0xyc1k9hdbsmqdpaq1e82ghjsnc5mm926cepcns142yt82bf98z5zdpe1g7v0jwczd84mq8fgmejxf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%26client%3Dca-pub-1047644867309294%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d362fbce016fbd671f5d81d5f15dc8105990df64eae32d71ce02b6fb538f2e83

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1gjam1m5cfbpc2vm0gtb49k05nej8tyb973q7s6wyyhh9gts968ts1s9ayhhcxrceg6t3y6en11czav2rsbb15sswq3chhpb1pwgk9ss3yc964k2m852pxgh9rvcnhqvp7t6404h4prtykan8n9j2y7mqtkdhvckde85ab1wys4ppc8fqn81b4ymc2t3meybtwncp21gvj0hftt33rtma5m754fnkm0j2cep897sme18p7rc2aw23rgfvvcbg1aqe50q77x7stm79524dtdyn2jmh1v7kdkgfed37jssjbafgkb2m4mk6fwjvbxk6hkd4ex0xyc1k9hdbsmqdpaq1e82ghjsnc5mm926cepcns142yt82bf98z5zdpe1g7v0jwczd84mq8fgmejxf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%26client%3Dca-pub-1047644867309294%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Fri, 30 Apr 2021 01:14:43 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dc78a7f63b80b05bb1e1fa17afb02f0ee1619745283; expires=Sun, 30-May-21 01:14:43 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09c1f0b62800004e2085a24000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 647cea36afa94e20-FRA
content-encoding: br

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7137 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 29 Apr 2021 03:14:09 GMT
expires: Fri, 30 Apr 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 79234
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 4182 67 B
101 B 56ms
54ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1619745283245&t_start=1619745283246&t_domcontent=1619745283253&t_layout=1619745283614&t_onload=1619745283614&t_paint=1619745283614&t_creport=1619745283614&t_tti=1619745283253&lid=6956753019770889890-0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2f9fe930c05714%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=1000&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: VBx+5EfHYw7iIVUGdpEVrTLOPewWLgMN9OCOUoQ4YbkS4xPP1XfhwnPpKJLWZewVVVFAK6GIFXwTewNi8bqsUg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 30 Apr 2021 01:14:43 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 82b674edb949dddf78e02d76e8593771bf2e85d5.css
cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/ Frame 249B 1 KB
1023 B 97ms
38ms Stylesheet
text/css 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 07:16:21 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1101502
via: 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jun 2020 14:42:31 GMT
server: nginx
etag: W/"5eda59d7-51a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
timing-allow-origin: *
x-amz-cf-id: Agp_zhMXS0zOBSoaz7S6_E-bZojyqLhmcnJNpqu2MHvulYPB_drd6w==
expires: Mon, 17 May 2021 07:16:21 GMT

GET
H2 200 f6d29e089da85314827d24b5e412d273b710cf84.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/ Frame 249B 11 KB
3 KB 85ms
27ms Stylesheet
text/css 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/f6d29e089da85314827d24b5e412d273b710cf84.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 01:46:29 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1380494
via: 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jun 2020 10:23:33 GMT
server: nginx
etag: W/"5eda1d25-2ae3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
timing-allow-origin: *
x-amz-cf-id: hfn7nygBdV3D1E0-G3n4PgDEdh4RjiTDqhhF-L1xj1laz-m0M2WGBw==
expires: Fri, 14 May 2021 01:46:29 GMT

GET
H2 200 0579e1e4d20e28f92adaba484f8f11a42e2b5e68.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/ Frame 249B 13 KB
3 KB 86ms
28ms Stylesheet
text/css 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/0579e1e4d20e28f92adaba484f8f11a42e2b5e68.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0fe3b9faabb14dd0bf83ae0848aa86f1520857f00c96913cc1217bd04909da12

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 19:15:58 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1749525
via: 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:19 GMT
server: nginx
etag: W/"5cadd1af-32e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
timing-allow-origin: *
x-amz-cf-id: yViYHBfbbLp-3VjgrrJUJsuTqaq90VKJ6ddwnTQ9JfbhIajChDTPSw==
expires: Sun, 09 May 2021 19:15:58 GMT

GET
H2 200 3eb8e6d9f9a04e3583a9e8d949a559d3fad5c8c4.css
cf.bstatic.com/static/affiliate_base/css/flexi_product_nsb/ Frame 249B 952 B
1 KB 87ms
29ms Stylesheet
text/css 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_product_nsb/3eb8e6d9f9a04e3583a9e8d949a559d3fad5c8c4.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

601642ecd5e7a89187e12278ef792ecfe176c4553f7dc792557177a4048488e2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 07:39:00 GMT
via: 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 2136943
x-cache: Hit from cloudfront
content-length: 952
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:19 GMT
server: nginx
etag: "5cadd1af-3b8"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: bK8Y2GkA8Avxrdt1ELnp9ufj2D92dLrrh6KjIYQCmk7PtJS36WSMgQ==
expires: Wed, 05 May 2021 07:39:00 GMT

GET
H2 200 9b95c8f8556f53ebdf1ace61524be9dfa897bd74.png
cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_w/ Frame 249B 3 KB
4 KB 22ms
15ms Image
image/png 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_w/9b95c8f8556f53ebdf1ace61524be9dfa897bd74.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0df292ee46eebb53fcf4d98f8735c3cb035e55f7419c68d3f5b2d9af07380a14

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 15:40:59 GMT
via: 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 1935224
x-cache: Hit from cloudfront
content-length: 3542
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:49 GMT
server: nginx
etag: "5cadd1cd-dd6"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 2Ode-r7tqLmXkKMsjaUTCXbqYmDjrvb6t1KdTl1nceiiOzAzto2nVg==
expires: Fri, 07 May 2021 15:40:59 GMT

GET
H2 200 d921325c549b7c5d197f767be9c4ebad94046935.png
cf.bstatic.com/static/img/affiliate_base/flexi/usp_icon_light_blue/ Frame 249B 1 KB
2 KB 22ms
14ms Image
image/png 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/affiliate_base/flexi/usp_icon_light_blue/d921325c549b7c5d197f767be9c4ebad94046935.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7aaa857b8b8ebbb1203e9d8a23fa4250859cb3ee59377f9e3da779e796d2794e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 14:03:23 GMT
via: 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 1768280
x-cache: Hit from cloudfront
content-length: 1232
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:50 GMT
server: nginx
etag: "5cadd1ce-4d0"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: eGQE_CKNaY66FseO8jZbKyaZGj1G8aHM4zVwcHhipOq2WehHeADEvw==
expires: Sun, 09 May 2021 14:03:23 GMT

GET
H2 200 2e1059de66c6a928c4ea7e843b9ffbd51cc3e15d.js Show response
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/ Frame 249B 123 KB
40 KB 98ms
41ms Script
application/javascript 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/2e1059de66c6a928c4ea7e843b9ffbd51cc3e15d.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0b01b0858503cb5946f0c5c1b7c59a3be705eab43b2c6ce1526a7a7509ac63b9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:57:51 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1930612
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-1ecfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
timing-allow-origin: *
x-amz-cf-id: BQwTnfr5l-q0XVsDh3hqQng35YLT_DSd5lm6_R4APspaiqQa17uMOg==
expires: Fri, 07 May 2021 16:57:51 GMT

GET
H2 200 eb78197b2eee9a032c319d91a6e1c581e295f284.js Show response
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/ Frame 249B 33 KB
11 KB 97ms
40ms Script
application/javascript 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/eb78197b2eee9a032c319d91a6e1c581e295f284.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 17:40:53 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1236830
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-84eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
timing-allow-origin: *
x-amz-cf-id: ph55QzzOGNKHYE5LPTf4ebZ0XLFyydLDnlOWR3WRdR9qIoFR5wNAGQ==
expires: Sat, 15 May 2021 17:40:53 GMT

GET
H2 200 a620a252f1d0110ab972e81348133431e8486098.js Show response
cf.bstatic.com/static/affiliate_base/js/flexi_nsb_cloudfront_sd/ Frame 249B 2 KB
1 KB 26ms
18ms Script
application/javascript 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexi_nsb_cloudfront_sd/a620a252f1d0110ab972e81348133431e8486098.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9afc14c1ac2584619b29bf2232f3ddd9da032d3acdf769e48ff7736f55a16e4e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 15:22:47 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1504316
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-903"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
timing-allow-origin: *
x-amz-cf-id: HKtR1WeCic1w6AdMLDMuFUvs0x1GiWvtGMYyPWNnbNAL7vvxkAZFsA==
expires: Wed, 12 May 2021 15:22:47 GMT

GET
H2 200 7e03f1178ca725d97fdd726255c96b3e71b660d2.js Show response
cf.bstatic.com/static/affiliate_base/js/flexi_responsive_cloudfront_sd/ Frame 249B 392 B
975 B 29ms
21ms Script
application/javascript 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexi_responsive_cloudfront_sd/7e03f1178ca725d97fdd726255c96b3e71b660d2.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=100%25&h=auto&lang=en-US&aid=1319635&target_aid=1319635&fid=1619745282925&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ec9e5f73690e9e6f199bdb463ce1ecd83960019884fdef77d916c3a8aa14a76e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 11:15:23 GMT
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 1346360
x-cache: Hit from cloudfront
content-length: 392
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: "5e39454a-188"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: K2uELd20Imb4DMp17uIgBHGwQGc71GspyBWBlkbQ2pgzwzAu15WnIA==
expires: Fri, 14 May 2021 11:15:23 GMT

GET
H2 200 82b674edb949dddf78e02d76e8593771bf2e85d5.css
cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/ Frame FF85 1 KB
1016 B 73ms
26ms Stylesheet
text/css 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1131196&fid=1619745282920&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 17 Apr 2021 07:16:21 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1101502
via: 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jun 2020 14:42:31 GMT
server: nginx
etag: W/"5eda59d7-51a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
timing-allow-origin: *
x-amz-cf-id: 6lzRBOPRkQC93XXr1gGYg6uXWPHBw-Q3QSbBLcZiWv97hYJjhGp4xg==
expires: Mon, 17 May 2021 07:16:21 GMT

GET
H2 200 f6d29e089da85314827d24b5e412d273b710cf84.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/ Frame FF85 11 KB
3 KB 77ms
39ms Stylesheet
text/css 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_common_base_cloudfront_sd/f6d29e089da85314827d24b5e412d273b710cf84.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1131196&fid=1619745282920&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 01:46:29 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1380494
via: 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jun 2020 10:23:33 GMT
server: nginx
etag: W/"5eda1d25-2ae3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
timing-allow-origin: *
x-amz-cf-id: NpJ6NyYeEDl1NqBvtjcIKqTs2nk_uMl2goGtBHHU2hnbHDaMb_sE7Q==
expires: Fri, 14 May 2021 01:46:29 GMT

GET
H2 200 0579e1e4d20e28f92adaba484f8f11a42e2b5e68.css
cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/ Frame FF85 13 KB
3 KB 76ms
38ms Stylesheet
text/css 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_common_elems_cloudfront_sd/0579e1e4d20e28f92adaba484f8f11a42e2b5e68.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1131196&fid=1619745282920&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0fe3b9faabb14dd0bf83ae0848aa86f1520857f00c96913cc1217bd04909da12

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 09 Apr 2021 19:15:58 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1749525
via: 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:19 GMT
server: nginx
etag: W/"5cadd1af-32e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
timing-allow-origin: *
x-amz-cf-id: VzH8Brl7jGG7MTf6KNiKqEjceESCllpxverkVq35EzxZLiVwaf_WPA==
expires: Sun, 09 May 2021 19:15:58 GMT

GET
H2 200 3eb8e6d9f9a04e3583a9e8d949a559d3fad5c8c4.css
cf.bstatic.com/static/affiliate_base/css/flexi_product_nsb/ Frame FF85 952 B
1 KB 73ms
37ms Stylesheet
text/css 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/css/flexi_product_nsb/3eb8e6d9f9a04e3583a9e8d949a559d3fad5c8c4.css

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1131196&fid=1619745282920&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

601642ecd5e7a89187e12278ef792ecfe176c4553f7dc792557177a4048488e2

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 07:39:00 GMT
via: 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 2136943
x-cache: Hit from cloudfront
content-length: 952
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:19 GMT
server: nginx
etag: "5cadd1af-3b8"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 0zhKKNufybOYl_mhfrdtlfRSF6950d7DF40lvE_mEVP81-rlHvyNvw==
expires: Wed, 05 May 2021 07:39:00 GMT

GET
H2 200 ebc3273565b5e682ccaf01872d2e046749306442.png
cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_blue/ Frame FF85 3 KB
3 KB 23ms
17ms Image
image/png 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.bstatic.com/static/img/affiliate_base/flexi/booking_logo_blue/ebc3273565b5e682ccaf01872d2e046749306442.png

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1131196&fid=1619745282920&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

69f81eea02cf09defcdb0c916f7ca869498f0d7045318c8ebfe469d2872cbbfa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 08 Apr 2021 13:10:51 GMT
via: 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 1857832
x-cache: Hit from cloudfront
content-length: 2904
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:50 GMT
server: nginx
etag: "5cadd1ce-b58"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: n56T0fH_NmFu9AnrXtWOnHjVVOB0GjfB6NEp6umIkXMv1cyz4IzuNg==
expires: Sat, 08 May 2021 13:10:51 GMT

GET
H2 200 2e1059de66c6a928c4ea7e843b9ffbd51cc3e15d.js Show response
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/ Frame FF85 123 KB
39 KB 98ms
62ms Script
application/javascript 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/2e1059de66c6a928c4ea7e843b9ffbd51cc3e15d.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1131196&fid=1619745282920&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0b01b0858503cb5946f0c5c1b7c59a3be705eab43b2c6ce1526a7a7509ac63b9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 07 Apr 2021 16:57:51 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1930612
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-1ecfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
timing-allow-origin: *
x-amz-cf-id: iNHXTQVZfVRlPrfSyat3eZh0qkmzTp6zv59t9OyzhtYkYhsLyoDZeg==
expires: Fri, 07 May 2021 16:57:51 GMT

GET
H2 200 eb78197b2eee9a032c319d91a6e1c581e295f284.js Show response
cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/ Frame FF85 33 KB
11 KB 90ms
55ms Script
application/javascript 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_components_cloudfront_sd/eb78197b2eee9a032c319d91a6e1c581e295f284.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1131196&fid=1619745282920&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 17:40:53 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1236830
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-84eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
timing-allow-origin: *
x-amz-cf-id: 19RQ1VbC8ksAYBWsoWC4GN9yuWOI6LRKnLZPSmkMV9X0Ke6PcDgF4g==
expires: Sat, 15 May 2021 17:40:53 GMT

GET
H2 200 a620a252f1d0110ab972e81348133431e8486098.js Show response
cf.bstatic.com/static/affiliate_base/js/flexi_nsb_cloudfront_sd/ Frame FF85 2 KB
1 KB 29ms
22ms Script
application/javascript 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/affiliate_base/js/flexi_nsb_cloudfront_sd/a620a252f1d0110ab972e81348133431e8486098.js

Requested by

Host: www.booking.com
URL: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1131196&fid=1619745282920&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9afc14c1ac2584619b29bf2232f3ddd9da032d3acdf769e48ff7736f55a16e4e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://www.booking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 15:22:47 GMT
content-encoding: br
nel: {"report_to":"default","max_age":600}
age: 1504316
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Feb 2020 10:19:54 GMT
server: nginx
etag: W/"5e39454a-903"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
timing-allow-origin: *
x-amz-cf-id: 2FNuYc-5gDxf6WveogKDuN7SXyNrobHgovh7zFLvcnvhqztBx6il8Q==
expires: Wed, 12 May 2021 15:22:47 GMT

GET
DATA 200
OK truncated
/ Frame 0B86 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 032e606f53cd2df585acc19dd69fbb3c2536d69a1240c213bf1ac31dfb9b268b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7674 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 17:47:30 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 26833
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
expires: Fri, 29 Apr 2022 17:47:30 GMT

GET
H2 200 750fa5bec9bde5e6e09115b5970b8106f73a5646.woff
cf.bstatic.com/static/fonts/flexi/flexi/ Frame FF85 8 KB
8 KB 22ms
17ms Font
application/font-woff 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/fonts/flexi/flexi/750fa5bec9bde5e6e09115b5970b8106f73a5646.woff

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 16:42:43 GMT
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 1585920
x-cache: Hit from cloudfront
content-length: 7772
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:49 GMT
server: nginx
etag: "5cadd1cd-1e5c"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: KezwZIiWd9yYUUYRkT0X5HSJ-4ziHL7zm021l0kY0UNo6a1O1zzzZg==
expires: Tue, 11 May 2021 16:42:43 GMT

GET
H2 200 750fa5bec9bde5e6e09115b5970b8106f73a5646.woff
cf.bstatic.com/static/fonts/flexi/flexi/ Frame 249B 8 KB
8 KB 16ms
14ms Font
application/font-woff 2600:9000:20e8:8c00:1f:e2ee:200:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cf.bstatic.com/static/fonts/flexi/flexi/750fa5bec9bde5e6e09115b5970b8106f73a5646.woff

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20e8:8c00:1f:e2ee:200:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.booking.com
Referer: https://cf.bstatic.com/static/affiliate_base/css/flexifonts_cloudfront_sd/82b674edb949dddf78e02d76e8593771bf2e85d5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 16:42:43 GMT
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
nel: {"report_to":"default","max_age":600}
age: 1585920
x-cache: Hit from cloudfront
content-length: 7772
x-xss-protection: 1; mode=block
last-modified: Wed, 10 Apr 2019 11:21:49 GMT
server: nginx
etag: "5cadd1cd-1e5c"
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: -tZD_cgBQS3nB2DQOugarawt7Aeh5qpYKStsLVtccSINEBc9UKqg1w==
expires: Tue, 11 May 2021 16:42:43 GMT

GET
H3-29 200 1IcJZGqO_HX.css
www.facebook.com/rsrc.php/v3/ye/l/0,cross/ Frame BB36 20 KB
5 KB 12ms
8ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/ye/l/0,cross/1IcJZGqO_HX.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yo/r/2sJZS5eGiyZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

423731a0d0407b735a6dc8f62a9fe00a3ce0ee816ddd7df37b847fabc6378212

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 20:38:13 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 02NAjlq/eFQg+CPse7XbKQ==
cross-origin-resource-policy: cross-origin
content-length: 5127
x-fb-rlafr: 0
x-fb-debug: 85Eb4Swz5QTgHVSIfR9V3gIVzM88tDcVFWtsZBDhh/5AAlgvBs4u5bk2F8ehPIlo1/xLLNhlXvp3lNkfzUNOeg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Apr 2022 20:38:13 GMT

GET
H2 200 nD7VJ0ZbVE2.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame BB36 64 KB
16 KB 60ms
4ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/nD7VJ0ZbVE2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yo/r/2sJZS5eGiyZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4fea7bf7fcbcea2a00471a920621ece56c1879a1518b81a3f5e2c4166cce3cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: shZBPpDMoZQbEzj2EPogWA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 16525
x-fb-rlafr: 0
x-fb-debug: CxwDvjGLD1pMrgOruGEV1/yNNvdq4y0ZG6qvLXMv3hOmjPGejDCF4vWgkwX1IWXYzAeDEVuw5vmca2WU2kJcEg==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Sun, 24 Apr 2022 21:00:24 GMT

GET
H3-29 200 UG5hFH3OnGZ.css
www.facebook.com/rsrc.php/v3/yw/l/0,cross/ Frame BB36 36 KB
7 KB 12ms
8ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yw/l/0,cross/UG5hFH3OnGZ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yo/r/2sJZS5eGiyZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

83617fdf42c2457abd24c043606c8ad4bacfd7fe6fce42dfa5d16f4fbec523dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 18:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: EdrE11NR23Bfi5e1q30Fuw==
cross-origin-resource-policy: cross-origin
content-length: 7078
x-fb-rlafr: 0
x-fb-debug: Ero5WfnN/csX811pSDU+9YoqcRFQgmu8U7anVHrq4YrMsgMGT6sRYn5d9LvenqWtLXs2epaw7EkQ9nd9I+Mc7g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 22 Apr 2022 18:33:20 GMT

GET
H3-29 200 1usRqtZVbfO.js Show response
www.facebook.com/rsrc.php/v3/yo/r/ Frame BB36 37 KB
11 KB 34ms
25ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yo/r/1usRqtZVbfO.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yo/r/2sJZS5eGiyZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f5820244a2bb1a21fb966e2a417d1c12f43ad67d33c1275338d1b3d67caad567

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 07:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rBc3q7LW/6BWJorlo9zSzQ==
cross-origin-resource-policy: cross-origin
content-length: 11415
x-fb-rlafr: 0
x-fb-debug: nFDbBOfxeC10ZkI1OhxHDOHtvEHcmJBztxbDxmFCxq5+E1tVrq64zUEOifkz319vVGsei99jrGwbek/Jynoz3Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Apr 2022 07:43:29 GMT

GET
H3-29 200 jCjPXE50YBY.js Show response
www.facebook.com/rsrc.php/v3iEBX4/yv/l/en_US/ Frame BB36 17 KB
5 KB 46ms
38ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEBX4/yv/l/en_US/jCjPXE50YBY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yo/r/2sJZS5eGiyZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a730a4e9d3d0612c3a6918e096c39c5697614b2792b98f503439fc09afd764a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 17:51:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: F42oAJV6dRouw2yCYHEOhA==
cross-origin-resource-policy: cross-origin
content-length: 5453
x-fb-rlafr: 0
x-fb-debug: 259omXOGogl8ezTPLA7N+ehHrjSOAJ/urfln3E53VKuWWvs2T4U/mgrqctAxPVo6Tv0GGdJKqOPnUE0Q5BFhpA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Apr 2022 17:51:26 GMT

GET
H3-29 200 y6QqQaNeJsz.js Show response
www.facebook.com/rsrc.php/v3/yS/r/ Frame BB36 19 KB
6 KB 46ms
37ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yS/r/y6QqQaNeJsz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yo/r/2sJZS5eGiyZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

88d32cb380c8accd245e33fae7d1ede15212de9267688c84b0ff7a9c53e956d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 18:29:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: heMcpMIrHrlHXNQA/HF8qQ==
cross-origin-resource-policy: cross-origin
content-length: 5979
x-fb-rlafr: 0
x-fb-debug: /IXGDIZRXVMdaHLwzvW5EFMpgVxg/4B0eZ3S6sdq2w+eM6uYtxPv8uSmz/4waTjJ8/uPfb8zDPPNehKX3cVPug==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Apr 2022 18:29:59 GMT

GET
DATA 200
OK truncated
/ Frame BB36 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f25aebef7c5b576071a6f97559078c0a17f5d3130f2cdb8d74f04872ec8fb333

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 MM2tCOl-Ndb.css
static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/ Frame BB36 2 KB
1 KB 58ms
3ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/l/0,cross/MM2tCOl-Ndb.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yo/r/2sJZS5eGiyZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d8d780cf17d57da2e7ff421667a6221a32831b83ffa904c0b480ba5f9c285974

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:43 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: IlI3TkunStfNPgYtYjV2iw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 656
x-fb-rlafr: 0
x-fb-debug: 3Okyh88m4K/HZtawK5KERkKWDICSSfrGUzADYBQy5Of95qw7YUFlbZJoU/Eb19CJd9mqbKxLACT0umzbnycOxA==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Apr 2022 17:51:26 GMT

GET
H3-29 200 bTpISjHkItW.css
www.facebook.com/rsrc.php/v3/yg/l/0,cross/ Frame BB36 18 KB
4 KB 46ms
38ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yg/l/0,cross/bTpISjHkItW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yo/r/2sJZS5eGiyZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

15207816502835281f1a680e18eb417450f05c31814bfca65aeb1b5df59e242f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 19:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Pfxx8dmUr49UW0zDy/b2Ng==
cross-origin-resource-policy: cross-origin
content-length: 4261
x-fb-rlafr: 0
x-fb-debug: gUTvu4RAw2LEMwVtnxsec5disC5Nu3+1BavORuRcdeOURaRldfFEkWcysRSbQzWWHIKC+Boqg6IMvisHsdDGFA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Apr 2022 19:31:21 GMT

GET
H3-29 200 default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame 70CF 58 KB
59 KB 50ms
19ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gjam1m5cfbpc2vm0gtb49k05nej8tyb973q7s6wyyhh9gts968ts1s9ayhhcxrceg6t3y6en11czav2rsbb15sswq3chhpb1pwgk9ss3yc964k2m852pxgh9rvcnhqvp7t6404h4prtykan8n9j2y7mqtkdhvckde85ab1wys4ppc8fqn81b4ymc2t3meybtwncp21gvj0hftt33rtma5m754fnkm0j2cep897sme18p7rc2aw23rgfvvcbg1aqe50q77x7stm79524dtdyn2jmh1v7kdkgfed37jssjbafgkb2m4mk6fwjvbxk6hkd4ex0xyc1k9hdbsmqdpaq1e82ghjsnc5mm926cepcns142yt82bf98z5zdpe1g7v0jwczd84mq8fgmejxf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%26client%3Dca-pub-1047644867309294%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gjam1m5cfbpc2vm0gtb49k05nej8tyb973q7s6wyyhh9gts968ts1s9ayhhcxrceg6t3y6en11czav2rsbb15sswq3chhpb1pwgk9ss3yc964k2m852pxgh9rvcnhqvp7t6404h4prtykan8n9j2y7mqtkdhvckde85ab1wys4ppc8fqn81b4ymc2t3meybtwncp21gvj0hftt33rtma5m754fnkm0j2cep897sme18p7rc2aw23rgfvvcbg1aqe50q77x7stm79524dtdyn2jmh1v7kdkgfed37jssjbafgkb2m4mk6fwjvbxk6hkd4ex0xyc1k9hdbsmqdpaq1e82ghjsnc5mm926cepcns142yt82bf98z5zdpe1g7v0jwczd84mq8fgmejxf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%26client%3Dca-pub-1047644867309294%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=XxVHlg==, md5=RCdMWH7YOCWDIhuwI9UcWg==
date: Fri, 30 Apr 2021 01:14:43 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3298536
cf-polished: origSize=59196
x-guploader-uploadid: ABg5-Uy4aivieyuBWrRiQC4_Ppn1uUsCErWp3PCNabOAR1DHIeajjF0MmTZg9JuSRGfocIdDxNZdYx3-JXnC-nTF81uHDLT_kw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58969
cf-request-id: 09c1f0b7910000178e92b3e000000001
last-modified: Tue, 16 Mar 2021 10:53:32 GMT
server: cloudflare
etag: "44274c587ed8382583221bb023d51c5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mTPsrCb8d15fZy6jsfaym1XznItweYkoXu%2BW1s%2FfzuLt5bGfzrZDRe6J1RnNIK0kHP1ALAlTSSckpVRfp6CsPCWecdGi3cxxW%2Fyl0dGw%2BKK29sjw"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1615892011975494
content-type: text/css
expires: Tue, 22 Mar 2022 20:59:07 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 647cea38e899178e-FRA
cf-bgj: minify

GET
H3-29 200 r62eglto.js Show response
ad4m.at/ Frame 70CF 36 KB
12 KB 44ms
27ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1gjam1m5cfbpc2vm0gtb49k05nej8tyb973q7s6wyyhh9gts968ts1s9ayhhcxrceg6t3y6en11czav2rsbb15sswq3chhpb1pwgk9ss3yc964k2m852pxgh9rvcnhqvp7t6404h4prtykan8n9j2y7mqtkdhvckde85ab1wys4ppc8fqn81b4ymc2t3meybtwncp21gvj0hftt33rtma5m754fnkm0j2cep897sme18p7rc2aw23rgfvvcbg1aqe50q77x7stm79524dtdyn2jmh1v7kdkgfed37jssjbafgkb2m4mk6fwjvbxk6hkd4ex0xyc1k9hdbsmqdpaq1e82ghjsnc5mm926cepcns142yt82bf98z5zdpe1g7v0jwczd84mq8fgmejxf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%26client%3Dca-pub-1047644867309294%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f98c5a3b8d88d13e54c0887a67ef6c98c022b8edeb2372a6e076bd83c4e4254

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gjam1m5cfbpc2vm0gtb49k05nej8tyb973q7s6wyyhh9gts968ts1s9ayhhcxrceg6t3y6en11czav2rsbb15sswq3chhpb1pwgk9ss3yc964k2m852pxgh9rvcnhqvp7t6404h4prtykan8n9j2y7mqtkdhvckde85ab1wys4ppc8fqn81b4ymc2t3meybtwncp21gvj0hftt33rtma5m754fnkm0j2cep897sme18p7rc2aw23rgfvvcbg1aqe50q77x7stm79524dtdyn2jmh1v7kdkgfed37jssjbafgkb2m4mk6fwjvbxk6hkd4ex0xyc1k9hdbsmqdpaq1e82ghjsnc5mm926cepcns142yt82bf98z5zdpe1g7v0jwczd84mq8fgmejxf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%26client%3Dca-pub-1047644867309294%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=+BTdVg==, md5=mfn6JSakAxri5b0OMdqFNQ==
date: Fri, 30 Apr 2021 01:14:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 44201
x-guploader-uploadid: ABg5-UxX7Ydf9ax80x-VKyDv7z7Y8MUn9kQBtnodOKx5qMO3TuhnUE5wAWKprzoWelfwvjQznSt5p6I_zjT8dpZCsjg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09c1f0b7900000178e06004000000001
last-modified: Thu, 29 Apr 2021 12:57:47 GMT
server: cloudflare
etag: W/"99f9fa2526a4031ae2e5bd0e31da8535"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mzmsWQKM8vZomUsVfg8tZM%2FTNoTTI3ZAvdX88CRkGZUe7g2K%2FcaB1nwKYFffXDJPHzzK0H6VbLZBKyfYtMBsZOaKdylATYIM1marjkzO5sjHsTcg"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1619701067021399
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11952
cf-ray: 647cea38e897178e-FRA
expires: Thu, 29 Apr 2021 12:58:02 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 7137 35 B
464 B 37ms
11ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEjKcwbWR6kpwdX1uIcoh0E&google_cver=1&google_push=AQvitUIlPRWFJCgRtqlPI6R_o4X0KeaKXRZR_SGoVYtds3gEiCYz5_ZmW0gn5w5_G7X0uIVfCfX6Q6jyVTMr67pBAKIzUMpo3yYX

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7137
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitULiWFyLLLo4SoYXH98fbETi4w4d1UEQ5a-C3ze...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUl0YUJBQUFCSjA3Z0gtcw&google_push=AQvitULiWFyLLLo4SoYXH98fbETi4w4d1UEQ5a-C3ze6hTnOGOqfqHCvTHDmMwwQ4FxwFtauYtdwd5CgSolN29SDNS1GMDUUUxv7

170 B
188 B

21ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUl0YUJBQUFCSjA3Z0gtcw&google_push=AQvitULiWFyLLLo4SoYXH98fbETi4w4d1UEQ5a-C3ze6hTnOGOqfqHCvTHDmMwwQ4FxwFtauYtdwd5CgSolN29SDNS1GMDUUUxv7

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUl0YUJBQUFCSjA3Z0gtcw&google_push=AQvitULiWFyLLLo4SoYXH98fbETi4w4d1UEQ5a-C3ze6hTnOGOqfqHCvTHDmMwwQ4FxwFtauYtdwd5CgSolN29SDNS1GMDUUUxv7
Date: Fri, 30 Apr 2021 01:14:44 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7137
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitULrUChuMIOTJRZpMLgyHtLJmE29RHzt0KgCIu07HJyYwo6uuij0GwYLmOKoSxSk5ImFLEXPoC5eVi0lB2KCOcBq1py9Uz9X&google_gid=CAESEActakdVGylFWgw8kErmGr8&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCIS0rYQGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BUXZpdFVMclVDaHVNSU9USlJacE1MZ3lIdExKbUUyOVJIenQwS2dDSXUwN0hKeVl3bzZ1dWlqMEd3WUxtT0tvU3hTazVJbUZMRVhQb0M1ZVZpMGxCMk...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwazN3UTg4QkdaekRzOXUyVnplbTRGSXlSS2VQOHZ0ZFF5SC14R1pWd3Vwdw==&google_push

170 B
188 B

44ms
16ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwazN3UTg4QkdaekRzOXUyVnplbTRGSXlSS2VQOHZ0ZFF5SC14R1pWd3Vwdw==&google_push

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Apr 2021 01:14:44 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwazN3UTg4QkdaekRzOXUyVnplbTRGSXlSS2VQOHZ0ZFF5SC14R1pWd3Vwdw==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7137
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEKz6Xc5znys9qnHJTeEmMHI&google_cver=1&google_push=AQvitUI4cday6BZkKj6r3k1TsK34jcA14m1Y1iPclCq0trjr-k4y80PAYwHUsCLWzaYbuv2DvmhsIWt8_KpdjpvKiPcM-Q_ISsM
https://rtb.openx.net/sync/dds?google_gid=CAESEKz6Xc5znys9qnHJTeEmMHI&google_cver=1&google_push=AQvitUI4cday6BZkKj6r3k1TsK34jcA14m1Y1iPclCq0trjr-k4y80PAYwHUsCLWzaYbuv2DvmhsIWt8_KpdjpvKiPcM-Q_ISsM&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI4cday6BZkKj6r3k1TsK34jcA14m1Y1iPclCq0trjr-k4y80PAYwHUsCLWzaYbuv2DvmhsIWt8_KpdjpvKiPcM-Q_ISsM&google_hm=3LrC5bvtxWQpyuUhpb60WQ==

170 B
188 B

39ms
39ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI4cday6BZkKj6r3k1TsK34jcA14m1Y1iPclCq0trjr-k4y80PAYwHUsCLWzaYbuv2DvmhsIWt8_KpdjpvKiPcM-Q_ISsM&google_hm=3LrC5bvtxWQpyuUhpb60WQ==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:43 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUI4cday6BZkKj6r3k1TsK34jcA14m1Y1iPclCq0trjr-k4y80PAYwHUsCLWzaYbuv2DvmhsIWt8_KpdjpvKiPcM-Q_ISsM&google_hm=3LrC5bvtxWQpyuUhpb60WQ==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: ljguf2jpv2tqhnm6umo4fg5ga082iskv

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7137
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7apg1WkhRJCPip_n-IYkkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

20ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7apg1WkhRJCPip_n-IYkkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK4i0O8-cdLjXHeK_1K6h_P_DB5qaBYx-xsiSyl36QXOEEcWFn1GMGqPT82crp1oGQuMAQlfwC883JF2DZfQazbFCA-RDRm

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7apg1WkhRJCPip_n-IYkkQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUK4i0O8-cdLjXHeK_1K6h_P_DB5qaBYx-xsiSyl36QXOEEcWFn1GMGqPT82crp1oGQuMAQlfwC883JF2DZfQazbFCA-RDRm
Date: Fri, 30 Apr 2021 01:14:42 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7137
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBPRYdFKuxL2nT-wbvYfHdU&google_cver=1&google_push=AQvitUJmA8KG5MufTOYpB5OkXMBwV2qrZpoHEfqXkfUuicZ3wZ8r8n-z1QgzLL8KO_YoLtkzg9L...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08zTUlSVzEtUi05TDhU&google_push=AQvitUJmA8KG5MufTOYpB5OkXMBwV2qrZpoHEfqXkfUuicZ3wZ8r8n-z1QgzLL8KO_YoLtkzg9L_DaoENW_gw-Im221WPPOGVhs

170 B
188 B

33ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08zTUlSVzEtUi05TDhU&google_push=AQvitUJmA8KG5MufTOYpB5OkXMBwV2qrZpoHEfqXkfUuicZ3wZ8r8n-z1QgzLL8KO_YoLtkzg9L_DaoENW_gw-Im221WPPOGVhs

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08zTUlSVzEtUi05TDhU&google_push=AQvitUJmA8KG5MufTOYpB5OkXMBwV2qrZpoHEfqXkfUuicZ3wZ8r8n-z1QgzLL8KO_YoLtkzg9L_DaoENW_gw-Im221WPPOGVhs
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 7137
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOPEuiwQi1k83GystlLGt64&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOPEuiwQi1k83GystlLGt64&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YItaBF4aYhpuPpiL9XRWTQAABKMAAAAB&google_cver=1&google_push=AQvitULPqUhI0UxcdtV29rXRJKQy7Gz4YxvuGg6w0QMUdyR30YUarZLEjzqFICoTvHttOTSxezHT...

170 B
188 B

47ms
19ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YItaBF4aYhpuPpiL9XRWTQAABKMAAAAB&google_cver=1&google_push=AQvitULPqUhI0UxcdtV29rXRJKQy7Gz4YxvuGg6w0QMUdyR30YUarZLEjzqFICoTvHttOTSxezHTW98fFVSWFzZWEeMPw_bv9DFR&google_gid=CAESEOPEuiwQi1k83GystlLGt64

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 01:14:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YItaBF4aYhpuPpiL9XRWTQAABKMAAAAB&google_cver=1&google_push=AQvitULPqUhI0UxcdtV29rXRJKQy7Gz4YxvuGg6w0QMUdyR30YUarZLEjzqFICoTvHttOTSxezHTW98fFVSWFzZWEeMPw_bv9DFR&google_gid=CAESEOPEuiwQi1k83GystlLGt64
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Fri, 30 Apr 2021 01:14:44 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7137 0
236 B 57ms
14ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KN0ya2VDp2sZqa7UGV32t4Y9_eoh3AnnP20G2DMncVsAoX8TwlFvZFIDOOtVwgTye83W__

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:44 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 70CF 3 KB
4 KB 63ms
16ms Image
image/png 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:44 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1081
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
cf-request-id: 09c1f0b88400002bb943a79000000001
last-modified: Thu, 08 May 2014 12:48:39 GMT
server: cloudflare
etag: "536b7d27-cbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gh7zXJ2jrghYC6rlHQdmIFtX%2B%2BVxN7e534fzy%2BEmYmMrmYHnixt84No05S8v7eSalt1BfxzyH5d5kEQx82BnM2Z45Y58EdPjYhYvtbJ8jXFJvjwTxBB7lcs50m7Mz0JnoA%3D%3D"}],"max_age":604800}
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 647cea3a69442bb9-FRA

GET
H/1.1 200
OK fp_view Show response
www.booking.com/affiliate/ Frame FF85 12 B
1017 B 72ms
59ms XHR
application/json 37.10.0.220
BOOKING-BV Bookin...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.booking.com/affiliate/fp_view?aid=1131196&target_aid=1131196&product_type=nsb

Requested by

Host: cf.bstatic.com
URL: https://cf.bstatic.com/static/affiliate_base/js/flexiproduct_core_cloudfront_sd/2e1059de66c6a928c4ea7e843b9ffbd51cc3e15d.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

37.10.0.220 , Netherlands, ASN43996 (BOOKING-BV Booking.com, NL),

Reverse DNS

Software

nginx /

Resource Hash

587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.booking.com/flexiproduct.html?product=nsb&w=300&h=250&aid=1131196&target_aid=1131196&fid=1619745282920&
X-Requested-With: XMLHttpRequest
X-Booking-CSRF: Q5KLYAAAAAA=N8uybUZn4gp77_YRs4ApI_tW4XF06XyQvcL4u1qriZO3tPVuWOUFpYYblA8Pp1WPVXEz4zU5cbcXs8uFNaENAII-grf5RWyF4dZ7-E_w7YwEfgSeSpUdTZDBcW3D9FfeRxoPCJfLOUQL67Aa5OJfCsI63vQ-TZqiPeD_cW2SerxnvG0zsQNLNS0rBgT27jBtFNdyAfkSx2Kjqixf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:44 GMT
x-content-options: nosniff
server: nginx
content-security-policy-report-only: report-uri https://reports.booking.com/csp_violation?type=report&tag=112&pid=aaaa08c29f3a0003&e=UmFuZG9tSVYkc2RlIyh9YV52yMgL4uFPlMiAwY3njEnBRUct5D0iDjoEmv1yMmvQdhfu63Hi_xY&f=2&s=0; frame-ancestors 'none';
content-type: application/json; charset=UTF-8
transfer-encoding: chunked
strict-transport-security: max-age=604800
x-xss-protection: 1; mode=block

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 1913 2 KB
2 KB 14ms
14ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1gjam1m5cfbpc2vm0gtb49k05nej8tyb973q7s6wyyhh9gts968ts1s9ayhhcxrceg6t3y6en11czav2rsbb15sswq3chhpb1pwgk9ss3yc964k2m852pxgh9rvcnhqvp7t6404h4prtykan8n9j2y7mqtkdhvckde85ab1wys4ppc8fqn81b4ymc2t3meybtwncp21gvj0hftt33rtma5m754fnkm0j2cep897sme18p7rc2aw23rgfvvcbg1aqe50q77x7stm79524dtdyn2jmh1v7kdkgfed37jssjbafgkb2m4mk6fwjvbxk6hkd4ex0xyc1k9hdbsmqdpaq1e82ghjsnc5mm926cepcns142yt82bf98z5zdpe1g7v0jwczd84mq8fgmejxf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%26client%3Dca-pub-1047644867309294%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1gjam1m5cfbpc2vm0gtb49k05nej8tyb973q7s6wyyhh9gts968ts1s9ayhhcxrceg6t3y6en11czav2rsbb15sswq3chhpb1pwgk9ss3yc964k2m852pxgh9rvcnhqvp7t6404h4prtykan8n9j2y7mqtkdhvckde85ab1wys4ppc8fqn81b4ymc2t3meybtwncp21gvj0hftt33rtma5m754fnkm0j2cep897sme18p7rc2aw23rgfvvcbg1aqe50q77x7stm79524dtdyn2jmh1v7kdkgfed37jssjbafgkb2m4mk6fwjvbxk6hkd4ex0xyc1k9hdbsmqdpaq1e82ghjsnc5mm926cepcns142yt82bf98z5zdpe1g7v0jwczd84mq8fgmejxf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%26client%3Dca-pub-1047644867309294%26adurl%3D

Response headers

date: Fri, 30 Apr 2021 01:14:44 GMT
content-type: text/html
set-cookie: __cfduid=d8bacc2ada0fa9bb68e4a57efa2bdfedd1619745284; expires=Sun, 30-May-21 01:14:44 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Fri, 30 Apr 2021 02:14:44 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 620329
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
cf-request-id: 09c1f0b8890000178e92b47000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r50I3Oxvam2aowZm6zivdW41DeZOvkJDxpHWRiGQ8yT4Bij%2By5PBT6UFviMUg9zrgnv6fFAAxG8nEfThJIKkVHohXle5WK1WVhM95ktbymW1h3PJ"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 647cea3a79d8178e-FRA
content-encoding: br

GET
H3-29 200 1610023_1020466794693734_7379556211068893308_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/ Frame BB36 1 KB
1 KB 10ms
6ms Image
image/jpeg 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frt3-1.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/1610023_1020466794693734_7379556211068893308_n.jpg?_nc_cat=106&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=4Xh7Lm0LndQAX9AV-h0&_nc_ht=scontent-frt3-1.xx&tp=27&oh=d0a07abdad7f52abb8a27f448fabe3d6&oe=60B29014
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:216:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 44bf1129f8652cba83be2b878b72a564546f518a65ffd5483100e251415434f6

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1326156091
date: Fri, 30 Apr 2021 01:14:44 GMT
last-modified: Wed, 16 Mar 2016 19:33:27 GMT
content-length: 1122
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3038325868
x-fb-config-version-olb-prod: 1088
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame BB36 40 KB
40 KB 15ms
9ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQGgd4V4FELUNnM4&w=476&h=249&url=https%3A%2F%2Fs31242.pcdn.co%2Fwp-content%2Fuploads%2F2021%2F04%2FGettyImages-51640796.jpg&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQHpADuzQesbC3hA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

20f1f71c4973cd627867f2393235d7ab6a38215aa0f19b3e9e9bc15e8b6238e0

Security Headers

Name	Value
Content-Security-Policy	default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-type-options: nosniff
x-fb-rlafr: 0
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
cross-origin-resource-policy: cross-origin
x-fb-config-version-olb-prod: 1089
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 40710
x-xss-protection: 0
x-fb-debug: yNTagb5U4jRX2FWBHiGtX0PF4O+i2DXZOWIeV20Cdzwwp4wJi32kjlfJMJAbyzvNKlZ7Yb2H1LbFZoXF0yrlkQ==
x-fb-trip-id: 686109401
expires: Sat, 29 May 2021 20:01:32 GMT
last-modified: Thu, 29 Apr 2021 20:01:10 GMT
x-fb-config-version-slb-prod_regional: 1089
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 30 Apr 2021 01:14:44 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
vary: Origin
cache-control: public, max-age=86400
access-control-allow-credentials: true
etag: "0e52259f95f3ff798906720f9b83b95f"
content-security-policy: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame BB36 42 KB
42 KB 16ms
10ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQGZ5TUHxycDQhRJ&w=476&h=249&url=https%3A%2F%2Fs31242.pcdn.co%2Fwp-content%2Fuploads%2F2021%2F04%2Fmary-poppins-2.jpg&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQG5fAYJlo1aCjh8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d42d52be0d081dfa2b82d5e43a77e42acee56155679e96c649bcf69f0189f3be

Security Headers

Name	Value
Content-Security-Policy	default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-type-options: nosniff
x-fb-rlafr: 0
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
cross-origin-resource-policy: cross-origin
x-fb-config-version-olb-prod: 1088
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 42696
x-xss-protection: 0
x-fb-debug: UocEJvpLuYwBxl2qjkIRMzLLqMh1W0TOkWyenXJbRvQm4KXYEMoE9t+/dmvXmEITHmNDHC2xqdlOBOJQ9g1DRA==
x-fb-trip-id: 686109401
expires: Sat, 29 May 2021 12:41:31 GMT
last-modified: Thu, 29 Apr 2021 10:33:38 GMT
x-fb-config-version-slb-prod_regional: 1088
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 30 Apr 2021 01:14:44 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
vary: Origin
cache-control: public, max-age=86400
access-control-allow-credentials: true
etag: "8e8c6aada259444371d66e3b4b74c66b"
content-security-policy: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
timing-allow-origin: *
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame BB36 20 KB
21 KB 13ms
7ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQGWn2ygF71xvZbq&w=476&h=249&url=https%3A%2F%2Fs31242.pcdn.co%2Fwp-content%2Fuploads%2F2021%2F04%2FEdwin-Poots.jpg&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQGvOJD56YEe5foA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bd117a950e78c0f646143c3d7f626fb8a86b7dac55848b8d058820b6a713f166

Security Headers

Name	Value
Content-Security-Policy	default-src fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-type-options: nosniff
x-fb-rlafr: 0
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
cross-origin-resource-policy: cross-origin
x-fb-config-version-olb-prod: 1088
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 20971
x-xss-protection: 0
x-fb-debug: LMKeoztzmRrsjOCQaQygKsPDzVPhoUIlrythUOSOJJrmKuCBzDwKy3FWYwkfuM8/1NnyeVDzerL7nN/09/t8kg==
x-fb-trip-id: 686109401
expires: Fri, 28 May 2021 17:20:33 GMT
last-modified: Wed, 28 Apr 2021 17:01:54 GMT
x-fb-config-version-slb-prod_regional: 1088
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 30 Apr 2021 01:14:44 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
vary: Origin
cache-control: public, max-age=86400
access-control-allow-credentials: true
etag: "2888cf4e7a2eb356fb400e69f6a1c4ec"
content-security-policy: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.xx.facebook.com/csp/reporting/?m=c;
timing-allow-origin: *
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame BB36 20 KB
21 KB 11ms
7ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQHBX6j-fYwiQ1ak&w=476&h=249&url=https%3A%2F%2Fs31242.pcdn.co%2Fwp-content%2Fuploads%2F2021%2F04%2Fcontactless-clitoral-stimulator-satisfyer-and-ripe-KU2YNCE-scaled.jpg&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQEQN5iRuZ6PRKkm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e092cb5f49ede56659d664a7cae26fd81bca6d7b54279e9e7c9888fb33d3d232

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-type-options: nosniff
x-fb-rlafr: 0
cross-origin-resource-policy: cross-origin
x-fb-config-version-olb-prod: 1088
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 20935
x-xss-protection: 0
x-fb-debug: PuQnJOimHa2UV4eRYOyySDDMyEnVk3ab/akwZk6jlv80x0VLFz5JwZ7Pz9xutkAzt/SlmE9ryoR9/zLY+4ppwQ==
x-fb-trip-id: 686109401
expires: Fri, 28 May 2021 12:01:48 GMT
last-modified: Wed, 28 Apr 2021 09:39:32 GMT
x-fb-config-version-slb-prod_regional: 1086
date: Fri, 30 Apr 2021 01:14:44 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
vary: Origin
cache-control: public, max-age=86400
access-control-allow-credentials: true
etag: "e7fa5ba3f9489ad88db62bfedf39f63d"
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
timing-allow-origin: *
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 safe_image.php
external-frt3-2.xx.fbcdn.net/ Frame BB36 21 KB
22 KB 14ms
10ms Image
image/jpeg 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://external-frt3-2.xx.fbcdn.net/safe_image.php?d=AQFkTeig_IW45aZv&w=476&h=249&url=https%3A%2F%2Fs31242.pcdn.co%2Fwp-content%2Fuploads%2F2020%2F11%2FGettyImages-1203839448.jpg&cfs=1&upscale=1&fallback=news_d_placeholder_publisher&ccb=3-5&_nc_hash=AQG30QrkN1rydYwD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

178afceb4d0719d6e04864d526a2f4873c1b8b4d8879a4247a0f6bd5438b4a31

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-type-options: nosniff
x-fb-rlafr: 0
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
cross-origin-resource-policy: cross-origin
x-fb-config-version-olb-prod: 1088
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 21978
x-xss-protection: 0
x-fb-debug: H4tC70i5N6EEdsx1fGVfwlu9wZ541BCoNApSDqM6MlCl8rx2MtHkjxzUYV5YnXLr8shFu2sQXebw5zAbZiYK7g==
x-fb-trip-id: 686109401
expires: Sat, 22 May 2021 17:33:21 GMT
last-modified: Wed, 11 Nov 2020 15:27:14 GMT
x-fb-config-version-slb-prod_regional: 1086
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 30 Apr 2021 01:14:44 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
vary: Origin
cache-control: public, max-age=86400
access-control-allow-credentials: true
etag: "74fcc5b4fc7066ee0bc3cd7b7103a01f"
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
timing-allow-origin: *
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H3-29 200 cQH7wcbHb6b.png
www.facebook.com/rsrc.php/v3/y8/r/ Frame BB36 3 KB
3 KB 7ms
6ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y8/r/cQH7wcbHb6b.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/ye/l/0,cross/1IcJZGqO_HX.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03331f532afdaf1cfcca267894d7698d7b42efa461526bda23cfb448eb84a3a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/ye/l/0,cross/1IcJZGqO_HX.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: L36Vtv+RnpFF1ykR2OV1PAtDYiLDNWT8pNQv9prpAZmU5B1QxfFJP1NlwHD0mEyI/nrAKABWUgRGRuL2bg7big==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: VrHQyF8wNkH5pOhUYwyBPQ==
date: Tue, 20 Apr 2021 03:50:13 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 3170
x-fb-rlafr: 0
expires: Wed, 20 Apr 2022 03:50:13 GMT

GET
H3-29 200 n-uOOobFC9i.png
www.facebook.com/rsrc.php/v3/y3/r/ Frame BB36 3 KB
3 KB 10ms
10ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y3/r/n-uOOobFC9i.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/l/0,cross/nYaMDT8QGXc.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

33c09ad5541630ddd97336563ab0c8c13396dce0075375a15a370bb90b29e6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yS/l/0,cross/nYaMDT8QGXc.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 0hT3+kQxL1hZWWtZ3pgw84KnE+T/AGkeQOR4QEg94gEGj3Xpq2JJxm3wTX8lB7l/Pwpr5hmiFgpkGZj4gRPN4g==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: FxoGPHP5kucUksTSZgXu4w==
date: Sun, 18 Apr 2021 19:11:29 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 3249
timing-allow-origin: *
priority: u=3,i
x-fb-rlafr: 0
expires: Mon, 18 Apr 2022 19:11:29 GMT

GET
H2 200 1487645_6012475414660_1439393861_n.png
scontent.xx.fbcdn.net/hads-ak-prn2/ Frame BB36 79 B
176 B 9ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/hads-ak-prn2/1487645_6012475414660_1439393861_n.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:44 GMT
x-fb-trip-id: 686109401
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/png
access-control-expose-headers: X-FB-CEC-Video-Limit
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 79
expires: Fri, 30 Apr 2021 01:14:44 GMT

GET
H2 200 frame.html Show response
ad4mat.net/ Frame 03E0 1 KB
1 KB 22ms
12ms Document
text/html 2606:4700:3032::6815:57ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4mat.net/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:57ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method: GET
:authority: ad4mat.net
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:44 GMT
content-type: text/html
set-cookie: __cfduid=d012807962524ea34dc20ebd5ef02b8ee1619745284; expires=Sun, 30-May-21 01:14:44 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 12 Apr 2018 07:50:15 GMT
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
age: 631
cf-request-id: 09c1f0b95e00002bb920303000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LnFZMit9pjrDyJ99xUrp4SxPS7f4VtgynAZeEfdzDI6umTyHCW3Q77sSk5usBlWQmnGq3%2Bd%2FWw7zT5AovMsZ75vu%2FYgiBfExGpKUqChsmgkCtpUZ9qXw"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 647cea3bcaa52bb9-FRA
content-encoding: br

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210428&jk=2392059193750853&bg=!goGlgcXNAAZLnZBaS507ACkAdvg8Wk-EZrwTRgXH6sdcpje2FOUBvNkwGBN6Tv80ccXpxtUtyVyuyAIAAAGTUgAAAAloAQcKAWerNqJBtk72-o3Cuhl4PwVHJCdzjA-hRtHhmGZjaZYoooRSvIn6worhcy6bjStUjoPY7tBqD3AGeU1-Cj7y3oqymhm_yJZ9OfSDtABdoZpQBfa5NrPUwFU6mENGO2NISyIyualYgHD3T4Bcf-iSTcGVFkYybjfKJ3QHNiZAj-ZEf5HhxWSrlmltfLXiWuHV3BC-9BFR9KyqJ4ewtxaiPMpQNhq-FP2DDb6I4q3ziotipSmWhyDO9DsKlOozzJpHXOPRYLUg_BVNbHvhsqVbmBFQ-8BCay2SVJ_BnT1IDNsYCjevXyCZkROtp10xbQZ4oZ7QyRg6Pa6WIU0HFspY1wj3wk2abHqQqIT4Sl8dZA_cUKH35pClEVgpeU3pV6vywqmsxNtVPWcmM62vbK9-6ejDfECANM_cn5TUS33Sm4qLTxvmnVUtjo6DGBycMn9GfzWFASlf3QVu1oJPMDqXbeFk_R36RpDVBZkCHxun1cs2v4gUwCr9m5VzFkJF2dBnafN2rPaz9P-I0K4diI66rEWXpBOqIlCiVDCxsfsyPypkR8QbwyxgwVUvw_N_2symJgzHFhhYkB7-mRFRC2MwDUU_WT2hKAN4THF3jniGzmVq-bHdi_nsAbTzlW7GhNNiXqSt_ngJXmW_kwQA9Vec6xsb-BiLzC0PR-ditxpSX4fluW-NyxredRbLfmj9MeTQX5CV0wp4D__ryrCbuk9X2N9UCzvQL4dmuHIot2Pc09NGhy15dS_ZFTMajLzyV4OyvhIUXvSm8zcOgdcfxiUzq-w0e3k0KeAG_zAwioEJr_8oueyKTg2DPP333nE60uNODfRFAsYlCr5m5Uxzv0Fb4Bup775g4JTApPRPPsxMPOjG7Tsf9W8TVjBaAN1ekMrKmu2p0B1fGdWzCj607eAzKB514BXZ-0hB5w_qCzqZZlNqexV53_x4FrBz2Tdaist0vvYGJw0Crj2VGujE1NwRhmVsGFDkg1VWzOanIcVsDTirNLrq7clRybExid6dYXexWtux8RApa0_oXtU_wKFwAJPBtbSV0oAP0H0Hq-otddeSxPch09Et5yIk90aSCjZcRffYeigZ38AoORelGpYyP9zdPXHeIAqvQ1SGEBa_GDqAKoXYVCdgtn60ImbN89UdoRnqfoy90NEio8VsRmhKBl0EqxzQUdvsZ6cWWSMuwSHKoyWzKwQd7RUqqw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pt.gayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0B86 42 B
64 B 16ms
14ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0Nw2ig4kJbXxnTXLI3KWaVCup68gmGyLjGgDdqP6ReTKilj9m5xizMxG2yi5jeNjul9yCLo94vHuHxcTJltl-uINnIG8q_g&sig=Cg0ArKJSzFcHtKI2NXa1EAE&cid=CAASF-RoQz4pnhAVISvi2FvXj_uaUUQJ0_jW&id=lidar2&mcvt=1003&p=464,1440,1064,1600&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210428&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1402457258&rs=2&met=ie&la=0&cr=0&osd=1&vs=4&rst=1619745283146&dlt=0&rpt=53&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 01:14:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 bz Show response
www.facebook.com/ajax/ Frame BB36 0
31 B 42ms
42ms XHR
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bz?__a=1&__beoa=0&__bhv=2&__ccg=EXCELLENT&__comet_req=0&__csr=&__dyn=7xe6HUO13xy1ryUbFp62-m3i3i2i5U4e1Fx-ewSwMxW0SUhwr83vx60Vqw5SCwSxu0OE2WxO0FE662y0umUS1vw55xS0sy0SU2swdq0Ho2ew2MoG&__hsi=6956753019791012813-0&__pc=PHASED%3Aplugin_default_pkg&__req=3&__rev=1003708631&__s=%3A%3Aws0uwk&__sp=1&__user=0&dpr=1&locale=en_US

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yQ/l/en_US/N1Ujot6efHX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df338f5b71072ab%26domain%3Dpt.gayout.com%26origin%3Dhttps%253A%252F%252Fpt.gayout.com%252Ff1b5f0328a0ee8%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fgayoutworld%2F%3Ffref%3Dts&locale=en_US&sdk=joey&show_facepile=true&small_header=true&tabs=timeline&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryh6PA0SePsOx7A0v7

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: VNzljMSKiY/fzelhUO4j67LsmTWWhxC5YrzPqe0kE3URLFiLIS3fmFfsakhzcGWZuEZwMzSR0tM4ZTlmQyGeXA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 30 Apr 2021 01:14:45 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.facebook.com
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-fb-rlafr: 0
content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

POST
H3-29 200 rs Show response
ad4m.at/ Frame 70CF 1 KB
2 KB 33ms
32ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 389c60c02127fbb2d7f6d23242d69505be132ff839c8cd3390eb400445c31ca4

Request headers

Referer: https://ad4m.at/ad/dr?ed=1gjam1m5cfbpc2vm0gtb49k05nej8tyb973q7s6wyyhh9gts968ts1s9ayhhcxrceg6t3y6en11czav2rsbb15sswq3chhpb1pwgk9ss3yc964k2m852pxgh9rvcnhqvp7t6404h4prtykan8n9j2y7mqtkdhvckde85ab1wys4ppc8fqn81b4ymc2t3meybtwncp21gvj0hftt33rtma5m754fnkm0j2cep897sme18p7rc2aw23rgfvvcbg1aqe50q77x7stm79524dtdyn2jmh1v7kdkgfed37jssjbafgkb2m4mk6fwjvbxk6hkd4ex0xyc1k9hdbsmqdpaq1e82ghjsnc5mm926cepcns142yt82bf98z5zdpe1g7v0jwczd84mq8fgmejxf0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%26num%3D1%26sig%3DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%26client%3Dca-pub-1047644867309294%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Apr 2021 01:14:46 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-backend-server: rs-1tg8
cf-request-id: 09c1f0c1720000178e06a60000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=twd55HA9UmOO9e1kcfLCJ08MC%2FiQsXOt%2FKHfpSa%2BL748RKSsL6eFqYFYXbmYvMUg7M2jdACOsO0XtpfHTW5NuvCJXSNqTV2bm4m7vel1BBilCsK1"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
cf-ray: 647cea48be09178e-FRA

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 81BB 9 KB
4 KB 28ms
26ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c5ec593984680f6679f2dce7db3acb9754e80ebde1c717d3fa7d51f0a05bed

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:46 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d44407b30c2c0cb6ddab41298a9d285df1619745286; expires=Sun, 30-May-21 01:14:46 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09c1f0c19800004e20a4a43000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 647cea48fafc4e20-FRA
content-encoding: br

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.4/one-ad/ Frame 81BB 58 KB
7 KB 26ms
25ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.4/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:46 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 811839
cf-polished: origSize=59219
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-request-id: 09c1f0c1bc0000178e053e4000000001
cf-ray: 647cea492e63178e-FRA
expires: Fri, 30 Apr 2021 02:14:46 GMT

GET
H2 200 C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 81BB 12 KB
13 KB 28ms
22ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date: Fri, 30 Apr 2021 01:14:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 98449
cf-polished: qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid: ABg5-UwfZ4nVHpNvcUTuYMyIr6uuXVz3qlsBIvOorRrnnrtvfD3dRc1R6KYjkNQUVep2T4Ljoj0gA-VgNbpGVY5IhXUnzs46Mg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12110
cf-request-id: 09c1f0c1c100004e207737f000000001
last-modified: Thu, 25 Jun 2020 11:29:58 GMT
server: cloudflare
etag: "ede1d9155590baa798351884fc949bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a6dYCXSEmt%2FJo9vEIOHz%2FChPDHh2pfQ%2BihxVgsg7j%2FzelrHGrWMX%2FJnhL6d3ba2AByxSpwi7UjVU6rb2%2F3%2BgCrIWSqW%2BVgRGXPZRuTJ81kf6m79sHv2h3MYSDQ%3D%3D"}],"max_age":604800}
x-goog-generation: 1593084598972955
content-type: image/webp
expires: Sat, 01 May 2021 01:14:46 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 42488
accept-ranges: bytes
cf-ray: 647cea493b474e20-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 81BB 10 KB
11 KB 18ms
13ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date: Fri, 30 Apr 2021 01:14:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 94600
cf-polished: qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid: ABg5-UxPWuUcYMty91oc80eqjvb_aWjYy4PAkDmo0KLJ16iI9Ic12rJJ3k4B6V_6kuvVHQZELWKDhdEgw-qIJXaYa8GIPLgPSw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10372
cf-request-id: 09c1f0c1c100004e20cc8fe000000001
last-modified: Fri, 18 Sep 2020 09:05:40 GMT
server: cloudflare
etag: "0d69fd9136fbb169fa63568d6c765a6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ENtGEelchQjD9v0SKtBd2qzl8e481FrpcuReII%2BWRLLFto5veSd%2FU44wRIOI6QvcZBmqO7lHgeuT0q%2FmaVhD360diKA2TU0CU5EhZP7bm7R4ZMSR8Q4No%2BPxuw%3D%3D"}],"max_age":604800}
x-goog-generation: 1600419940053465
content-type: image/webp
expires: Sat, 01 May 2021 01:14:46 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 12438
accept-ranges: bytes
cf-ray: 647cea493b494e20-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 81BB 38 KB
39 KB 28ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Fri, 30 Apr 2021 01:14:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 99387
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ABg5-Uzfqg_1oPARRCQROi9z0qYZiQLDmXOZt_pDhE3OJuRvKT_HofaZnJGrL12Jal_ve82CAsZdjo-fivk-pYyD1Ow
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39202
cf-request-id: 09c1f0c1c100004e2085aa9000000001
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=76NpDN%2F4mEYTGZQfQyuVxlowMLvGOqfjeXVvUl%2FZxgB7RJNfR%2F6U3JiQmPwtu4sq3mmSb79cTISz9epLtzQxvOywtVTUhRVf6VLx1xm34uAT7vgIx7jvR1btug%3D%3D"}],"max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sat, 01 May 2021 01:14:46 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 647cea493b4a4e20-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 81BB 113 KB
113 KB 16ms
14ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Fri, 30 Apr 2021 01:14:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 100996
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ABg5-UxlJ0Zw2gfcJi9DtvvT8nwBXuqyCM0cxwmyRUd_5bNbBX6sVkGPju3OoSeipdGwxST92NcXepZxHhFSpLFvqg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 115268
cf-request-id: 09c1f0c1c200004e20be918000000001
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AY4aAu8qZBzeeLk0RcU5QuZh0KAApxyR50dkSPb9eZqr0%2FcdX4dlcZHYf%2Bky2wJV1z%2FYxhEwTneNhchTEVxj54MZ1VUKPiM5%2BsSQ0qdN37ssOfBbz%2F8jxEODuw%3D%3D"}],"max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sat, 01 May 2021 01:14:46 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 647cea493b4d4e20-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 81BB 43 B
702 B 62ms
36ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkGoneid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 01:14:46 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 81BB 38 KB
38 KB 24ms
23ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Fri, 30 Apr 2021 01:14:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 580950
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ABg5-UzoVAfxQFgz6L9HcmHPW2e7eCBHNd0a2b8Kvrug8-8oPgzdAE-ChRdy7eBzZNRyXD7MxjB9gF3gK83zeR6hUB0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
cf-request-id: 09c1f0c1c200004e208b969000000001
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oPNMTlq1pjh0rPTRPLRqKat1qUt2Iu%2FOpAUxAlwxl5BncQ89sc69y%2FHIsIfF8X7HZ7KVzH470cP0R2d44Mpedftnollkn2va92pNufXXbkwjec%2BZ1nce7Ym26Q%3D%3D"}],"max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Sat, 01 May 2021 01:14:46 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 647cea493b4e4e20-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 81BB 84 KB
84 KB 24ms
22ms Image
image/jpeg 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Fri, 30 Apr 2021 01:14:46 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 620240
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ABg5-UwpHlAtA2qVPfv3ecx4V7j-_tqzuivxuNwBFwB9F0Tqg3buBEkTuErpWsLNYW6yOWM3URGwbMAmc2fRHKIfAFA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85604
cf-request-id: 09c1f0c1c200004e20d29c9000000001
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RdKue%2BCjOpJc0g9DBsng994tuNIYhDVPIluyd%2FJQY2AQvRnym%2Bab1g3TtoDg2Z37911i6PDs6J%2FlZbbqnWlVOKhBtwG%2FMHrxSSwL5pYFqkwTO%2B%2B%2Bb0OD01zN7w%3D%3D"}],"max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Sat, 01 May 2021 01:14:46 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 647cea493b4f4e20-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 81BB 12 KB
13 KB 177ms
99ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: bbe58670cc3980f0abb23967a73f754edfc17d7c273b252f1ddd59febf971f8b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 01:14:46 GMT
Last-Modified: Fri, 30 Apr 2021 01:14:46 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 81BB 12 KB
12 KB 178ms
103ms Script
text/html 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneid8QjCDfM8FKRWagHJHEtqCkr3hwtwT1Moneid__suite_Netmix_Reach43_Monat&viewref=oneidz4pFRfEYabqxtpHBHMtqtzX4sbtwTrkoneid__suite_Netmix_Reach43_Monat
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: d11a16cf5e5583b3b84dbae99286f2b1263ca9c18581b89fe0d9f36df2aefc21

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 01:14:46 GMT
Last-Modified: Fri, 30 Apr 2021 01:14:46 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 81BB 60 KB
60 KB 61ms
20ms Script
application/javascript 99.84.144.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-54.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 04:57:47 GMT
via: 1.1 5cf5bc69324ade55eebb5e539fa6c2fa.cloudfront.net (CloudFront)
last-modified: Thu, 22 Apr 2021 14:01:05 GMT
server: AmazonS3
age: 73020
etag: "4f1db9fdf90b4f2a5576501528dc54bc"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 61124
x-amz-cf-id: SEbG1xMu4amaW3qv6cJJmiF9QeXONshsycNltd3E-zvpkYwt0OEUag==

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 81BB 79 B
374 B 94ms
33ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TocI9uVuWNAR0odm_dhrxbuJjkWxv5iJ3A0KAGYidCw.5B0KB0DI1Re4GSrdU_1z12sZPuVr914VecL57GY5BNv_2TjV.4F1&wgcookie=%7B%22wgifp280795%22%3A%5B%221384975%22%2C%22280795%22%2C%223247721%22%2C%22%22%2C%221619745286%22%2C%22%22%2C%22%22%2C%22%22%2C%221627521286%22%2C%22oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat%22%5D%7D&wgchecksum=cabcdcd38432f7738db5c6913f152426&userIP=159.48.53.219&doAffectv=1&wgtime=1619745286
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Apr 2021 01:14:46 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 81BB 25 KB
26 KB 63ms
24ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidR4zugfQf31rSrCwH3tQt7KJfWtxtm47oneid__asuid2tyU4AbLULImC16GBmWm-OyYDrArdr5nasuid__webplexmedia_advancedad_MOBILE_728x90&wglinkid=3247721
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 01:14:46 GMT
Last-Modified: Fri, 30 Apr 2021 01:14:46 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK hit Show response
diapi.webgains.com/2.0/ Frame 81BB 79 B
374 B 92ms
31ms Script
text/javascript 81.29.72.47
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TocI9uVuW_iLs2dI_AIQjvEodUW2vqCRc7L1eLY6SKw.5B0KB0DI1Re4GSrdU_1z12sZPuVr914VecL57GY5BNv_2TjV.Asg&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221619745286%22%2C%22%22%2C%22%22%2C%22%22%2C%221775265286%22%2C%22oneidz4pFRfEYabqxtpHBHMtqtzX4sbtwTrkoneid__suite_Netmix_Reach43_Monat%22%5D%7D&wgchecksum=c096d454cde636bfff302df1a235fc00&userIP=159.48.53.219&doAffectv=1&wgtime=1619745286
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneid8QjCDfM8FKRWagHJHEtqCkr3hwtwT1Moneid__suite_Netmix_Reach43_Monat&viewref=oneidz4pFRfEYabqxtpHBHMtqtzX4sbtwTrkoneid__suite_Netmix_Reach43_Monat
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 81-29-72-47.servers.dedipower.net
Software: Apache /
Resource Hash: 17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Apr 2021 01:14:46 GMT
Server: Apache
Connection: close
Content-Length: 79
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 81BB 85 KB
85 KB 64ms
24ms Image
image/png 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidJ6zuzf5fK3YaBH6H7tptpPxTjtdtbJ7oneid__webplexmedia_advancedad_Desktop_300x250&wglinkid=713569
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=160&d=600&e=&g=9b4f085bda5748e53317c552e599c6dc%2F2107216875859331520&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23ywxxz6eeb9jfsmtw1h5dw91kpt17mvj04yxtnr0rv7pn0vg4gxf3g6z6ccc7z3c4vh2d97fvtsatn8jb8cjrbgbznhmsvfj2q7s4spg7fc4yfc4fanva5e5344m0z5fhhvkrvvzj1djzrr0163qgwvgj97cff380ytfv25xpkpb0xte3rbgam7918t98m9ajvn94he5b0mrqp2brjw37xshx858gb0hnybb9s2h5kcwmk37j63adja5h2a7dxw5bk4w%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCeOTWA1qLYM_kCfW4x_AP4ZGQsASQ4YGEXLaoworwAsCNtwEQASAAYJWKuILIB4IBF2NhLXB1Yi0xMDQ3NjQ0ODY3MzA5Mjk0oAHCrujdA8gBCakChpiY12NVtD6oAwGqBJcBT9Dk0pU5HK5fuLPsADuYEty-1CR_fp1Mfh-YXXi50JO0Kp0r1t71oycv526DXZlVDVG6Au0h27pQk_P61QgpREVLtJNZefVaG_XplHfrDQX2y91Mmx19oMBefPAgYWZN1naC_Y62TrXdAF0FbylvwVQbwp7Iraxey4WAdMb3C_1ELJOajUAAiwiNG3G17B9v_XZELi045IAGxt7yupvE1ORcoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiA4YAQEAH6CwIIAYAMAQ%2526num%253D1%2526sig%253DAOD64_0JaY4HwcJK11DRxNZCpAUrOoAFrA%2526client%253Dca-pub-1047644867309294%2526adurl%253D&y=0&z=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 01:14:46 GMT
Last-Modified: Fri, 30 Apr 2021 01:14:46 GMT
Server: Apache
Transfer-Encoding: chunked
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/png
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 81BB 63 B
270 B 114ms
36ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=k0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TocI9uVvFg4i.uJtHoqvynx9MsFyxYM914Ve_clrKU.0Y.KI.IZkb9WJMSuMtFjkVy85icCmVWN9e4WX3NlY5DtFrfs.7L.
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Apr 2021 01:14:46 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

GET
H/1.1 200
OK fp_decode.html Show response
track.webgains.com/ Frame 81BB 63 B
270 B 113ms
36ms Fetch
application/json 46.236.13.147
DEDIPOWER

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TocI9uVvFWiLs2dI_AIQjvEodUW2vqCRc7L1eLY6Rhw.5B0KB0DI1Re4GSrdU_1z12sZPuVr914VecL57GY5BNv_2TjV.E3p
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept: application/json
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 30 Apr 2021 01:14:46 GMT
Server: Apache
Connection: close
Keep-Alive: timeout=1, max=100
Content-Length: 63
Content-Type: application/json

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 96ms
29ms Preflight 54.72.18.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.72.18.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-18-9.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 30 Apr 2021 01:14:47 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 94ms
28ms Preflight 54.72.18.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Server: 54.72.18.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-18-9.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 30 Apr 2021 01:14:47 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 81BB 16 B
232 B 64ms
64ms Fetch
application/json 54.72.18.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.18.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-18-9.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Apr 2021 01:14:48 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.3.27
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tech-essence-clk.min.js Show response
analytics-wg.webgains.io/ Frame 81BB 44 KB
45 KB 97ms
33ms Script
application/javascript 13.224.106.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by: Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.106.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-106-100.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 23:07:37 GMT
via: 1.1 8747333bac66b8350649da1b14bbb5e5.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 10:42:29 GMT
server: AmazonS3
age: 7631
etag: "8c03dbb33c82f21c7644b0fbe99c300a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
content-length: 45522
x-amz-cf-id: aNujh3o4_CAobq_ecb5AF5QakFGw0sKGdF841HbeQUBoGwvUnWesEw==

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 81BB 16 B
232 B 97ms
96ms Fetch
application/json 54.72.18.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.18.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-18-9.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 30 Apr 2021 01:14:48 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.3.27
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

GET
H2 200 tag Show response
w-it.m-t.io/ Frame 81BB 18 B
205 B 54ms
32ms Script
application/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1619745287974
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:48 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: 6ff6dc1297ec25236631092406e79bec
cache-control: private
content-length: 38

GET
H2 200 tag Show response
w-it.m-t.io/ Frame 81BB 18 B
122 B 54ms
33ms Script
application/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/tag?type=impr&date=1619745287975
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 01:14:48 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
x-cloud-trace-context: 5a1151e964adea026020e41f923e826b
cache-control: private
content-length: 38

GET
H2 200 track Show response
w-it.m-t.io/ Frame 81BB 0
74 B 27ms
27ms Script
application/javascript 2a00:1450:4001:810::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://w-it.m-t.io/track?campaignId=1384975&clickId=12607_1384975_16197452867359_7baebcedb1&programId=12607&expiry=1775265286&acc=wg&scriptTag=&type=postview&indicator=df7fdf376058e01a1608907c6397971c&
Requested by: Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context: 57007a1a7ea5714e207b89ffcfe65cd2
server: Google Frontend
date: Fri, 30 Apr 2021 01:14:48 GMT
content-length: 0
content-type: application/javascript;charset=utf-8

Verdicts & Comments Add Verdict or Comment

145 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gayout.com/	1970-01-20 02:41:21	Name: _ym_d Value: 1619745280
.gayout.com/	1970-01-20 02:41:21	Name: _ym_uid Value: 1619745280542247989
.gayout.com/	1970-01-19 17:56:57	Name: _ym_isad Value: 2
.gayout.com/	1969-12-31 23:59:59	Name: 90e87e50b67241fc459451a438c43ee9 Value: b1dq63eu67ffbgstc6ahv9onv4

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.gayout.com/media/jui/js/jquery-migrate.min.js?43d8fe0c111e81693a3173e780f745ae(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]
console-api	log	URL: https://analytics.webgains.io/pvClk.min.js(Line 1) Message: Webgains [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
ad4mat.net
adservice.google.com
adservice.google.de
aff.bstatic.com
analytics-wg.webgains.io
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
assets.brandfolder.com
cf.bstatic.com
clients1.google.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
cse.google.com
diapi.webgains.com
external-frt3-2.xx.fbcdn.net
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
pt.gayout.com
rtb.openx.net
scontent-frt3-1.xx.fbcdn.net
scontent-frt3-2.xx.fbcdn.net
scontent.xx.fbcdn.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.xx.fbcdn.net
stats.g.doubleclick.net
tdns6.gtranslate.net
tpc.googlesyndication.com
track.webgains.com
translate.google.com
translate.googleapis.com
w-it.m-t.io
www.awin1.com
www.booking.com
www.facebook.com
www.gayout.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.googletagservices.com
www.gstatic.com
104.111.239.217
13.224.106.100
13.32.21.68
142.250.186.66
185.64.189.115
2.18.234.21
2001:41d0:203:98e7::888
212.199.184.174
216.58.212.130
2600:1901:0:76b9::
2600:9000:20e8:8c00:1f:e2ee:200:93a1
2606:4700:20::681a:ad1
2606:4700:3032::6815:57ae
2606:4700:3036::6815:325d
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:801::2003
2a00:1450:4001:808::2004
2a00:1450:4001:809::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2013
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:812::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9d
2a02:6b8::1:119
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.227.252.103
35.244.174.68
37.10.0.220
46.236.13.147
5.57.16.90
54.72.18.9
63.33.127.66
69.173.144.138
81.29.72.47
99.84.144.54
032e606f53cd2df585acc19dd69fbb3c2536d69a1240c213bf1ac31dfb9b268b
03331f532afdaf1cfcca267894d7698d7b42efa461526bda23cfb448eb84a3a3
068f35dd132804c7effcbca65f9398d34351339ed2fa7b20ef5e9a6221e76516
07f098f227e90d5e23b3a2a6728d43ed1ddb88c8b7a34f7503d3cc8db8cee216
09a0099bf7fefd4d080249360f6a41730158897b2c1613fe50eea9c5520eb9d8
0ad91aedc638626e212d21333328814116780f6007437038cfca563476108860
0b01b0858503cb5946f0c5c1b7c59a3be705eab43b2c6ce1526a7a7509ac63b9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc25fa3b32fcdcb0c8d6960ce7a9ec11627d8769d78a0fcc5c8d06a8a4a757d
0df292ee46eebb53fcf4d98f8735c3cb035e55f7419c68d3f5b2d9af07380a14
0eb8759d1844e47b41a5d8b53180d86eef9e5f84836728d48ac0fd672cc257e5
0fe3b9faabb14dd0bf83ae0848aa86f1520857f00c96913cc1217bd04909da12
1201774bc3b37cd32026b1432adede6e5a9b13fe32169fb927fbdd4344a30be0
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
1508b61b9a8524b02dc7d4319beef03360dad50a8a926d70524ce8299de0015b
15207816502835281f1a680e18eb417450f05c31814bfca65aeb1b5df59e242f
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
178afceb4d0719d6e04864d526a2f4873c1b8b4d8879a4247a0f6bd5438b4a31
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
1a3470014fb0acc59e99e287ee9d6e4be8d3ad850a3775704a13fafc8124b417
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1df72eb0c6f570ba6c078ebea6e42747f7e11f68bcccdb8c528f85ef39d46df0
1e2ca939c8ea6e474d75968c821c6b0e9a7d326dab593bb97478012372b20617
1e48ccaeb0b414ddcb1c8747d88e73b01acb5c91e28bfe435cec90f8286e12d2
20f1f71c4973cd627867f2393235d7ab6a38215aa0f19b3e9e9bc15e8b6238e0
20f7c83ab9dfdc1e88f4c3fafc0712492200ab738fb30660526bad9dcb7282dc
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
262d8e4b765c95725dbc801fef2c9d5f81f121a4c78fb34735a6da18aa3560ca
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2ab27ba665430dc53b5c11edb82abadc68c9d4694cf2c3e0b30d5943dfa05d6a
2b670c5f91e41bfa94429a80aaec904559a5ab9190dc26438554faecbb8fb852
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2f3123bf5f118d15ce4217e6ff89fde5b67cc022b09e9f1bff1ea6e931b3a853
306fe072a4cf3385af2a0c0185a8ec28771733ce3979d4408eb5175928472ea2
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
33c09ad5541630ddd97336563ab0c8c13396dce0075375a15a370bb90b29e6e7
35b67e0ec44bd86e5620e51324db8658e993518232abc2334334fb3b2eefce5b
36e498023f54ada3cc1298e84f7f99078381b67f0cae4587903aeac4a2f6c6bb
389c60c02127fbb2d7f6d23242d69505be132ff839c8cd3390eb400445c31ca4
38d3a4c7ee48954e91f5f7b482b4e0d1d053339734cb5e5b820ca28416f96463
3a464fa24f8876f2fbbb6d451b681542134619c87ac46407ad533acbce159296
3df28cede092d9f3eb4ced65063bc126e298b7e03c1f587a3f42dadc6909dbfc
423731a0d0407b735a6dc8f62a9fe00a3ce0ee816ddd7df37b847fabc6378212
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
43d8a8bb1d35e7b56ac55df06b15dedbdc1b7fb77f16e2b964c0aa0f826c8b17
446a3557adaeb7a0393315a752610709696e4ac9c5976aea2c9ccf57051df216
44bf1129f8652cba83be2b878b72a564546f518a65ffd5483100e251415434f6
4682132ae5bf4666afaadcb480559335add334d8f99c7224bc863a03b56d03f2
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c
48d85d17515cb7b8a4fd06feeb1609624014506eebfd4e404b1c7869f9599a56
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4c1c2e95835201077586a3698cd47806dd18df10d32a1e6cb6aa9e47224a55e3
4d305dfc78c067f837b65e351ad12a57a60c047b38b0ae8ea6832cb3dda37ad0
4fc216ed242cf1759ea9a3fd18de4ce4e610e6642a1406301d7dfb4dae062f46
4fea7bf7fcbcea2a00471a920621ece56c1879a1518b81a3f5e2c4166cce3cbe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
587fa9763e3d74ded3b64a843905f5541690582aad4976207e03743a7fb5f70e
5a80918362be428c3e2aff299d78f22bf0ccebb52242803598efd8683c89db96
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
5fad309eeae83a13f2436c828cf286095fa9945e4049de765eb37e622a210692
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
601642ecd5e7a89187e12278ef792ecfe176c4553f7dc792557177a4048488e2
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964
641e03dfeee60c05e0794bace5fc58d2fba409fee529a114459e44cee0d9d069
658037f76d909f3aaf6fe497687126ab3a5f85473a46fd14357adfb14ed70c40
66081d0b628a316284e2b57426aec191cb6e69a460c1a8f61858b9b9a443381f
66532c5e84dfe913aebf5c3547c509e121db20591003fbe1ff03b1eb013517b9
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69277104fbec1b4f46595f1189ac6ce4867c446c5874786c7feb59833e309977
69f81eea02cf09defcdb0c916f7ca869498f0d7045318c8ebfe469d2872cbbfa
6bb6c2b96f57c1ff39a6be65cdabfb069bb582428cf6dd990a4117bb1c1e228d
6d6986042f8000e3874f8a3419c3500e6679691e157a01fe34cf5494c9f3505b
6dd9db5077d0b37a76cd13d0a547f03e0ec2bd141bce16a4552635e07500efb5
72680e40b06c410ab066c42e2fdaa84aba459f5f303c80e558200df7374949af
727b71610239254fbeb9000a4774cf87b96bdd0c7eab1b781d67aa916ab6426e
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
732f2d6e7767e7978cf70554aec8f7b40d5d6da4b601e528f136473c1b965c93
74fd0705ac2f2149261eb8cad89d6de0e865680a30a6c5a41ae58b1f2e691c7c
77b13ffcb475664252e3cd115b4567bbbc183e35592a5627fe6ec7b304d14cc1
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7aaa857b8b8ebbb1203e9d8a23fa4250859cb3ee59377f9e3da779e796d2794e
7b21312f7ec23daab9ea38f39572a6b2cb31b93767196a8a50b6ca0c766a9015
7c442020a40d62b0b1350b0a3ca3ec6a4cbf655da878839a12eca2e09b550f89
7d73a92a2ff49ae0c5a4c372ae8912c7bc38f310c03726a28cf5b0357b314915
7dc515c961ca9d4d269aed521fa84eeb12efc3159114efc3d49bcb79aa64ef15
7f98c5a3b8d88d13e54c0887a67ef6c98c022b8edeb2372a6e076bd83c4e4254
7fd555008b4626ecf82c670b00969ba1f8c5c1310e4cf6d912da101109901e4f
80f35659d030651ea3acc6d6e97475b42eaa60d5700e83f9623cf90904d42cec
83617fdf42c2457abd24c043606c8ad4bacfd7fe6fce42dfa5d16f4fbec523dc
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
86b44317b0f095ac70ae6cb4180f9089370c288eee724a522eee15b51ec74651
86e0bf23359d374db6b612dfb616cdc7b3df54a9f3288c27341e93c90b26d9be
88d32cb380c8accd245e33fae7d1ede15212de9267688c84b0ff7a9c53e956d4
8a3caa638ff4b4388666c6bb94d23deb22d69d7fa11620796400dd8f88c4e27f
8bad011345c7f6c9ee570f2b4e7ba51141ced4be0c6e398a6bad2f3b418c9c98
8c2ad9254589a597b65dae284a6da49dbfe1e3c8e628b03b80883d980fb6435e
8eb8e329fc4f6c74873ebc2dc761dd9f6cee6d2bd789dabce012eb18eee6f580
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
98bc67564a6fc05f55ba7e8d5fc8c7c8a1d7aaeb10ef4660a2a184c65b06ce14
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9afc14c1ac2584619b29bf2232f3ddd9da032d3acdf769e48ff7736f55a16e4e
9c4462e34e859b745421af878add4a9e78e3ddbbe0d730c79869ee83411bf7d7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a730a4e9d3d0612c3a6918e096c39c5697614b2792b98f503439fc09afd764a1
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b05a70f3607a6dcb9571d123f91031794e73ad5faa79b08408fb3827b1e14b3c
b25035aa09ac461e3e822e9206e4ae48ce81b7a2dc0062e0ca66288a1c630156
b2f427b81d2cd6b074915f5bdc52f4515aafa958e2a2537a605caf17ca9edc51
b37b99b0ba27589ff83639f4ab1b922e9fcdf3e695456a3aab0e6004fdd49f9e
b40bd50a4795ccd4a8b88ff70fb14074d2f0bf599e072e98ccd302cfeb436b8a
b675c42f697b3957fa81e7aaf7b5884f42d82c2060e5333f7b2b562e2af830ef
b8116713667260246a9e6ed70800af53d7bd65657d59e3cb8e1e7bfecbdb21de
bbe58670cc3980f0abb23967a73f754edfc17d7c273b252f1ddd59febf971f8b
bd117a950e78c0f646143c3d7f626fb8a86b7dac55848b8d058820b6a713f166
c0cdcf3224a18d66039b74a6a0c70977585d75d5ed67ba23a6b5eab8c0a2ba7e
c1c24d6a7ce4bd24b1f3f51ab6f74667c94263fa4b109cc3ff32f4f22848087f
c553ef7271334af93285181e0b891ecc964712f12d02af54ecee9c58354c71e6
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf
c8caed93847affc154cb3d424e34fc146e7340bb29abebd5eba7063e3dca0604
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca537b74a51c73d56a401ea7d361ad32f692558ab321b86a8fb0979f2927712c
cc8800adb1f4c227266b1b8ec0ab889d33b7d328f58f61b56b51da24254bf668
d11a16cf5e5583b3b84dbae99286f2b1263ca9c18581b89fe0d9f36df2aefc21
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d13731bcc49e63e626a2afa902c0ff43260dd0014cb4eda405a5ceb50104c788
d29e434aba4c4232ab3a5f34382c7290b8a5b7c0a086b132ae174b18337bfac0
d362fbce016fbd671f5d81d5f15dc8105990df64eae32d71ce02b6fb538f2e83
d42d52be0d081dfa2b82d5e43a77e42acee56155679e96c649bcf69f0189f3be
d8a74aa94f15fb440bd0ba99eef7d3d01fa1a7ec4d1ff82f1d12367825e9e42e
d8d780cf17d57da2e7ff421667a6221a32831b83ffa904c0b480ba5f9c285974
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
db6a5336e2618c87434332fd2b694237d21dc5ffccc2286eb3b92fb50e16c748
dbe652fcac44a3ab78d9c897470e28204d3bc3a45db8ea6bbc945a25b371b9df
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
df1cf59e59e3cc010a299f228741409091156fe3bd8f515f5c224c274bffaa01
e092cb5f49ede56659d664a7cae26fd81bca6d7b54279e9e7c9888fb33d3d232
e313793ceb1a3eee2e2e7226f49a199e1783e6692129ba718d10df4a4bedef3a
e325203bdd672c69aac90b9eda655efa937fb33a54f3e000a887bac34b80d20e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c37aa402d060ff9a8c441cd6918a1859cb6358eee091d9b7a7a6b12447e74b
e51b8b0e1bd3964da2aa7ed33421f9df808a880cc6ba077cce99971e7efade4d
e7033c5dee8c34a1e70384711692e36a4fea1c5492bfa1b2828ec98f08829671
e93c890255c2f00e56e0f1d83af4c08fd4456f8e2ae064f04c1d944ebb5ae26b
ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2
eb23e00b2963134b6445eeb6d5a764ccded7a2b51c1066910beb15fbab2b7cac
ec9e5f73690e9e6f199bdb463ce1ecd83960019884fdef77d916c3a8aa14a76e
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee4a08363fe42debed73dfe1674156f1f1131ae3aa3a54e22a2d33d845059726
ee7c80853b4bfaa20f8ac333212fe6331a351195bcf0740359b62081ca3a7407
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25aebef7c5b576071a6f97559078c0a17f5d3130f2cdb8d74f04872ec8fb333
f56bda233baec82a67f1f5bbefc6be0a51c34a79a76230d1395334dc914830e0
f5820244a2bb1a21fb966e2a417d1c12f43ad67d33c1275338d1b3d67caad567
f5c5ec593984680f6679f2dce7db3acb9754e80ebde1c717d3fa7d51f0a05bed
f65f3aeed46b79940849fa2022f2cbdf368288de9046f2b3da075c42f9dde8f6
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
f992d4e165a593df5d567f6ad58aae2b9609cc3870a5eb91483268e5b48c3e77
fd0370177238527421278d27eb652e22a25d20784438f81f114b09f5a349e06d
fdbb995458f6b6f28ba8ad20b662687f9b83edb8f74034f7243161086e7e54cb
fddf9e42ec2c42150e0396945088c41b1291104d971e817b4a7551a6aee949e7
fe1dacb40fad76401e1e41e8c911ccedb5acce94e18584a6b1514b14051b8fa4
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

pt.gayout.com Open in urlscan Pro 2001:41d0:203:98e7::888 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

216 Requests

100 %HTTPS

63 %IPv6

32 Domains

54 Subdomains

43 IPs

9 Countries

2909 kBTransfer

6762 kBSize

4 Cookies

33 Outgoing links

Redirected requests

216 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pt.gayout.com Open in urlscan Pro
2001:41d0:203:98e7::888 Public Scan

Screenshot
Live screenshot

Full Image

216
Requests

100 %
HTTPS

63 %
IPv6

32
Domains

54
Subdomains

43
IPs

9
Countries

2909 kB
Transfer

6762 kB
Size

4
Cookies

216 HTTP transactions
2 data transactions