uhgy.v5-amironetwork.site Open in urlscan Pro
185.143.234.122  Public Scan

155 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

• http://www.googletagmanager.com/gtag/js?id=UA-93979-3 HTTP 302
• https://www.googletagmanager.com/gtag/js?id=UA-93979-3

Request Chain 13

• http://www.googletagmanager.com/gtag/js?id=G-L5G253TYHN&l=dataLayer&cx=c HTTP 307
• https://www.googletagmanager.com/gtag/js?id=G-L5G253TYHN&l=dataLayer&cx=c

Request Chain 15

• http://www.googletagmanager.com/gtag/js?id=UA-93979-13&l=dataLayer&cx=c HTTP 307
• https://www.googletagmanager.com/gtag/js?id=UA-93979-13&l=dataLayer&cx=c

Request Chain 19

• https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5683423891543025&output=html&h=90&slotname=3835126996&adk=694708807&adf=192984970&pi=t.ma~as.3835126996&w=728&lmt=1685715361&url=http%3A%2F%2Fuhgy.v5-amironetwork.site%2F&wgl=1&dt=1685715360483&bpp=17&bdt=758&idt=581&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&correlator=8034017724582&frm=20&pv=2&ga_vid=180218937.1685715361&ga_sid=1685715361&ga_hid=1693003559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=103&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31074963%2C44772269%2C44788442&oid=2&pvsid=3415637815940570&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=kfS3tHXYk5&p=http%3A//uhgy.v5-amironetwork.site&dtd=604 HTTP 302
• https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp

Request Chain 21

• https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5683423891543025&output=html&h=250&slotname=8684128999&adk=420014537&adf=3304480808&pi=t.ma~as.8684128999&w=300&lmt=1685715361&url=http%3A%2F%2Fuhgy.v5-amironetwork.site%2F&wgl=1&dt=1685715360562&bpp=15&bdt=836&idt=541&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3835126996%2C9482378846&correlator=8034017724582&frm=20&pv=1&ga_vid=180218937.1685715361&ga_sid=1685715361&ga_hid=1693003559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=610&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31074963%2C44772269%2C44788442&oid=2&pvsid=3415637815940570&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=weciPW0JFT&p=http%3A//uhgy.v5-amironetwork.site&dtd=547 HTTP 302
• https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp

Request Chain 54

• https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662100051110525&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662100051110525&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D HTTP 302
• https://a.tribalfusion.com/i.match?p=b13&u=79062689727365971252166414548284592880

Request Chain 56

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662100051110525%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662100051110525%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662100051110525&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
• https://a.tribalfusion.com/i.match?p=b11&u=2C546569-80C9-4960-B563-263F6DE727DF

Request Chain 57

• https://a.tribalfusion.com/i.match?p=b22&u=18072662100051110525&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662100051110525

Request Chain 58

• https://a.tribalfusion.com/i.match?p=b24&u=18072662100051110525&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662100051110525

Request Chain 59

• https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662100051110525 HTTP 302
• https://a.tribalfusion.com/i.match?p=b23&u=217553104535003010648

Request Chain 61

• https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662100051110525&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662100051110525&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=0269e770-0150-11ee-ad49-1626150c0406 HTTP 302
• https://a.tribalfusion.com/i.match?p=b19&u=0269e720-0150-11ee-ad49-1626150c0406

Request Chain 62

• https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662100051110525&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662100051110525&C=1 HTTP 302
• https://a.tribalfusion.com/i.match?p=b20&u=ZHn5pNnGxvk-Z3vsrXswHwAA

Request Chain 63

• https://tags.bluekai.com/site/4229?id=18072662100051110525&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
• https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID

Request Chain 64

• https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662100051110525&_origin=1&redir=true HTTP 302
• https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662100051110525&_origin=1&redir=true&verify=true HTTP 302
• https://a.tribalfusion.com/i.match?p=b17&u=y-HEWXP75E2ugiIrp6REGP.09vSWN17x0-~A

Request Chain 65

• https://a.tribalfusion.com/i.match?p=b10&u=18072662100051110525&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662100051110525&expires=180

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response uhgy.v5-amironetwork.site/	49 KB 10 KB	1070ms 794ms	Document text/html	185.143.234.122 ARVANCLOUD-CDN-
General Check archive.org Show headers Download Go to Full URL http://uhgy.v5-amironetwork.site/ Protocol HTTP/1.1 Server 185.143.234.122 , Iran, Islamic Republic Of, ASN205585 (ARVANCLOUD-CDN-, IR), Reverse DNS Software ArvanCloud / ASP.NET Resource Hash 92f5bbf071461322a478e811a172def984d73be81483f811078604061cf0dbbc Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-control private Connection keep-alive Content-Encoding gzip Content-Type text/html Date Fri, 02 Jun 2023 14:15:59 GMT Keep-Alive timeout=65 Server ArvanCloud Server-Timing total;dur=712 Transfer-Encoding chunked Vary Accept-Encoding X-Cache BYPASS X-Powered-By ASP.NET X-Request-ID c6a757f5a8601d63bc5a3177d90ecabb X-SID 4102 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	styles.css translation2.paralink.com/css/	13 KB 13 KB	542ms 179ms	Stylesheet text/css	207.38.103.240 DATABANK-LATISYS
General Check archive.org Show headers Download Go to Full URL http://translation2.paralink.com/css/styles.css?v=1.4 Requested by Host: uhgy.v5-amironetwork.site URL: http://uhgy.v5-amironetwork.site/ Protocol HTTP/1.1 Server 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US), Reverse DNS Software Microsoft-IIS/6.0 / ASP.NET Resource Hash 85333a5c85f48ba8562864ee65c09fc66b27bf84f93ee5e211d4037b5d4cbe49 Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Fri, 02 Jun 2023 14:15:59 GMT Last-Modified Sat, 22 Apr 2023 18:56:00 GMT Server Microsoft-IIS/6.0 ETag "0e023144c75d91:82884" X-Powered-By ASP.NET Content-Type text/css Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 12807
GET H/1.1	200 OK	scripts.js Show response translation2.paralink.com/js/	25 KB 25 KB	554ms 191ms	Script application/x-javascript	207.38.103.240 DATABANK-LATISYS
General Check archive.org Show headers Download Go to Full URL http://translation2.paralink.com/js/scripts.js?v=1.4 Requested by Host: uhgy.v5-amironetwork.site URL: http://uhgy.v5-amironetwork.site/ Protocol HTTP/1.1 Server 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US), Reverse DNS Software Microsoft-IIS/6.0 / ASP.NET Resource Hash cb82756945488e584e6b5491e0496f2e89b883be641659ce2810e776de55db84 Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Fri, 02 Jun 2023 14:15:59 GMT Last-Modified Sat, 22 Apr 2023 18:58:00 GMT Server Microsoft-IIS/6.0 ETag "06caa5b4c75d91:83820" X-Powered-By ASP.NET Content-Type application/x-javascript Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 25319
GET H2	200	js Show response www.googletagmanager.com/gtag/ Redirect Chain http://www.googletagmanager.com/gtag/js?id=UA-93979-3 https://www.googletagmanager.com/gtag/js?id=UA-93979-3	122 KB 48 KB	177ms 56ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-93979-3 Requested by Host: uhgy.v5-amironetwork.site URL: http://uhgy.v5-amironetwork.site/ Protocol H2 Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash af203eab05594dc997a52f90b3a1161ecb0217c0b1f0f04c816fd3d2b61867fe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 48374 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 02 Jun 2023 14:16:00 GMT Redirect headers Location https://www.googletagmanager.com/gtag/js?id=UA-93979-3 Date Fri, 02 Jun 2023 14:16:00 GMT Cross-Origin-Resource-Policy cross-origin Server Google Tag Manager Content-Length 251 X-XSS-Protection 0 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	show_ads.js Show response pagead2.googlesyndication.com/pagead/	92 KB 34 KB	141ms 87ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/show_ads.js Requested by Host: uhgy.v5-amironetwork.site URL: http://uhgy.v5-amironetwork.site/ Protocol HTTP/1.1 Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d0c663b88bad7864f06ee1996db8574852c986b98b55224c0edf9caec3a766f9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Fri, 02 Jun 2023 14:15:59 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe ETag 14438212151973573701 Vary Accept-Encoding Content-Type text/javascript; charset=UTF-8 P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=3600 Cross-Origin-Resource-Policy cross-origin Content-Disposition attachment; filename="f.txt" Timing-Allow-Origin * Content-Length 34514 X-XSS-Protection 0 Expires Fri, 02 Jun 2023 14:15:59 GMT
GET H/1.1	200 OK	Support-Our-Development-Ko.png translation2.paralink.com/img/	3 KB 3 KB	382ms 181ms	Image image/png	207.38.103.240 DATABANK-LATISYS
General Check archive.org Show headers Download Go to Show image Full URL http://translation2.paralink.com/img/Support-Our-Development-Ko.png Requested by Host: uhgy.v5-amironetwork.site URL: http://uhgy.v5-amironetwork.site/ Protocol HTTP/1.1 Server 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US), Reverse DNS Software Microsoft-IIS/6.0 / ASP.NET Resource Hash 14ca4f15c5e4303ffc5f603d34a2111202466af56d0eb54f8d27bc17685a9d98 Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Fri, 02 Jun 2023 14:16:00 GMT Last-Modified Sat, 22 Apr 2023 18:57:00 GMT Server Microsoft-IIS/6.0 ETag "026e7374c75d91:82884" X-Powered-By ASP.NET Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 2667
GET H/1.1	200 OK	ImT-logo.gif translation2.paralink.com/img/	752 B 1 KB	200ms 182ms	Image image/gif	207.38.103.240 DATABANK-LATISYS
General Check archive.org Show headers Download Go to Show image Full URL http://translation2.paralink.com/img/ImT-logo.gif Requested by Host: uhgy.v5-amironetwork.site URL: http://uhgy.v5-amironetwork.site/ Protocol HTTP/1.1 Server 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US), Reverse DNS Software Microsoft-IIS/6.0 / ASP.NET Resource Hash f49a95f1bd2919438a04dd4bb7257f5467acf0bbe6ec109701a4683be4d68e28 Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Fri, 02 Jun 2023 14:16:00 GMT Last-Modified Sat, 22 Apr 2023 18:57:00 GMT Server Microsoft-IIS/6.0 ETag "026e7374c75d91:82884" X-Powered-By ASP.NET Content-Type image/gif Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 752
GET H/1.1	200 OK	box.gif translation2.paralink.com/img/	1 KB 1 KB	200ms 183ms	Image image/gif	207.38.103.240 DATABANK-LATISYS
General Check archive.org Show headers Download Go to Show image Full URL http://translation2.paralink.com/img/box.gif Requested by Host: uhgy.v5-amironetwork.site URL: http://uhgy.v5-amironetwork.site/ Protocol HTTP/1.1 Server 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US), Reverse DNS Software Microsoft-IIS/6.0 / ASP.NET Resource Hash cb524103f938b9db7f4d6ccf41250cd22458f1dfb83701231f018c9f20fea5be Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Fri, 02 Jun 2023 14:16:00 GMT Last-Modified Sat, 22 Apr 2023 18:57:00 GMT Server Microsoft-IIS/6.0 ETag "026e7374c75d91:82884" X-Powered-By ASP.NET Content-Type image/gif Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1024
GET H/1.1	200 OK	speaker.gif translation2.paralink.com/img/	2 KB 2 KB	446ms 256ms	Image image/gif	207.38.103.240 DATABANK-LATISYS
General Check archive.org Show headers Download Go to Show image Full URL http://translation2.paralink.com/img/speaker.gif Requested by Host: uhgy.v5-amironetwork.site URL: http://uhgy.v5-amironetwork.site/ Protocol HTTP/1.1 Server 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US), Reverse DNS Software Microsoft-IIS/6.0 / ASP.NET Resource Hash 4db411de619cc7d9410fef1f170f1ca80d56560fe9ab64820cb386adc462a65b Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Fri, 02 Jun 2023 14:16:00 GMT Last-Modified Sat, 22 Apr 2023 18:57:00 GMT Server Microsoft-IIS/6.0 ETag "026e7374c75d91:83820" X-Powered-By ASP.NET Content-Type image/gif Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1774
GET H/1.1	200 OK	ImT-logo-big.gif translation2.paralink.com/img/	1 KB 1 KB	446ms 256ms	Image image/gif	207.38.103.240 DATABANK-LATISYS
General Check archive.org Show headers Download Go to Show image Full URL http://translation2.paralink.com/img/ImT-logo-big.gif Requested by Host: uhgy.v5-amironetwork.site URL: http://uhgy.v5-amironetwork.site/ Protocol HTTP/1.1 Server 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US), Reverse DNS Software Microsoft-IIS/6.0 / ASP.NET Resource Hash 26676486e16da3a08f2deae4f3838148491e0b9cb206d7bc20c17d05b2135f9d Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Fri, 02 Jun 2023 14:16:00 GMT Last-Modified Sat, 22 Apr 2023 18:57:00 GMT Server Microsoft-IIS/6.0 ETag "026e7374c75d91:83820" X-Powered-By ASP.NET Content-Type image/gif Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1099
GET H2	200	counter.js Show response www.statcounter.com/counter/	44 KB 15 KB	187ms 61ms	Script application/javascript	104.20.218.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.statcounter.com/counter/counter.js Requested by Host: uhgy.v5-amironetwork.site URL: http://uhgy.v5-amironetwork.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e664ff627fa057cb49704f616b51e2bb69cb23e8f03c3f2a7e3c71734d9501fd Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:00 GMT content-encoding br cf-cache-status HIT last-modified Thu, 01 Jun 2023 09:49:34 GMT server cloudflare age 36446 etag W/"647869ae-ae4f" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 cf-ray 7d104fcbf9bf3a9a-FRA expires Fri, 02 Jun 2023 16:08:34 GMT
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/	351 KB 118 KB	228ms 115ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5683423891543025&plah=uhgy.v5-amironetwork.site Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c9fa9a8b4d1837f07e2dc01d736a7400c7866d6814e4a6120780db1d439da1cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:00 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 120659 x-xss-protection 0 server cafe etag 7566346810802375440 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 02 Jun 2023 14:16:00 GMT
GET H/1.1	200 OK	t2-set.png translation2.paralink.com/img/	965 B 1 KB	360ms 182ms	Image image/png	207.38.103.240 DATABANK-LATISYS
General Check archive.org Show headers Download Go to Show image Full URL http://translation2.paralink.com/img/t2-set.png Requested by Host: translation2.paralink.com URL: http://translation2.paralink.com/css/styles.css?v=1.4 Protocol HTTP/1.1 Server 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US), Reverse DNS Software Microsoft-IIS/6.0 / ASP.NET Resource Hash dd105974ecac0027e187ae1ca2cc3aa4d0ec1d688fb0b2ac26794b46822678f9 Request headers accept-language de-DE,de;q=0.9 Referer http://translation2.paralink.com/css/styles.css?v=1.4 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Date Fri, 02 Jun 2023 14:16:00 GMT Last-Modified Sat, 22 Apr 2023 18:57:00 GMT Server Microsoft-IIS/6.0 ETag "026e7374c75d91:82884" X-Powered-By ASP.NET Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 965
GET H2	200	t.php Show response c.statcounter.com/	193 B 479 B	200ms 178ms	XHR application/json	104.20.218.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.statcounter.com/t.php?sc_project=1124078&u1=DBF5610A24084F2FB38920B781399C35&java=1&security=835b2414&sc_snum=1&sess=c61bc8&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//uhgy.v5-amironetwork.site/&t=Free%20Translation%20Online&invisible=1&sc_rum_e_s=2028&sc_rum_e_e=2033&sc_rum_f_s=0&sc_rum_f_e=2025&get_config=true Requested by Host: www.statcounter.com URL: https://www.statcounter.com/counter/counter.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f62edd4d137ec20dfecec1bc8b0baade5c633956bd1cff9db4f4614e7085f425 Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:00 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare content-type application/json access-control-allow-origin http://uhgy.v5-amironetwork.site p3p policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR" access-control-allow-credentials true cf-ray 7d104fcc8a8b3a9a-FRA expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	404	js www.googletagmanager.com/gtag/ Redirect Chain http://www.googletagmanager.com/gtag/js?id=G-L5G253TYHN&l=dataLayer&cx=c https://www.googletagmanager.com/gtag/js?id=G-L5G253TYHN&l=dataLayer&cx=c	0 0	52ms 49ms	Script text/html	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-L5G253TYHN&l=dataLayer&cx=c Requested by Host: uhgy.v5-amironetwork.site URL: http://uhgy.v5-amironetwork.site/ Protocol H2 Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Redirect headers Location https://www.googletagmanager.com/gtag/js?id=G-L5G253TYHN&l=dataLayer&cx=c Non-Authoritative-Reason HSTS Cross-Origin-Resource-Policy Cross-Origin
GET H2	200	analytics.js Show response www.google-analytics.com/	51 KB 21 KB	142ms 39ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: http://www.googletagmanager.com/gtag/js?id=UA-93979-3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 02 Jun 2023 12:35:34 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 6027 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Fri, 02 Jun 2023 14:35:34 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/ Redirect Chain http://www.googletagmanager.com/gtag/js?id=UA-93979-13&l=dataLayer&cx=c https://www.googletagmanager.com/gtag/js?id=UA-93979-13&l=dataLayer&cx=c	119 KB 46 KB	53ms 50ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-93979-13&l=dataLayer&cx=c Requested by Host: uhgy.v5-amironetwork.site URL: http://uhgy.v5-amironetwork.site/ Protocol H2 Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5fc59fa71fb941ae13850787f3b8d7aa6c3e62215012ee86a5651aedba989773 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:00 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 47318 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 02 Jun 2023 14:16:00 GMT Redirect headers Location https://www.googletagmanager.com/gtag/js?id=UA-93979-13&l=dataLayer&cx=c Non-Authoritative-Reason HSTS Cross-Origin-Resource-Policy Cross-Origin
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	407 B 608 B	146ms 54ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=uhgy.v5-amironetwork.site&callback=_gfp_s_&client=ca-pub-5683423891543025 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5683423891543025&plah=uhgy.v5-amironetwork.site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ac95bb4ad569c6ef697eb607420aaa9026682a8ce2e2eefc73d49cf7644a4b9e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:01 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 256 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 531 B	145ms 49ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=uhgy.v5-amironetwork.site Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5683423891543025&plah=uhgy.v5-amironetwork.site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:01 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	166ms 52ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=uhgy.v5-amironetwork.site Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5683423891543025&plah=uhgy.v5-amironetwork.site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://uhgy.v5-amironetwork.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:01 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H/1.1	200 OK	TF_PROMTOnline_ROSB_728x90.asp Show response translation2.paralink.com/BANNERS/Ad_networks/TF/ Frame F901 Redirect Chain https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5683423891543025&output=html&h=90&slotname=3835126996&adk=694708807&adf=192984970&pi=t.ma~as.3835126996&w=728&lmt=1685715361&url=http%3A... https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp	262 B 561 B	738ms 196ms	Document text/html	207.38.103.240 DATABANK-LATISYS
General Check archive.org Show headers Download Go to Full URL https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5683423891543025&plah=uhgy.v5-amironetwork.site Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US), Reverse DNS Software Microsoft-IIS/6.0 / ASP.NET Resource Hash bee43429a2bfeecd51d6e8cd109936eb2131580c631fa7110d71b9e2fec24a09 Request headers Referer http://uhgy.v5-amironetwork.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-control private Connection Keep-Alive Content-Length 262 Content-Type text/html Date Fri, 02 Jun 2023 14:16:01 GMT Keep-Alive timeout=5, max=100 Server Microsoft-IIS/6.0 X-Powered-By ASP.NET Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 02 Jun 2023 14:16:01 GMT location https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	403	ads Show response googleads.g.doubleclick.net/pagead/ Frame 33B1	603 B 507 B	167ms 80ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5177611512099267&output=html&h=60&slotname=9482378846&adk=2700236837&adf=111965227&pi=t.ma~as.9482378846&w=468&lmt=1685715361&url=http%3A%2F%2Fuhgy.v5-amironetwork.site%2F&wgl=1&dt=1685715360504&bpp=50&bdt=778&idt=589&shv=r20230531&mjsv=m202305300101&ptt=5&saldr=sa&abxe=1&prev_slotnames=3835126996&correlator=8034017724582&frm=20&pv=2&ga_vid=180218937.1685715361&ga_sid=1685715361&ga_hid=1693003559&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=135&ady=208&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31074963%2C44772269%2C44788442&oid=2&pvsid=3415637815940570&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=yTKYdaDMT0&p=http%3A//uhgy.v5-amironetwork.site&dtd=594 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5683423891543025&plah=uhgy.v5-amironetwork.site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://uhgy.v5-amironetwork.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 02 Jun 2023 14:16:01 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	TF_PROMTOnline_ROSB_300x250.asp Show response translation2.paralink.com/BANNERS/Ad_networks/TF/ Frame 9EFD Redirect Chain https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5683423891543025&output=html&h=250&slotname=8684128999&adk=420014537&adf=3304480808&pi=t.ma~as.8684128999&w=300&lmt=1685715361&url=http%... https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp	264 B 563 B	734ms 192ms	Document text/html	207.38.103.240 DATABANK-LATISYS
General Check archive.org Show headers Download Go to Full URL https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5683423891543025&plah=uhgy.v5-amironetwork.site Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 207.38.103.240 Stanton, United States, ASN5693 (DATABANK-LATISYS, US), Reverse DNS Software Microsoft-IIS/6.0 / ASP.NET Resource Hash 7550f8b99af7bb456f19ae659dd656fba05043249af4c7bc7b2e95b0877de1b1 Request headers Referer http://uhgy.v5-amironetwork.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-control private Connection Keep-Alive Content-Length 264 Content-Type text/html Date Fri, 02 Jun 2023 14:16:02 GMT Keep-Alive timeout=5, max=100 Server Microsoft-IIS/6.0 X-Powered-By ASP.NET Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 02 Jun 2023 14:16:01 GMT location https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 213 B	49ms 47ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1693003559&t=pageview&_s=1&dl=http%3A%2F%2Fuhgy.v5-amironetwork.site%2F&ul=en-us&de=UTF-8&dt=Free%20Translation%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=781632081&gjid=219937527&cid=180218937.1685715361&tid=UA-93979-3&_gid=1423537056.1685715361&_r=1&gtm=457e35v0&jsscut=1&z=813073172 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://uhgy.v5-amironetwork.site/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 02 Jun 2023 14:16:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://uhgy.v5-amironetwork.site cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 66 B	50ms 49ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1693003559&t=pageview&_s=1&dl=http%3A%2F%2Fuhgy.v5-amironetwork.site%2F&ul=en-us&de=UTF-8&dt=Free%20Translation%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAACAAI~&jid=333152630&gjid=749581219&cid=180218937.1685715361&tid=UA-93979-13&_gid=1423537056.1685715361&_r=1&gtm=457e35v0&jsscut=1&z=1153112534 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://uhgy.v5-amironetwork.site/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 02 Jun 2023 14:16:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin http://uhgy.v5-amironetwork.site cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tags.js Show response tags.expo9.exponential.com/tags/PROMTOnline/ROSB/ Frame 9EFD	59 KB 14 KB	340ms 227ms	Script application/x-javascript	2606:4700::6812:cdb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.expo9.exponential.com/tags/PROMTOnline/ROSB/tags.js Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:cdb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef56e31242694f3b9f8f30cca5a100584e06ecf174e014d183884468abfba4d2 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:02 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400 content-length 14135 x-function 151 last-modified Fri, 17 Feb 2023 18:05:21 GMT server cloudflare x-reuse-index 55 etag 7432061074000468404 vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, private cf-ray 7d104fd6adde049f-FRA expires Fri, 02 Jun 2023 15:16:02 GMT
GET H2	200	tags.js Show response tags.expo9.exponential.com/tags/PROMTOnline/ROSB/ Frame F901	59 KB 14 KB	314ms 222ms	Script application/x-javascript	2606:4700::6812:cdb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tags.expo9.exponential.com/tags/PROMTOnline/ROSB/tags.js Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:cdb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef56e31242694f3b9f8f30cca5a100584e06ecf174e014d183884468abfba4d2 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:02 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NOI DEVo TAIa OUR BUS" alt-svc h3=":443"; ma=86400 content-length 14135 x-function 151 last-modified Fri, 17 Feb 2023 18:05:21 GMT server cloudflare x-reuse-index 22 etag 7432061074000468404 vary Accept-Encoding content-type application/x-javascript cache-control max-age=3600, private cf-ray 7d104fd6ade0049f-FRA expires Fri, 02 Jun 2023 15:16:02 GMT
GET H2	200	displayAd.js Show response s.tribalfusion.com/ Frame F901	677 B 625 B	307ms 221ms	Script application/x-javascript	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/displayAd.js?dver=0.9&th=7109505338 Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/PROMTOnline/ROSB/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ebec17dbb721473362acc835644a924810df079505b00ca4164ed4e4cb7c8a9 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:02 GMT content-encoding gzip cf-cache-status DYNAMIC x-function 153 last-modified Fri, 17 Feb 2023 18:04:49 GMT server cloudflare x-reuse-index 50 vary Accept-Encoding content-type application/x-javascript p3p CP="NOI DEVo TAIa OUR BUS" cache-control private cf-ray 7d104fd8ac443a7a-FRA alt-svc h3=":443"; ma=86400 content-length 329 expires Thu, 31 Aug 2023 14:16:02 GMT
GET H2	200	displayAd.js Show response s.tribalfusion.com/ Frame 9EFD	677 B 844 B	294ms 211ms	Script application/x-javascript	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/displayAd.js?dver=0.9&th=7109505338 Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/PROMTOnline/ROSB/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7c5c3b33cc967a02f8c7f23cd6f742a3b0219256819cbf4061608a20f377d46b Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:02 GMT content-encoding gzip cf-cache-status DYNAMIC x-function 153 last-modified Fri, 17 Feb 2023 18:04:49 GMT server cloudflare x-reuse-index 443 vary Accept-Encoding content-type application/x-javascript p3p CP="NOI DEVo TAIa OUR BUS" cache-control private cf-ray 7d104fd8ac463a7a-FRA alt-svc h3=":443"; ma=86400 content-length 328 expires Thu, 31 Aug 2023 14:16:02 GMT
GET H2	200	j.ad Show response s.tribalfusion.com/ Frame 9EFD	6 KB 3 KB	324ms 322ms	Script application/x-javascript	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7109505338&tagKey=4066929618&site=promtonline&adSpace=rosb&center=1&size=300x250&env=display&url=http%3A%2F%2Fuhgy.v5-amironetwork.site%2F&f=1&p=15286236&tKey=a9mneMUsnaVcBeSmJnTWnRYG7hSHOmV5&a=1&adContainerId=richmedia_2&rnd=15279003 Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/PROMTOnline/ROSB/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 24f6e0f47abcb3300e162ee8f2541dd1a9e4a398736bb21173a8012112e54210 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Fri, 02 Jun 2023 14:16:03 GMT content-encoding gzip cf-cache-status DYNAMIC x-function 101 server cloudflare x-reuse-index 634 vary Accept-Encoding content-type application/x-javascript; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control private, no-cache, no-store, proxy-revalidate cf-ray 7d104fda0de13a7a-FRA alt-svc h3=":443"; ma=86400 content-length 2563 expires 0
GET H2	200	j.ad Show response s.tribalfusion.com/ Frame F901	2 KB 2 KB	317ms 316ms	Script application/x-javascript	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7109505338&tagKey=4066929618&site=promtonline&adSpace=rosb&center=1&size=728x90&env=display&url=http%3A%2F%2Fuhgy.v5-amironetwork.site%2F&f=1&p=15280078&tKey=a6mneM4cU9UcrdVGn7S6nMYTYcSHOnFC&a=1&adContainerId=richmedia_2&rnd=15280817 Requested by Host: tags.expo9.exponential.com URL: https://tags.expo9.exponential.com/tags/PROMTOnline/ROSB/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a33e24170b44f280ce0eb43c69c0721457aaaa9245f0ae5f91a5eeda829baf15 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Fri, 02 Jun 2023 14:16:03 GMT content-encoding gzip cf-cache-status DYNAMIC x-function 101 server cloudflare x-reuse-index 14 vary Accept-Encoding content-type application/x-javascript; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control private, no-cache, no-store, proxy-revalidate cf-ray 7d104fda1de33a7a-FRA alt-svc h3=":443"; ma=86400 content-length 1274 expires 0
GET H2	200	pubcode.min.js Show response secure.cdn.fastclick.net/js/adcodes/ Frame F901	10 KB 4 KB	310ms 76ms	Script application/javascript	23.215.22.18 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.cdn.fastclick.net/js/adcodes/pubcode.min.js?sid=25418&placement_id=48e12fda-6e23-40cd-9806-87de6911b0f8&version=1.4&exc=1 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7109505338&tagKey=4066929618&site=promtonline&adSpace=rosb&center=1&size=728x90&env=display&url=http%3A%2F%2Fuhgy.v5-amironetwork.site%2F&f=1&p=15280078&tKey=a6mneM4cU9UcrdVGn7S6nMYTYcSHOnFC&a=1&adContainerId=richmedia_2&rnd=15280817 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-215-22-18.deploy.static.akamaitechnologies.com Software Apache / Resource Hash aeb4e91ace2fa32384064caa3eb3d1355e938bbb7d0a86b0b5280ee649d24544 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:03 GMT content-encoding gzip last-modified Wed, 10 Jun 2020 22:08:18 GMT server Apache etag "269f-5a7c214d0c865-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 3788
GET H2	200	ipg a4.tribalfusion.com/ Frame F901	43 B 101 B	910ms 676ms	Image image/gif	104.18.13.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a4.tribalfusion.com/ipg?ip6=2a01:4a0:1338:92::3&kv=%7B%22ord%22%3A%20899312205%2C%20%22clientID%22%3A%20223253%7D Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.13.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Fri, 02 Jun 2023 14:16:04 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7d104fdd8d902bf6-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	pubcode.min.js Show response secure.cdn.fastclick.net/js/adcodes/ Frame 9EFD	10 KB 4 KB	295ms 76ms	Script application/javascript	23.215.22.18 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://secure.cdn.fastclick.net/js/adcodes/pubcode.min.js?sid=25418&placement_id=ee56d712-b0ff-4180-edc0-26516b03e619&version=1.4&exc=1 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=7109505338&tagKey=4066929618&site=promtonline&adSpace=rosb&center=1&size=300x250&env=display&url=http%3A%2F%2Fuhgy.v5-amironetwork.site%2F&f=1&p=15286236&tKey=a9mneMUsnaVcBeSmJnTWnRYG7hSHOmV5&a=1&adContainerId=richmedia_2&rnd=15279003 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.215.22.18 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-215-22-18.deploy.static.akamaitechnologies.com Software Apache / Resource Hash aeb4e91ace2fa32384064caa3eb3d1355e938bbb7d0a86b0b5280ee649d24544 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:03 GMT content-encoding gzip last-modified Wed, 10 Jun 2020 22:08:18 GMT server Apache etag "269f-5a7c214d0c865-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 3788
GET H2	200	ipg a4.tribalfusion.com/ Frame 9EFD	43 B 291 B	892ms 672ms	Image image/gif	104.18.13.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a4.tribalfusion.com/ipg?ip6=2a01:4a0:1338:92::3&kv=%7B%22ord%22%3A%20899312194%2C%20%22clientID%22%3A%20223253%7D Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.13.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Fri, 02 Jun 2023 14:16:04 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7d104fdd8d922bf6-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	get.media Show response direct.ad.cpe.dotomi.com/w/ Frame 9EFD	518 B 632 B	263ms 42ms	Script text/html	2a02:fa8:8806:16::1460 VCLK-EU-SE
General Check archive.org Show headers Download Go to Full URL https://direct.ad.cpe.dotomi.com/w/get.media?sid=25418&d=j&t=n&vcm_acv=1.4&version=1.12&c=0.7322198720700008&vcm_ifr=1&vcm_xy=-1..-1&vcm_vv=true&vcm_vm=false&vcm_pr=https%3A//translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp&vcm_tr=&vcm_cr=&mo=0&placement_id=ee56d712-b0ff-4180-edc0-26516b03e619 Requested by Host: secure.cdn.fastclick.net URL: https://secure.cdn.fastclick.net/js/adcodes/pubcode.min.js?sid=25418&placement_id=ee56d712-b0ff-4180-edc0-26516b03e619&version=1.4&exc=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash aa4e75cbcc0e6fc23100bcdf12e6f99d0b7f5ee3fd8b0542cf3bd9b7b4c2a288 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers content-type text/html pragma no-cache date Fri, 02 Jun 2023 14:16:03 GMT cache-control no-cache server nginx content-length 518 expires 0
GET		cookie_sync cookie.sync.ad.cpe.dotomi.com/w/ Frame 9EFD	0 0
GET H2	200	get.media Show response direct.ad.cpe.dotomi.com/w/ Frame F901	598 B 711 B	265ms 45ms	Script text/html	2a02:fa8:8806:16::1460 VCLK-EU-SE
General Check archive.org Show headers Download Go to Full URL https://direct.ad.cpe.dotomi.com/w/get.media?sid=25418&d=j&t=n&vcm_acv=1.4&version=1.12&c=0.7946151329015192&vcm_ifr=1&vcm_xy=-1..-1&vcm_vv=true&vcm_vm=false&vcm_pr=https%3A//translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp&vcm_tr=&vcm_cr=&mo=0&placement_id=48e12fda-6e23-40cd-9806-87de6911b0f8 Requested by Host: secure.cdn.fastclick.net URL: https://secure.cdn.fastclick.net/js/adcodes/pubcode.min.js?sid=25418&placement_id=48e12fda-6e23-40cd-9806-87de6911b0f8&version=1.4&exc=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash ba585fe0ef95be5c7c0f9f7f8546f4aaae809c775bd092f2318a52549fe7106b Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers content-type text/html pragma no-cache date Fri, 02 Jun 2023 14:16:03 GMT cache-control no-cache server nginx content-length 598 expires 0
GET		cookie_sync cookie.sync.ad.cpe.dotomi.com/w/ Frame F901	0 0
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 9EFD	136 KB 46 KB	152ms 148ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: direct.ad.cpe.dotomi.com URL: https://direct.ad.cpe.dotomi.com/w/get.media?sid=25418&d=j&t=n&vcm_acv=1.4&version=1.12&c=0.7322198720700008&vcm_ifr=1&vcm_xy=-1..-1&vcm_vv=true&vcm_vm=false&vcm_pr=https%3A//translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp&vcm_tr=&vcm_cr=&mo=0&placement_id=ee56d712-b0ff-4180-edc0-26516b03e619 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6aa193b9d745870f5adc16d1d129dddcd8ecf6c7da4283ab158c2b532327af8b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:03 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47372 x-xss-protection 0 server cafe etag 5582334437763670356 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Fri, 02 Jun 2023 14:16:03 GMT
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 5380	379 B 536 B	225ms 224ms	Document text/html	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aKmW0L1E3r3TZbl2qr4oEnB1r7aWWbUnAQBnGrsoHrJ5Tne2teN4AFZbmUfHXVfS1sZb20Vfnnqn23F3TTFMZaUPn4PaMSPGZbOPHUwYtZbsT6Mp3G35YFvBUAin2PQePmfJ2HZbMXHUJpdAo5mMW4VQ7UVJbVc7hPA3mTdU3UbM05bEuWEjqTTM7ParLQGbCQFivSWYbVVYU5biunWAm0qep4dbZdQtQH2mI8WpbmpSEL08IbyAym4SbYr6IlmE2Lq8iOyGZbAVRxADZc&mediaDataID=6546596&mediaName=frame.html Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0665c97f769e3d480ca836faa1b62dc18ec0f6dac91db22eeaa6a9900f58397 Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7d104fdfcea61cc5-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 02 Jun 2023 14:16:03 GMT expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 210
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 7760	262 B 508 B	223ms 222ms	Document text/html	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aLmWRKSTYZaQVJZbPFqoSWQbUV3S5rimntZaOXqyO2dvZdSVJF5mQHpdatUt3eXUfd1FQf0qaMRFBZdUFY1TtFUobBnPrjyXEFN4aUh2aU2oTbIYrbbTtfPnmfIpsQvpH7K5EMf3tIo4AvZanUfZc0G7XYGQV0svxmaBS2bYSTF7CWmrVPTj3QcZbtStZbr1dvpT6Qp3cvY0b3ZaUPir4mZbcQmfG3dUoXdZbZdmH6o36BY3sj7SGUjU9XZapaqVrCF3v6AqvAaDZaviZckw&mediaDataID=5578346&mediaName=frame.html Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3a188ef132aa4c1b8d5bdbd4e3485a0045fba832f72e236333d8b5bf7e772a0 Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7d104fdfcea91cc5-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 02 Jun 2023 14:16:03 GMT expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 31
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 08AC	273 B 477 B	333ms 332ms	Document text/html	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=ammW0L2av1oTbD1bZb6UHjQoA3ZamGUmpHQJ3EYj3tiN3PFZdmrMEYGUQXGJU0VvupEnT3FU2VbvZaWPv2REfSSs3tQWZbtYHvwWPby4sr10UUDUAmm4mnaQPMB4WQO0HUDnt2m3mUP3sngTsr9VGBfS6FwTdYTWbbR2bZauWajpTTQlQaBIQVbZaPraxRHUiVcn55UXondIrYTam3WQASGrZa2mJHoVytVWPZcMnT8NQZaDX9MXtPmZcQ8PtnoIrUaZa9oAPVUtYHUePWrg&mediaDataID=6530936&mediaName=frame.html Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6be4df082117edb268a59232c84388a83e54f8b19507dd21724fc3650d124c38 Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7d104fdfcead1cc5-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 02 Jun 2023 14:16:04 GMT expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 30
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 7254	240 B 439 B	244ms 242ms	Document text/html	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=anmV8ERr6mPHvdWVM22rToodItXTXn3d3ZdQG7A4mUHmtarUWJhYbUbXrU60TqqPrBHUFQSVWBUmbJpRUvy1TUs5qZbc2q7PnaMH1r7dWHbXmAMZdpVvtptfC5EQ73daM5PvEpbnZb0Gr0YsvX1cFwmavV2UYUTUfZaVAnTPTb1ScUMQHUuYtFpWmQx4crUYbYDU6Tp5Pn8QAnJ3dvmXWBApd2o5QbR3siZdnoq7m8eCPWqVo8qwma6guSPD1qhySi&mediaDataID=4056396&mediaName=frame.html Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96e346519e340492cc7a7b4c0a65559cc5b0bc141bcde0d9119195471ba5b0ff Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7d104fdfceb51cc5-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 02 Jun 2023 14:16:04 GMT expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 371
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 2C84	257 B 470 B	331ms 330ms	Document text/html	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=apmVwBoTbB1rZb9UdJ0n67IpGnnpt3F5qr73tao5AbGpbYZbYGn0Xcv31cronavW5FZbVVU7ZcW6fVPTMYScBOSdFO1WjpVPbn3GB00UvZbVmqw4m37PAbD3dZbqXW3AntIn5mB13cv9VcUjWsBiSmvvTWFUTr7Y5rEwVqMvVEJbSTYFScQZdRrirRWn6WVQ55rqxntZasYqTv3HfZaPsBD2mJHmdXyTcr60beLyBalM673P82gqAu9o8BiPoloTd&mediaDataID=2713736&mediaName=frame.html Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 72b014f9d8611ae5bbc0d689e348a844a944531f0a6a11174e42d8cb854f2e49 Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7d104fdfceba1cc5-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 02 Jun 2023 14:16:04 GMT expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 229
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 2001	211 B 429 B	333ms 332ms	Document text/html	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=aqmW8ZaPHvbUVMT5bemmd6s0q2y4t3HPsZbZa4m3LodEyVHj8YbnkXUbe1EuNRUJEWFJYVdYWmUYvPFjs1EJN3EFk4ErYmEMKXFUcWHJVoAnBnGfsodQA2qZbg5tiN5PjFnbbG0VMS1cYV0VFOmqFU2bFTWFjHUPvVQErQQsZbtStZbr1HvrT6Qx3Gn5XUvDUAuw5Ar7Q6BA3tBy1drZdpd2o36BY5HJ7VcIIooAkrTPRW62on76ZdqEBAmnZaYmBnEvPI6tUZbvWtHNXj&mediaDataID=6347136&mediaName=frame.html Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb11e4acfba9dbef2b4101d10b4e961623cd13623e3b63166ecf92284dd1b046 Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7d104fdfdee11cc5-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 02 Jun 2023 14:16:04 GMT expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 31
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 6BDC	445 B 567 B	224ms 223ms	Document text/html	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=armWCZc4sY20UUJT6Xp5mn7R6JJ3tYm1dvAndIN563Y3cQ9UcQjVcBfSmJnUtFTWbr03rZauWTbxVEQdSTZbHQGBIPUioRd7kVcbP2FTrodiOYEqM3t3GPsrH2mUHotZaOTHQf0rMd1UF90qIpSFrGTbB1WtU4obJvQUbNYTFs3TZba4T75oTJEYb3bTtJXnmMBmVYppHUD2aB82HEn3AvGprbEXtZbQ1cEpOREMVPiN5SXRo6XasreyTpqrs9Za5qcIjv82P0SvI1Fj0w9&mediaDataID=6719746&mediaName=frame.html Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 016d945ab508762e81dcb1bbb0efa3f095eda6aa4930d30086dbfd6962572177 Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7d104fdfdee21cc5-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 02 Jun 2023 14:16:03 GMT expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 31
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 0C4F	199 B 423 B	234ms 234ms	Document text/html	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=asmWgZb1rZb6WHbQoPvZapVjpmHYF5Tvl3dIN5AjKnrvE0VUSXc3V1GFwmqr33bFUTUvEWPnTPajSQsUrStYtYdfoVAnu2sBWYbZbZaVmXq2PUeQPfC4dMp1dBLpdAo5mU05cjeVs3aUc78RAvyTHvVTFMX2bAnUarxWTYlQEBZdQVJCPFuqPHQ7Vs3P2UTxnW6OYaPw3dYFPcvZd5AMImdXyVWQhXTZbb1UXGOmJnr72jWRaMt9XXT7FPyPT0OBZaR18EcvBnfYPEkZcD&mediaDataID=7665496&mediaName=frame.html Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b5d44d1c2b4b47cb7c10db4a26083c7a0f5e45fadb413c434fe2db040aaa7a4 Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7d104fdfdee41cc5-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 02 Jun 2023 14:16:03 GMT expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 32
GET H3	200	p.media Show response s.tribalfusion.com/ Frame E827	307 B 505 B	225ms 225ms	Document text/html	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=atmXLtUVMV2FuootapXa2w4dfFPcJG5AnHodZamTWZbh0rUdXUB91aIsSFFZcUFB0TdB3mbBxPrMyYT3q3TYc2qnXmqfDXFUhTtMWoA3ZdpGvwptvC2qne2Hmr3AbGnbnHXVfX1sQ5XGbnnEFP2rvWWrnGVAM3RTMSPc3MQdUOYt7uVPbN4sZb4XUFZbUPXw56YeQmFD3Wnr1tZbDmWeM36BY3sjgTWjcUcyHtEuNo9PMWoAwxmnwm7ZasmBeKNmPdsS2ZbTCf3rC6ZcoHuHyPFSyTeErlpVyM&mediaDataID=8039566&mediaName=frame.html Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_300x250.asp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8732c44b47702bfe379cec23e8362339283e7f67682bffea92fad41b7c176e29 Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7d104fdfdee51cc5-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 02 Jun 2023 14:16:03 GMT expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 31
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/ Frame F901	136 KB 46 KB	231ms 229ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: direct.ad.cpe.dotomi.com URL: https://direct.ad.cpe.dotomi.com/w/get.media?sid=25418&d=j&t=n&vcm_acv=1.4&version=1.12&c=0.7946151329015192&vcm_ifr=1&vcm_xy=-1..-1&vcm_vv=true&vcm_vm=false&vcm_pr=https%3A//translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp&vcm_tr=&vcm_cr=&mo=0&placement_id=48e12fda-6e23-40cd-9806-87de6911b0f8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 68c8450bcdb7fe0eb4a25138dce871493871f5a3df884b89ffd6e8c903df4595 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:03 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47320 x-xss-protection 0 server cafe etag 13500835518875389838 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Fri, 02 Jun 2023 14:16:03 GMT
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 3DE5	322 B 513 B	339ms 338ms	Document text/html	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=avmWgZbWHbQoAnJnGYtpWbA5Eri3d6t4PBGnrnIXGr01sv51G7nmTFU2rJ5VrnHUPf4PTrQQGFOQdZbMYtrwTmrv2VU4YrZbBUAir2PvcR6bK2WMs1tYKmW2v363Y5cvfTsJlUsfhPPYoUtvSTUB12U2mVqnmTEQjPTQFSGQIRr6vRt77UV3P4FTqmHAOYEyp3t3GPGJG5PFEpWipVWQh0bfkYaMeXarXtnqBoQTpTn2YTPXStPQUrBaXvQ2K0RmPWnjp2JYKZdX&mediaDataID=5436426&mediaName=frame.html Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 391d157c77e01b0ca158d100a7753ed414e4a6a9fe3617bee8d185312680d0df Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7d104fdfdee71cc5-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 02 Jun 2023 14:16:04 GMT expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 233
GET H3	200	p.media Show response s.tribalfusion.com/ Frame 367E	277 B 485 B	247ms 246ms	Document text/html	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=awmX1p2FuooditYTmy4tnGSGMF5AvZdpd6yTWFdXbrk1Fbg1aiMSbrGTrZbPVHJ4obYnPFbNYaZbN5EZbi2ajPoEjCYUB8THM0nmfZcpGUqmHnJ2qn83WaM4mvZbprvEXVMYYsFTXVjupTb43FvRWbZbFVm72QEvXSsUOPtFr1dvoT6Mp2GBX0UFJUA6v4mveQPfK3Hrs1WMKmHPn4PrV3sjgVcJjWWYfPPEWmpuQonem59ZbpmmQRxAEHt7X6sSffymY3qCeCS6q3v6mAIQZbXgh&mediaDataID=9148826&mediaName=frame.html Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8a9e6862a7f766bb5cdafe809db64666d2e3338db9af429695442b09bb9a984 Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7d104fdfdee91cc5-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 02 Jun 2023 14:16:04 GMT expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 31
GET H3	200	p.media Show response s.tribalfusion.com/ Frame A4F0	300 B 500 B	219ms 218ms	Document text/html	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tribalfusion.com/p.media?clickID=axmUCkVmqp2PU8PAJB3WrsXWrCmWTv5mvY5svcTcUjUsBhSP3oTdvVTUnS3U2nUabpVEYlQqJHSGJKRrqxPWncWsnT2r6vnWqm0q2M4dMZdPsfA4mMIpWXtVWZbhXrMjYFY7Xq6qPbUZbUFM3WWr2nFQpQUft1T3N4TFa4q7XoTbIYFUaWHJ1mmYZcmcUwptMJ2Tre2tZaq46rFmFQL0Gf01cFV0t3wpTuxuBuPnBakUH63nPfgTo2mfZc&mediaDataID=6807466&mediaName=frame.html Requested by Host: translation2.paralink.com URL: https://translation2.paralink.com/BANNERS/Ad_networks/TF/TF_PROMTOnline_ROSB_728x90.asp Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f1fa72ab606e01e8e5b498e160c262fcb6a9d6e9481d0ae94505074e8f1a55c Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7d104fdfdeea1cc5-FRA content-encoding gzip content-type text/html; charset=utf-8 date Fri, 02 Jun 2023 14:16:03 GMT expires 0 p3p CP="NOI DEVo TAIa OUR BUS" pragma no-cache server cloudflare vary Accept-Encoding x-function 102 x-reuse-index 339
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ Frame 9EFD	351 KB 118 KB	106ms 106ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5177611512099267&plah=translation2.paralink.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 899acb4900e8c7f0420bbbe2121bf855d8d7b586bee7ac39950542d965b4bc99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:03 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 120671 x-xss-protection 0 server cafe etag 4536846289224542900 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 02 Jun 2023 14:16:03 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/ Frame 1702	10 KB 5 KB	45ms 40ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230531/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 74342 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4540 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 01 Jun 2023 17:37:02 GMT etag 15057649708203361565 expires Thu, 15 Jun 2023 17:37:02 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	i.match a.tribalfusion.com/ Frame 7760 Redirect Chain https://dpm.demdex.net/ibs:dpid=22054&dpuuid=18072662100051110525&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22054&dpuuid=18072662100051110525&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db13%26u%3D%24%7BDD_UUID%7D https://a.tribalfusion.com/i.match?p=b13&u=79062689727365971252166414548284592880	43 B 598 B	327ms 326ms	Image image/gif	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b13&u=79062689727365971252166414548284592880 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aLmWRKSTYZaQVJZbPFqoSWQbUV3S5rimntZaOXqyO2dvZdSVJF5mQHpdatUt3eXUfd1FQf0qaMRFBZdUFY1TtFUobBnPrjyXEFN4aUh2aU2oTbIYrbbTtfPnmfIpsQvpH7K5EMf3tIo4AvZanUfZc0G7XYGQV0svxmaBS2bYSTF7CWmrVPTj3QcZbtStZbr1dvpT6Qp3cvY0b3ZaUPir4mZbcQmfG3dUoXdZbZdmH6o36BY3sj7SGUjU9XZapaqVrCF3v6AqvAaDZaviZckw&mediaDataID=5578346&mediaName=frame.html Protocol H3 Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Fri, 02 Jun 2023 14:16:04 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7d104fe4cddf1cc5-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers DCS dcs-prod-irl1-1-v048-02089365e.edge-irl1.demdex.com 2 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID 9bb396x3S3w= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://a.tribalfusion.com/i.match?p=b13&u=79062689727365971252166414548284592880 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	cm us-u.openx.net/w/1.0/ Frame 5380	43 B 304 B	163ms 50ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aKmW0L1E3r3TZbl2qr4oEnB1r7aWWbUnAQBnGrsoHrJ5Tne2teN4AFZbmUfHXVfS1sZb20Vfnnqn23F3TTFMZaUPn4PaMSPGZbOPHUwYtZbsT6Mp3G35YFvBUAin2PQePmfJ2HZbMXHUJpdAo5mMW4VQ7UVJbVc7hPA3mTdU3UbM05bEuWEjqTTM7ParLQGbCQFivSWYbVVYU5biunWAm0qep4dbZdQtQH2mI8WpbmpSEL08IbyAym4SbYr6IlmE2Lq8iOyGZbAVRxADZc&mediaDataID=6546596&mediaName=frame.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Fri, 02 Jun 2023 14:16:04 GMT content-encoding gzip via 1.1 google server OXGW/0.0.0 vary Accept, Accept-Encoding content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3	200	i.match a.tribalfusion.com/ Frame 6BDC Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726621000... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726621000... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662100051110525&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U... https://a.tribalfusion.com/i.match?p=b11&u=2C546569-80C9-4960-B563-263F6DE727DF	43 B 591 B	213ms 212ms	Image image/gif	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b11&u=2C546569-80C9-4960-B563-263F6DE727DF Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=armWCZc4sY20UUJT6Xp5mn7R6JJ3tYm1dvAndIN563Y3cQ9UcQjVcBfSmJnUtFTWbr03rZauWTbxVEQdSTZbHQGBIPUioRd7kVcbP2FTrodiOYEqM3t3GPsrH2mUHotZaOTHQf0rMd1UF90qIpSFrGTbB1WtU4obJvQUbNYTFs3TZba4T75oTJEYb3bTtJXnmMBmVYppHUD2aB82HEn3AvGprbEXtZbQ1cEpOREMVPiN5SXRo6XasreyTpqrs9Za5qcIjv82P0SvI1Fj0w9&mediaDataID=6719746&mediaName=frame.html Protocol H3 Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Fri, 02 Jun 2023 14:16:04 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7d104fe50e1f1cc5-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://a.tribalfusion.com/i.match?p=b11&u=2C546569-80C9-4960-B563-263F6DE727DF date Fri, 02 Jun 2023 14:16:04 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	204	usermatch.gif beacon.krxd.net/ Frame A4F0 Redirect Chain https://a.tribalfusion.com/i.match?p=b22&u=18072662100051110525&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662100051110525	0 339 B	213ms 57ms	Image text/plain	54.77.108.77 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662100051110525 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=axmUCkVmqp2PU8PAJB3WrsXWrCmWTv5mvY5svcTcUjUsBhSP3oTdvVTUnS3U2nUabpVEYlQqJHSGJKRrqxPWncWsnT2r6vnWqm0q2M4dMZdPsfA4mMIpWXtVWZbhXrMjYFY7Xq6qPbUZbUFM3WWr2nFQpQUft1T3N4TFa4q7XoTbIYFUaWHJ1mmYZcmcUwptMJ2Tre2tZaq46rFmFQL0Gf01cFV0t3wpTuxuBuPnBakUH63nPfgTo2mfZc&mediaDataID=6807466&mediaName=frame.html Protocol H2 Server 54.77.108.77 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-77-108-77.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-served-by beacon-n001-dub-prod.krxd.net date Fri, 02 Jun 2023 14:16:04 GMT cache-control private, no-cache, no-store x-request-time D=147 t=1685715364 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" Redirect headers pragma no-cache date Fri, 02 Jun 2023 14:16:04 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 205 content-type text/html location https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662100051110525 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7d104fe288f03a7a-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	dspreply public-prod-dspcookiematching.dmxleo.com/ Frame E827 Redirect Chain https://a.tribalfusion.com/i.match?p=b24&u=18072662100051110525&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662100051110525	0 123 B	254ms 49ms	Image text/plain	188.65.124.66
General Check archive.org Show headers Download Go to Show image Full URL https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662100051110525 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=atmXLtUVMV2FuootapXa2w4dfFPcJG5AnHodZamTWZbh0rUdXUB91aIsSFFZcUFB0TdB3mbBxPrMyYT3q3TYc2qnXmqfDXFUhTtMWoA3ZdpGvwptvC2qne2Hmr3AbGnbnHXVfX1sQ5XGbnnEFP2rvWWrnGVAM3RTMSPc3MQdUOYt7uVPbN4sZb4XUFZbUPXw56YeQmFD3Wnr1tZbDmWeM36BY3sjgTWjcUcyHtEuNo9PMWoAwxmnwm7ZasmBeKNmPdsS2ZbTCf3rC6ZcoHuHyPFSyTeErlpVyM&mediaDataID=8039566&mediaName=frame.html Protocol H2 Server 188.65.124.66 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-dm-lb-name ingress-nginx-nginx-in-cluster-dxw2j date Fri, 02 Jun 2023 14:16:05 GMT strict-transport-security max-age=15724800; includeSubDomains content-length 0 Redirect headers pragma no-cache date Fri, 02 Jun 2023 14:16:04 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 46 content-type text/html location https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662100051110525 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7d104fe298f33a7a-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	i.match a.tribalfusion.com/ Frame 0C4F Redirect Chain https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662100051110525 https://a.tribalfusion.com/i.match?p=b23&u=217553104535003010648	43 B 450 B	299ms 299ms	Image image/gif	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b23&u=217553104535003010648 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=asmWgZb1rZb6WHbQoPvZapVjpmHYF5Tvl3dIN5AjKnrvE0VUSXc3V1GFwmqr33bFUTUvEWPnTPajSQsUrStYtYdfoVAnu2sBWYbZbZaVmXq2PUeQPfC4dMp1dBLpdAo5mU05cjeVs3aUc78RAvyTHvVTFMX2bAnUarxWTYlQEBZdQVJCPFuqPHQ7Vs3P2UTxnW6OYaPw3dYFPcvZd5AMImdXyVWQhXTZbb1UXGOmJnr72jWRaMt9XXT7FPyPT0OBZaR18EcvBnfYPEkZcD&mediaDataID=7665496&mediaName=frame.html Protocol H2 Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Fri, 02 Jun 2023 14:16:04 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7d104fe38a1f3a7a-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 02 Jun 2023 14:16:04 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" location https://a.tribalfusion.com/i.match?p=b23&u=217553104535003010648 access-control-allow-origin * cache-control no-cache, no-store, must-revalidate access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type expires 0
GET		pixel cm.g.doubleclick.net/ Frame 7254	0 0
GET H3	200	i.match a.tribalfusion.com/ Frame 367E Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662100051110525&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662100051110525&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=0269e770-0150-11e... https://a.tribalfusion.com/i.match?p=b19&u=0269e720-0150-11ee-ad49-1626150c0406	43 B 589 B	215ms 215ms	Image image/gif	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b19&u=0269e720-0150-11ee-ad49-1626150c0406 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=awmX1p2FuooditYTmy4tnGSGMF5AvZdpd6yTWFdXbrk1Fbg1aiMSbrGTrZbPVHJ4obYnPFbNYaZbN5EZbi2ajPoEjCYUB8THM0nmfZcpGUqmHnJ2qn83WaM4mvZbprvEXVMYYsFTXVjupTb43FvRWbZbFVm72QEvXSsUOPtFr1dvoT6Mp2GBX0UFJUA6v4mveQPfK3Hrs1WMKmHPn4PrV3sjgVcJjWWYfPPEWmpuQonem59ZbpmmQRxAEHt7X6sSffymY3qCeCS6q3v6mAIQZbXgh&mediaDataID=9148826&mediaName=frame.html Protocol H3 Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Fri, 02 Jun 2023 14:16:04 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7d104fe4adae1cc5-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Date Fri, 02 Jun 2023 14:16:04 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Location https://a.tribalfusion.com/i.match?p=b19&u=0269e720-0150-11ee-ad49-1626150c0406 Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 102 Connection keep-alive Content-Length 43
GET H3	200	i.match a.tribalfusion.com/ Frame 08AC Redirect Chain https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662100051110525&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&cm_dsp_id=131&external_user_id=18072662100051110525&C=1 https://a.tribalfusion.com/i.match?p=b20&u=ZHn5pNnGxvk-Z3vsrXswHwAA	43 B 591 B	214ms 213ms	Image image/gif	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b20&u=ZHn5pNnGxvk-Z3vsrXswHwAA Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=ammW0L2av1oTbD1bZb6UHjQoA3ZamGUmpHQJ3EYj3tiN3PFZdmrMEYGUQXGJU0VvupEnT3FU2VbvZaWPv2REfSSs3tQWZbtYHvwWPby4sr10UUDUAmm4mnaQPMB4WQO0HUDnt2m3mUP3sngTsr9VGBfS6FwTdYTWbbR2bZauWajpTTQlQaBIQVbZaPraxRHUiVcn55UXondIrYTam3WQASGrZa2mJHoVytVWPZcMnT8NQZaDX9MXtPmZcQ8PtnoIrUaZa9oAPVUtYHUePWrg&mediaDataID=6530936&mediaName=frame.html Protocol H3 Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Fri, 02 Jun 2023 14:16:04 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7d104fe45d331cc5-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 02 Jun 2023 14:16:04 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://a.tribalfusion.com/i.match?p=b20&u=ZHn5pNnGxvk-Z3vsrXswHwAA Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 0 Expires 0
GET H3	200	i.match a.tribalfusion.com/ Frame 2C84 Redirect Chain https://tags.bluekai.com/site/4229?id=18072662100051110525&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID	43 B 625 B	210ms 209ms	Image image/gif	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=apmVwBoTbB1rZb9UdJ0n67IpGnnpt3F5qr73tao5AbGpbYZbYGn0Xcv31cronavW5FZbVVU7ZcW6fVPTMYScBOSdFO1WjpVPbn3GB00UvZbVmqw4m37PAbD3dZbqXW3AntIn5mB13cv9VcUjWsBiSmvvTWFUTr7Y5rEwVqMvVEJbSTYFScQZdRrirRWn6WVQ55rqxntZasYqTv3HfZaPsBD2mJHmdXyTcr60beLyBalM673P82gqAu9o8BiPoloTd&mediaDataID=2713736&mediaName=frame.html Protocol H3 Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Fri, 02 Jun 2023 14:16:04 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7d104fe5af0d1cc5-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://a.tribalfusion.com/i.match?p=b3&u=$_BK_UUID date Fri, 02 Jun 2023 14:16:04 GMT content-length 0 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
GET H3	200	i.match a.tribalfusion.com/ Frame 2001 Redirect Chain https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662100051110525&_origin=1&redir=true https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662100051110525&_origin=1&redir=true&verify=true https://a.tribalfusion.com/i.match?p=b17&u=y-HEWXP75E2ugiIrp6REGP.09vSWN17x0-~A	43 B 595 B	314ms 314ms	Image image/gif	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://a.tribalfusion.com/i.match?p=b17&u=y-HEWXP75E2ugiIrp6REGP.09vSWN17x0-~A Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=aqmW8ZaPHvbUVMT5bemmd6s0q2y4t3HPsZbZa4m3LodEyVHj8YbnkXUbe1EuNRUJEWFJYVdYWmUYvPFjs1EJN3EFk4ErYmEMKXFUcWHJVoAnBnGfsodQA2qZbg5tiN5PjFnbbG0VMS1cYV0VFOmqFU2bFTWFjHUPvVQErQQsZbtStZbr1HvrT6Qx3Gn5XUvDUAuw5Ar7Q6BA3tBy1drZdpd2o36BY5HJ7VcIIooAkrTPRW62on76ZdqEBAmnZaYmBnEvPI6tUZbvWtHNXj&mediaDataID=6347136&mediaName=frame.html Protocol H3 Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers pragma no-cache date Fri, 02 Jun 2023 14:16:04 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7d104fe4adaf1cc5-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://a.tribalfusion.com/i.match?p=b17&u=y-HEWXP75E2ugiIrp6REGP.09vSWN17x0-~A date Fri, 02 Jun 2023 14:16:04 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.57 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 3DE5 Redirect Chain https://a.tribalfusion.com/i.match?p=b10&u=18072662100051110525&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662100051110525&expires=180	0 239 B	288ms 41ms	Image image/gif	69.173.144.138
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662100051110525&expires=180 Requested by Host: s.tribalfusion.com URL: https://s.tribalfusion.com/p.media?clickID=avmWgZbWHbQoAnJnGYtpWbA5Eri3d6t4PBGnrnIXGr01sv51G7nmTFU2rJ5VrnHUPf4PTrQQGFOQdZbMYtrwTmrv2VU4YrZbBUAir2PvcR6bK2WMs1tYKmW2v363Y5cvfTsJlUsfhPPYoUtvSTUB12U2mVqnmTEQjPTQFSGQIRr6vRt77UV3P4FTqmHAOYEyp3t3GPGJG5PFEpWipVWQh0bfkYaMeXarXtnqBoQTpTn2YTPXStPQUrBaXvQ2K0RmPWnjp2JYKZdX&mediaDataID=5436426&mediaName=frame.html Protocol HTTP/1.1 Server 69.173.144.138 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://s.tribalfusion.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 66ef90d06496cfd000aab8206f2b6221 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Fri, 02 Jun 2023 14:16:04 GMT cf-cache-status DYNAMIC x-function 209 server cloudflare x-reuse-index 45 content-type text/html location https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662100051110525&expires=180 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7d104fe2a90e3a7a-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/ Frame F901	351 KB 118 KB	102ms 101ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5177611512099267&plah=translation2.paralink.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c9fa9a8b4d1837f07e2dc01d736a7400c7866d6814e4a6120780db1d439da1cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:04 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 120659 x-xss-protection 0 server cafe etag 7566346810802375440 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 02 Jun 2023 14:16:04 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/ Frame 9EFD	107 B 165 B	50ms 49ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=translation2.paralink.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5177611512099267&plah=translation2.paralink.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:04 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame 9EFD	107 B 165 B	53ms 52ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=translation2.paralink.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5177611512099267&plah=translation2.paralink.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:04 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	403	ads Show response googleads.g.doubleclick.net/pagead/ Frame 5B8F	603 B 68 B	176ms 173ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5177611512099267&output=html&h=250&slotname=9692205016&adk=2440500830&adf=3965729262&pi=t.ma~as.9692205016&w=300&format=300x250&url=http%3A%2F%2Fuhgy.v5-amironetwork.site%2F&ea=0&wgl=1&dt=1685715363951&bpp=7&bdt=1734&idt=330&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&correlator=2276034209801&frm=24&ife=1&pv=2&ga_vid=938880715.1685715364&ga_sid=1685715364&ga_hid=84224055&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3123616527&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071755%2C42531705%2C44772268%2C44788441&oid=2&pvsid=4278434733487055&tmod=1724801425&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=1.5rjvyl32i0lg&fsb=1&dtd=382 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5177611512099267&plah=translation2.paralink.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 02 Jun 2023 14:16:04 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.de/adsid/ Frame F901	107 B 122 B	59ms 48ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=translation2.paralink.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5177611512099267&plah=translation2.paralink.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:04 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/ Frame F901	107 B 122 B	54ms 49ms	Script application/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=translation2.paralink.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5177611512099267&plah=translation2.paralink.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:04 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	403	ads Show response googleads.g.doubleclick.net/pagead/ Frame AF12	603 B 66 B	80ms 77ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5177611512099267&output=html&h=280&slotname=9768875965&adk=119334486&adf=3965729264&pi=t.ma~as.9768875965&w=728&fwrn=16&fwrnh=100&rafmt=1&format=728x280&url=http%3A%2F%2Fuhgy.v5-amironetwork.site%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1685715364264&bpp=5&bdt=2024&idt=205&shv=r20230531&mjsv=m202305300101&ptt=9&saldr=aa&correlator=7851528992591&frm=24&ife=1&pv=2&ga_vid=1483301615.1685715365&ga_sid=1685715365&ga_hid=1612782213&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=483911688&scr_x=-12245933&scr_y=-12245933&eid=42532280%2C44759926%2C44759842%2C44759875%2C42532278%2C44772269%2C44785294%2C44788442&oid=2&pvsid=3869903277885640&tmod=1036577077&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=1.8r6a50x7wja3&fsb=1&dtd=241 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5177611512099267&plah=translation2.paralink.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 02 Jun 2023 14:16:04 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame F901	15 KB 11 KB	170ms 88ms	XHR application/json	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230531&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5177611512099267&plah=translation2.paralink.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e0d2458ecde71d6ddb5d2ccd66deb592d3e01275c851c7f0070edcfcda84cef3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:05 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11279 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame F901	17 KB 7 KB	137ms 48ms	Script text/javascript	2a00:1450:4001:82b::2001
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5177611512099267&plah=translation2.paralink.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 -, , ASN (), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://translation2.paralink.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Fri, 02 Jun 2023 14:16:05 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 02 Jun 2023 14:16:05 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame A4BB	13 KB 0	40ms 39ms	Document text/html	2a00:1450:4001:82b::2001
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 -, , ASN (), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://translation2.paralink.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 6242 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 02 Jun 2023 12:32:03 GMT expires Sat, 01 Jun 2024 12:32:03 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET		aframe www.google.com/recaptcha/api2/ Frame 13F4	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cookie.sync.ad.cpe.dotomi.com

URL

https://cookie.sync.ad.cpe.dotomi.com/w/cookie_sync?sid=25418&cb=0.55350258287908

Domain

cookie.sync.ad.cpe.dotomi.com

URL

https://cookie.sync.ad.cpe.dotomi.com/w/cookie_sync?sid=25418&cb=0.3793805653615161

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662100051110525

Domain

www.google.com

URL

https://www.google.com/recaptcha/api2/aframe