hi.haenselblatt.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hi.haenselblatt.com/
Submission: On August 12 via api (August 12th 2024, 4:36:38 am UTC) from US — Scanned from NL

Summary HTTP 96 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 42 IPs in 12 countries across 35 domains to perform 96 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is hi.haenselblatt.com.
TLS certificate: Issued by WE1 on July 4th 2024. Valid for: 3 months.

This is the only time hi.haenselblatt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225e:c200:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f6cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:1600:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2600:9000:211... 2600:9000:211e:e800:f:a31d:75c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	212.36.83.245 212.36.83.245	15699 (AS_ADAM A...) (AS_ADAM Adam Datacenter)
3	172.67.42.201 172.67.42.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.106.140.18 185.106.140.18	7979 (SERVERS-COM) (SERVERS-COM)
3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
2	147.75.34.179 147.75.34.179	54825 (PACKET) (PACKET)
3	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	2606:4700:10:... 2606:4700:10::6816:1fd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.18.110 172.217.18.110	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	184.28.88.227 184.28.88.227	16625 (AKAMAI-AS) (AKAMAI-AS)
1	147.75.34.177 147.75.34.177	54825 (PACKET) (PACKET)
1	2606:4700:10:... 2606:4700:10::6816:1ed1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3030::ac43:8a0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
96	42

9 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

hi.haenselblatt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.anltc.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:c200:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

ar.haenselblatt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f6cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1600:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:e800:f:a31d:75c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.optad360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.36.83.245 (Barcelona, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb1.vdmy.dtic.es

d.vidoomy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.42.201 (United States)

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)

rtb.adxpremium.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.34.179 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: omni-am-rkmt9y

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, CY)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1fd1 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

ar.haenselblatt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.28.88.227 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-88-227.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.34.177 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: omni-am-hl3dur

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1ed1 (United States)

ASN13335 (CLOUDFLARENET, US)

csync.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:8a0d (United States)

ASN13335 (CLOUDFLARENET, US)

adxbid.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	haenselblatt.com hi.haenselblatt.com ar.haenselblatt.com	1 MB
6	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 6787	4 KB
4	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 944 gum.criteo.com — Cisco Umbrella Rank: 553	829 B
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 662	129 KB
3	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 5898 csync.smilewanted.com — Cisco Umbrella Rank: 4588	371 B
3	wp.pl ssp.wp.pl — Cisco Umbrella Rank: 14937	193 B
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1162	193 B
3	adform.net adx.adform.net — Cisco Umbrella Rank: 5039 cm.adform.net — Cisco Umbrella Rank: 1869	2 KB
3	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 383 acdn.adnxs.com — Cisco Umbrella Rank: 961	3 KB
3	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1081	831 B
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 920 optad360-d.openx.net Failed	611 B
3	quantumdex.io useast.quantumdex.io — Cisco Umbrella Rank: 22538 sync.quantumdex.io — Cisco Umbrella Rank: 9703	516 B
3	anltc.cc www.anltc.cc	1 KB
3	gstatic.com fonts.gstatic.com	206 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2503	72 KB
3	optad360.io get.optad360.io — Cisco Umbrella Rank: 19827 cmp.optad360.io — Cisco Umbrella Rank: 52014	207 KB
3	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	194 KB
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6957	363 B
2	adxpremium.services rtb.adxpremium.services — Cisco Umbrella Rank: 13627	5 KB
2	vidoomy.com d.vidoomy.com — Cisco Umbrella Rank: 20778 a.vidoomy.com Failed	738 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 3230	24 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280	180 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	8 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	7 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 555	239 B
1	adxbid.info adxbid.info — Cisco Umbrella Rank: 17680
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 505	424 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 992	31 KB
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 2483	239 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 410	2 KB
1	optad360.net cdn.optad360.net — Cisco Umbrella Rank: 53010	3 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	29 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 1314	3 KB
0	admedo.com Failed pool.admedo.com — Cisco Umbrella Rank: 7377 Failed
0	smartadserver.com Failed prg.smartadserver.com Failed
96	35

	Domain	Requested by
13	ar.haenselblatt.com	hi.haenselblatt.com
6	mc.yandex.com	3 redirects hi.haenselblatt.com mc.yandex.ru
6	hi.haenselblatt.com	hi.haenselblatt.com unpkg.com
4	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
3	ssp.wp.pl	get.optad360.io
3	prebid.a-mo.net	get.optad360.io
3	onetag-sys.com	get.optad360.io
3	rtb.openx.net	get.optad360.io
3	www.anltc.cc	hi.haenselblatt.com www.anltc.cc
3	fonts.gstatic.com	fonts.googleapis.com hi.haenselblatt.com
3	mc.yandex.ru	1 redirects hi.haenselblatt.com
3	pagead2.googlesyndication.com	hi.haenselblatt.com pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	gum.criteo.com	get.optad360.io
2	prebid.smilewanted.com	get.optad360.io
2	prebid-eu.creativecdn.com	get.optad360.io
2	adx.adform.net	get.optad360.io
2	ib.adnxs.com	get.optad360.io
2	rtb.adxpremium.services	get.optad360.io
2	useast.quantumdex.io	get.optad360.io
2	d.vidoomy.com	get.optad360.io
2	bidder.criteo.com	get.optad360.io
2	script.4dex.io	get.optad360.io script.4dex.io
2	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
2	cdnjs.cloudflare.com	hi.haenselblatt.com
2	get.optad360.io	hi.haenselblatt.com get.optad360.io
2	fonts.googleapis.com	hi.haenselblatt.com
1	pixel.rubiconproject.com
1	cm.adform.net
1	adxbid.info	get.optad360.io
1	csync.smilewanted.com	get.optad360.io
1	sync.quantumdex.io	get.optad360.io
1	acdn.adnxs.com	get.optad360.io
1	match.adsrvr.org	get.optad360.io
1	static.criteo.net	get.optad360.io
1	cadmus.script.ac	script.4dex.io
1	cdn.jsdelivr.net	get.optad360.io
1	cdn.optad360.net	hi.haenselblatt.com
1	cmp.optad360.io	hi.haenselblatt.com
1	code.jquery.com	hi.haenselblatt.com
1	unpkg.com	hi.haenselblatt.com
0	a.vidoomy.com Failed
0	pool.admedo.com Failed
0	optad360-d.openx.net Failed	get.optad360.io
0	prg.smartadserver.com Failed	get.optad360.io
96	44

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
www.haenselblatt.com
es.haenselblatt.com
fr.haenselblatt.com
ar.haenselblatt.com
bg.haenselblatt.com
cs.haenselblatt.com
da.haenselblatt.com
el.haenselblatt.com
et.haenselblatt.com
fi.haenselblatt.com
he.haenselblatt.com
hr.haenselblatt.com
hu.haenselblatt.com
id.haenselblatt.com
it.haenselblatt.com
ja.haenselblatt.com
ko.haenselblatt.com
lt.haenselblatt.com
lv.haenselblatt.com
ms.haenselblatt.com
nl.haenselblatt.com
no.haenselblatt.com
pl.haenselblatt.com
pt.haenselblatt.com
ro.haenselblatt.com
ru.haenselblatt.com
sk.haenselblatt.com
sl.haenselblatt.com
sr.haenselblatt.com
sv.haenselblatt.com
th.haenselblatt.com
tr.haenselblatt.com
ua.haenselblatt.com
vi.haenselblatt.com

Subject Issuer	Validity	Valid
haenselblatt.com WE1	`2024-07-04` - `2024-10-02`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.optad360.io Amazon RSA 2048 M02	`2023-09-17` - `2024-10-15`	a year	crt.sh
unpkg.com WE1	`2024-07-28` - `2024-10-26`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
anltc.cc WE1	`2024-07-05` - `2024-10-03`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.optad360.net Amazon RSA 2048 M03	`2024-05-26` - `2025-06-25`	a year	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-18` - `2024-09-17`	3 months	crt.sh
*.vidoomy.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-10-06`	a year	crt.sh
quantumdex.io WE1	`2024-07-30` - `2024-10-28`	3 months	crt.sh
*.adxpremium.services Sectigo RSA Domain Validation Secure Server CA	`2024-07-30` - `2025-08-05`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.a-mo.net R10	`2024-07-04` - `2024-10-02`	3 months	crt.sh
*.wp.pl RapidSSL TLS RSA CA G1	`2024-03-04` - `2025-03-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2024-04-05` - `2025-04-30`	a year	crt.sh
smilewanted.com WE1	`2024-06-14` - `2024-09-12`	3 months	crt.sh
script.ac E6	`2024-06-23` - `2024-09-21`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-27` - `2024-09-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
adxbid.info WE1	`2024-07-28` - `2024-10-26`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-27` - `2025-06-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh

This page contains 10 frames:

Primary Page: https://hi.haenselblatt.com/
Frame ID: 8C67EC34920D36BB106F6139E62F20A1
Requests: 86 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 8F81B23FF6E138F77DF904B712A424D4
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=36674736240783920000&sn=mc_adapter
Frame ID: 05B0FDDBB9E488A1B7131E5A8FC0313E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E7A522A31C1595676BFC4F4B761B21C7
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 1B3FF24E81C1B918100E0AFA2CF8E58C
Requests: 1 HTTP requests in this frame

Frame: https://optad360-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=
Frame ID: AB4F92E117DE6D07AE5F53E618E75D3E
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: E0D3A8291BA7AE2361CE1C95B574D5B2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 838DF3B5CAA1BF9CA15D44B3EF1D9301
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1723437394084&gdpr=0
Frame ID: 5024182CA7D118A8093DB8EDC02B23D7
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 0E6294EC5EE190412597EFD67A3D00FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

उपयोगी जानकारी और बागवानी टिप्स। पेशेवर माली ब्लॉग! | पेशेवर माली कैसे बनें। पौधों की देखभाल के लिए उपयोगी जानकारी और सुझाव। बागवानी का विश्वकोश।

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

96
Requests

93 %
HTTPS

44 %
IPv6

35
Domains

44
Subdomains

42
IPs

12
Countries

2148 kB
Transfer

7973 kB
Size

60
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://es.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://fr.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://ar.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://bg.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://cs.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://da.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://el.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://et.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://fi.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://he.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://hr.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://hu.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://id.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://it.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://ja.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://ko.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://lt.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://lv.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://ms.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://nl.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://no.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://pl.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://pt.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://ro.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://ru.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://sk.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://sl.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://sr.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://sv.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://th.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://tr.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://ua.haenselblatt.com/

Search URL Search Domain Scan URL

URL: https://vi.haenselblatt.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10458.BYpnuhnSMyVt9AYyYm5Y1SOrxjQG6FvXms8R22yO527lGNxdeZEJ6Gtjzf5HUPmb.XqqnnFGJFbeutQKIefwWsiSLE0k%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10458.TKdGInIh9xuxD4L_HHkCQOiGkYbEhROAgD8OQVK1gcV8b17VI_QCQujQWPPlFYsTDrGMXH-svNg6tAu8iKEvvxTJPPNE7uS8XC4n9SuTmEeR4Wlr2qJNb6e7N9IRfNDfnUt2H-vQgyRVHsWV7c-c0HOVSGVoGFdfx_Uqe3fSUFIT3qY2mwk-PZEgJ5cFAVbww7V7MiYJ-pIyOs5etMZ2vtw9W_SVG0ZNDPy5xCVAp34%2C.uL2GOZG4fepO0BvVLT0Ihy2qwWs%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10458.rW6l-AOaX0RObv3_cvJ17t1HvuELc8an5gv9sc5NUPQiuq6GohcXz6XBtJxjlBVo50MRM0TMLvw2oHcGOXmYzZlToPIBBtEwY_S0a3G90pCvfswtDlwz48CKiE4F1RAX7k7Zt8yUG-UaA06IvyuDJqFXhrKIslRSM4-_xQWdAUf3BhtDIVfyStkpSdpc9ef_Zg6TUOkgnTxBrlrVVy1d9Q%2C%2C.18EPPrsBjessZ-Y9CGWfYO70fjk%2C

Request Chain 37

https://mc.yandex.com/watch/49787647?wmode=7&page-url=https%3A%2F%2Fhi.haenselblatt.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A114784994457%3Ahid%3A263956917%3Az%3A120%3Ai%3A20240812063632%3Aet%3A1723437393%3Ac%3A1%3Arn%3A390135098%3Arqn%3A1%3Au%3A1723437393394960944%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A887%3Awv%3A2%3Ads%3A36%2C253%2C85%2C30%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723437391032%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723437393%3At%3A%E0%A4%89%E0%A4%AA%E0%A4%AF%E0%A5%8B%E0%A4%97%E0%A5%80%20%E0%A4%9C%E0%A4%BE%E0%A4%A8%E0%A4%95%E0%A4%BE%E0%A4%B0%E0%A5%80%20%E0%A4%94%E0%A4%B0%20%E0%A4%AC%E0%A4%BE%E0%A4%97%E0%A4%B5%E0%A4%BE%E0%A4%A8%E0%A5%80%20%E0%A4%9F%E0%A4%BF%E0%A4%AA%E0%A5%8D%E0%A4%B8%E0%A5%A4%20%E0%A4%AA%E0%A5%87%E0%A4%B6%E0%A5%87%E0%A4%B5%E0%A4%B0%20%E0%A4%AE%E0%A4%BE%E0%A4%B2%E0%A5%80%20%E0%A4%AC%E0%A5%8D%E0%A4%B2%E0%A5%89%E0%A4%97!%20%7C%20%E0%A4%AA%E0%A5%87%E0%A4%B6%E0%A5%87%E0%A4%B5%E0%A4%B0%20%E0%A4%AE%E0%A4%BE%E0%A4%B2%E0%A5%80%20%E0%A4%95%E0%A5%88%E0%A4%B8%E0%A5%87%20%E0%A4%AC%E0%A4%A8%E0%A5%87%E0%A4%82%E0%A5%A4%20%E0%A4%AA%E0%A5%8C%E0%A4%A7%E0%A5%8B%E0%A4%82%20%E0%A4%95%E0%A5%80%20%E0%A4%A6%E0%A5%87%E0%A4%96%E0%A4%AD%E0%A4%BE%E0%A4%B2%20%E0%A4%95%E0%A5%87%20%E0%A4%B2%E0%A4%BF%E0%A4%8F%20%E0%A4%89%E0%A4%AA%E0%A4%AF%E0%A5%8B%E0%A4%97%E0%A5%80%20%E0%A4%9C%E0%A4%BE%E0%A4%A8%E0%A4%95%E0%A4%BE%E0%A4%B0%E0%A5%80%20%E0%A4%94%E0%A4%B0%20%E0%A4%B8%E0%A5%81%E0%A4%9D%E0%A4%BE%E0%A4%B5%E0%A5%A4%20%E0%A4%AC%E0%A4%BE%E0%A4%97%E0%A4%B5%E0%A4%BE%E0%A4%A8%E0%A5%80%20%E0%A4%95%E0%A4%BE%20%E0%A4%B5%E0%A4%BF%E0%A4%B6%E0%A5%8D%E0%A4%B5%E0%A4%95%E0%A5%8B%E0%A4%B6%E0%A5%A4&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
https://mc.yandex.com/watch/49787647/1?wmode=7&page-url=https%3A%2F%2Fhi.haenselblatt.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A114784994457%3Ahid%3A263956917%3Az%3A120%3Ai%3A20240812063632%3Aet%3A1723437393%3Ac%3A1%3Arn%3A390135098%3Arqn%3A1%3Au%3A1723437393394960944%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A887%3Awv%3A2%3Ads%3A36%2C253%2C85%2C30%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723437391032%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723437393%3At%3A%E0%A4%89%E0%A4%AA%E0%A4%AF%E0%A5%8B%E0%A4%97%E0%A5%80%20%E0%A4%9C%E0%A4%BE%E0%A4%A8%E0%A4%95%E0%A4%BE%E0%A4%B0%E0%A5%80%20%E0%A4%94%E0%A4%B0%20%E0%A4%AC%E0%A4%BE%E0%A4%97%E0%A4%B5%E0%A4%BE%E0%A4%A8%E0%A5%80%20%E0%A4%9F%E0%A4%BF%E0%A4%AA%E0%A5%8D%E0%A4%B8%E0%A5%A4%20%E0%A4%AA%E0%A5%87%E0%A4%B6%E0%A5%87%E0%A4%B5%E0%A4%B0%20%E0%A4%AE%E0%A4%BE%E0%A4%B2%E0%A5%80%20%E0%A4%AC%E0%A5%8D%E0%A4%B2%E0%A5%89%E0%A4%97%21%20%7C%20%E0%A4%AA%E0%A5%87%E0%A4%B6%E0%A5%87%E0%A4%B5%E0%A4%B0%20%E0%A4%AE%E0%A4%BE%E0%A4%B2%E0%A5%80%20%E0%A4%95%E0%A5%88%E0%A4%B8%E0%A5%87%20%E0%A4%AC%E0%A4%A8%E0%A5%87%E0%A4%82%E0%A5%A4%20%E0%A4%AA%E0%A5%8C%E0%A4%A7%E0%A5%8B%E0%A4%82%20%E0%A4%95%E0%A5%80%20%E0%A4%A6%E0%A5%87%E0%A4%96%E0%A4%AD%E0%A4%BE%E0%A4%B2%20%E0%A4%95%E0%A5%87%20%E0%A4%B2%E0%A4%BF%E0%A4%8F%20%E0%A4%89%E0%A4%AA%E0%A4%AF%E0%A5%8B%E0%A4%97%E0%A5%80%20%E0%A4%9C%E0%A4%BE%E0%A4%A8%E0%A4%95%E0%A4%BE%E0%A4%B0%E0%A5%80%20%E0%A4%94%E0%A4%B0%20%E0%A4%B8%E0%A5%81%E0%A4%9D%E0%A4%BE%E0%A4%B5%E0%A5%A4%20%E0%A4%AC%E0%A4%BE%E0%A4%97%E0%A4%B5%E0%A4%BE%E0%A4%A8%E0%A5%80%20%E0%A4%95%E0%A4%BE%20%E0%A4%B5%E0%A4%BF%E0%A4%B6%E0%A5%8D%E0%A4%B5%E0%A4%95%E0%A5%8B%E0%A4%B6%E0%A5%A4&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

Request Chain 91

https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=undefined&us_privacy= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&gdpr=0&gdpr_consent=undefined&us_privacy= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=3a6f46af-c09a-424f-93f3-76cfdd845510 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=3a6f46af-c09a-424f-93f3-76cfdd845510

Request Chain 94

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=2815fbe5-3a85-44a5-976a-639fdf3e9837-66b99155-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D2815fbe5-3a85-44a5-976a-639fdf3e9837-66b99155-5553%26partner_url%3Dhttps%253A%252F%252Fa.vidoomy.com%252Fapi%252Frtbserver%252Fcookie%253Fi%253DCEN%2526uid%253D2815fbe5-3a85-44a5-976a-639fdf3e9837-66b99155-5553 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=2815fbe5-3a85-44a5-976a-639fdf3e9837-66b99155-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D2815fbe5-3a85-44a5-976a-639fdf3e9837-66b99155-5553 HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=2815fbe5-3a85-44a5-976a-639fdf3e9837-66b99155-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D2815fbe5-3a85-44a5-976a-639fdf3e9837-66b99155-5553 HTTP 302
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=2815fbe5-3a85-44a5-976a-639fdf3e9837-66b99155-5553

96 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
hi.haenselblatt.com/ 18 KB
4 KB 402ms
112ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5aea814e599f370397efd9624b085cf8027153cbcabcfa7edea791550c116df

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8b1dc3cffd929f5e-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Aug 2024 04:36:31 GMT
expires: Mon, 12 Aug 2024 04:46:31 GMT
last-modified: Mon, 09 Mar 2020 22:10:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LtwbxRRsuclTA%2FPWLg%2BUAgNhg%2BZA8AF%2B%2BpxT3LA2NiC80LxeFnLmhOU6lDCI%2Br7gijNKFbcvW%2Bw4O0kDawDYgcxsUq7QF3xZ%2BmPMG4oszV6VOua%2BYOT7G30UaGmiIfqbCs2m1KCR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 3 KB
990 B 180ms
35ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=cyrillic

Requested by

Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Aug 2024 04:36:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 04:36:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Aug 2024 04:36:31 GMT

GET
H3 200 main.min.css
hi.haenselblatt.com/css/ 51 KB
7 KB 59ms
54ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.haenselblatt.com/css/main.min.css
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f09558ac9e3c60e1f166a9226e68804022e72b8683d50ce677c7046d7ddd2e74

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Apr 2020 22:19:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 119214
etag: W/"5e9f716d-cc29"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ShtwCOCdBIRwjYvjclkEeS7vlQ7uiDyrwXvoGe4n1yHoqTB2QDPJE4QX%2FL4HqHElX%2BSaYXPmu5ZHLV59JtBA7XxfWGrYfxVYXnXPxJE2bGCklu3lwmgtmFdNhXsWlFh2u34d4V59"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 8b1dc3d0de169f5e-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
51 KB 241ms
109ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e26af5f713f58232b4b3d3d0b14ca34a28582f6eb66bbba16c404c65de534c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52446
x-xss-protection: 0
server: cafe
etag: 10665331316758232287
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 12 Aug 2024 04:36:31 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/c948c303-5698-4522-ab5f-4b31b2e48774/ 186 KB
43 KB 476ms
127ms Script
application/javascript 2600:9000:225e:c200:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/c948c303-5698-4522-ab5f-4b31b2e48774/plugin.min.js
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 749d584d553121457f53926f2d79727f2b5877d012bdf2c72f2ec6b8d2d6fad6

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 03:22:29 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 12:42:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 4444
x-amz-server-side-encryption: AES256
etag: W/"96aec5da7f7909e6b4ab14f32ea32927"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-id: dFD0rfotKjtSp5u1bzkIr4MUQQRnGbd4d-k9wsStZG24TegOV1Le4g==

GET
H2 200 zone-7-plants-learn-about-planting-a-garden-in-zone-7.jpg
ar.haenselblatt.com/img/images/ 82 KB
83 KB 450ms
162ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/zone-7-plants-learn-about-planting-a-garden-in-zone-7.jpg
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49e707ccb3b176db2d62295d74a56945538312bc7b3b4fe8c07ebe1763a2ea1a

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f40-148cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vjrzZErCIMHHHHP0msDpjNxxwlzWm3tnHfog%2F47FEauQr2ztDx97rxP7fVRYYj0LEC6%2BO4shaK84il7gTE7T44RWCpGfSC%2FF37SdPYNtJ0wALlD0DfC%2FA7pllMezqigkqrNaD1K2Sqb%2FJkt7B5EZHpAA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b1dc3d28b180bc8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 84172
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zone-7-palm-trees-palm-trees-that-grow-in-zone-7.jpg
ar.haenselblatt.com/img/images/ 70 KB
70 KB 456ms
168ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/zone-7-palm-trees-palm-trees-that-grow-in-zone-7.jpg
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7869f68b2a0849ec5dfb4de763db33377bce2fe7a4c673880b479261271208e3

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f40-1184b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lYJuZeI7a1PeCLS653e8fDV15PZJ4y3BxeGm3anjSynwGa1vthgfJIBfb8M1%2FEpWm116F6KbjRXm5xhVAN08CjAr1lYrrnErr0h0z8pAHsg9EkmLuf69ykD8xLJFn9UhZFkJ8fOUdJPF28I7ialUxLKX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b1dc3d28b170bc8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 71755
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zone-7-ornamental-grasses-learn-about-various-types-of-zone-7-grass.jpg
ar.haenselblatt.com/img/images/ 70 KB
70 KB 211ms
170ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/zone-7-ornamental-grasses-learn-about-various-types-of-zone-7-grass.jpg
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b4cab4069bc5e90dec3326760b22daff0c9c4ff0663bb6face371e19df600dd

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f40-1171f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SdyrKMMFDx4uftDzBpmbLVVD5vzfGWtkSj9ZKY2SfeDGfEV7EH8vSxzT8zcn0E16TBzus7IZtt1aYJ5NAbMhSDXyJHFTgOfSc6GWPVJarClqLHywu49J%2FUEaEGCpb8BirMtHTus5cTBFuHgnSBdkt%2Fd1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b1dc3d28b1e0bc8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 71455
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zone-7-nut-trees-choosing-nut-trees-for-zone-7-climates.jpg
ar.haenselblatt.com/img/images/ 23 KB
24 KB 135ms
94ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/zone-7-nut-trees-choosing-nut-trees-for-zone-7-climates.jpg
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb3ffd6060849d84ff7c9cad3c155f4772879f430faac5b08b756bc112c816fb

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f40-5cd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qT0jA8mMg9khyU6De1qCl1ZaA0kmse9JhvOou2RDsD1PK5vKDTzPReeysRgS1umkGpmy6xxQahkp6sFnFJi%2BdPZLmQAXvPBvAjCVdblXN1noEI3PzFWceZwebaKhuLEVVDzZKjsBkP%2BsQ5T5G7QqB0wH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b1dc3d28b1b0bc8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 23765
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zone-7-kiwi-vines-learn-about-hardy-varieties-kiwi-for-zone-7-climates.jpg
ar.haenselblatt.com/img/images/ 34 KB
34 KB 140ms
99ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/zone-7-kiwi-vines-learn-about-hardy-varieties-kiwi-for-zone-7-climates.jpg
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c86b99ca8a69d370570544c357437d49d87cba057f791b88ded6978716344b2

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f40-866a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oqwoOCL85kbxQPeYc4FL9TP0xzXtFS8%2BsXdWfZlb7z2HYCsehWRjSUbn55cdGvG%2BnXIRawS5u7bsTlB3vdFGat2bD3mI9k1%2BNeHe0wiRsddaPJMmokkBPdj2eso9Z12SugMsyI9SiQalYvyane2gQ%2BR2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b1dc3d28b190bc8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 34410
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zone-7-junipers-growing-juniper-bushes-in-zone-7-gardens.jpg
ar.haenselblatt.com/img/images/ 71 KB
72 KB 216ms
212ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/zone-7-junipers-growing-juniper-bushes-in-zone-7-gardens.jpg
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 897f832df132d124acdd2dfb2fbbcf71303dbd9b9a0ce5259bc097c09c8067e4

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:32 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f40-11cdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MiFbW099tI%2FJej5%2Baenkk%2BU9JWvnz1Sh8%2FrW4BdEvnbmBWj4P6TmJV8mAsAQ%2FPMc67TM6h8M%2BDii6VCpOmQWJdV8WrHM%2FyFbDYCHVBkEQpTR6Dw2pt33sgSoKxux0EYuI3qCZyuig6r%2Bjd34GUo8DmJC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b1dc3d35b9d0bc8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 72924
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zone-7-jasmine-plants-choosing-hardy-jasmine-for-zone-7-climates.jpg
ar.haenselblatt.com/img/images/ 39 KB
39 KB 205ms
202ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/zone-7-jasmine-plants-choosing-hardy-jasmine-for-zone-7-climates.jpg
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0958304bc117f2ab723ef287845c0b0ac69220030abd17c945427d200513cc

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f40-9b13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RgtyAk%2BBP5pMZ0VdtXMiWthlsJaIL6TueRCigtCMW0iWMn%2BCfOfoy0T2jNIP6taJDtNt%2Bcm5j4hoOAi0A4piibODNDlIIC4a7X4qYQJZB4EKoKUy5EXjjadQBMSTdH7OPNe64cKCvEqE2hcnc5HIpfZQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b1dc3d35b9e0bc8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 39699
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zone-7-japanese-maple-varieties-choosing-japanese-maple-trees-for-zone-7.jpg
ar.haenselblatt.com/img/images/ 55 KB
55 KB 208ms
204ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/zone-7-japanese-maple-varieties-choosing-japanese-maple-trees-for-zone-7.jpg
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a3e2256e233d90f0b569ce630a1168b58081b1228c529ce72d2bb65d2158e7c

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f40-dc89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yf%2FeFweI4JrqSX5GBnFGTEgYVaK0J1KIE7Ouka3R8oD21pOVEbCpk8UnGNI9WHjaeqVytB9qscYeqrBEQRVY%2BtrzA825Wf5vM3KxfOHDYiO1vp%2BBaFTDNCYDJhUt%2FLIpFUu3L53AaqLYLOlToBEVr8Zg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b1dc3d35b9f0bc8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 56457
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 flags.css
hi.haenselblatt.com/css/ 15 KB
3 KB 116ms
103ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.haenselblatt.com/css/flags.css
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c657f600ec9a19ba9d77dd63953305ee476031e318eef70256fc5bcc2076fb74

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 19 Mar 2012 17:29:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 346801
etag: W/"4f676d10-3b30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s125mHQ92G5pJpV%2BG4oSDJpEAX9EF3x0cH2DRhN2QuhtxawYwSPO1KoVZmEZIV6j2O6vL70hevkrkOcDdMFqljTYix%2BYDidUuHUMgzy1SS1S9uReylX%2FGXQvA6vcowY%2Fl%2FR6zeRC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 8b1dc3d26efe9f5e-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 simple-jekyll-search.min.js Show response
unpkg.com/simple-jekyll-search@1.5.0/dest/ 5 KB
3 KB 201ms
60ms Script
application/javascript 2606:4700::6811:f6cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/simple-jekyll-search@1.5.0/dest/simple-jekyll-search.min.js

Requested by

Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c6e9c08f3bf317085ed03287d8dd8c46059731d47ab7cba9e05134296fc5cfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
content-encoding: gzip
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 13089149
last-modified: Mon, 11 Sep 2017 18:45:17 GMT
fly-request-id: 01HRWB62TM341BP60F4H6S0GBD-ams
server: cloudflare
etag: "1538-cMUO/uEsfQz3JaG2l2WBFsFIobY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8b1dc3d33b351c89-AMS

GET
H2 200 jquery-2.1.4.min.js Show response
code.jquery.com/ 82 KB
29 KB 203ms
62ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.1.4.min.js
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2327570
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 29519
x-served-by: cache-lga21971-LGA, cache-ams21041-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1723437392.871525,VS0,VE0
etag: W/"28feccc0-14979"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 15866, 7446

GET
H3 200 jquery.unveil2.min.js Show response
hi.haenselblatt.com/js/ 3 KB
2 KB 117ms
105ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.haenselblatt.com/js/jquery.unveil2.min.js
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec5c31174ce479e50cb8d2dd6ad045ea74a952935dd30a8021e5daf27c1b172f

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 29 Jan 2024 22:19:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 119213
etag: W/"65b8245b-d3c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vlEcw93AnXzPhuOnszJY72IVxxvBc4IklXXIrk1dWELSS%2Buo3F5ZccCtTH7KJ5GGE%2Fym6HR%2BUWGLvFrOdE0Du8fTiOAVtH6w2uqJ4oxL8%2Byu72JJI0w%2BvYuaeof8Bna9G58FigEi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 8b1dc3d26eff9f5e-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
2 KB 203ms
78ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 297985
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 975
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Unevk3Yosx73rnH1VpYRN8A8yYg0Y1YCq%2FR%2F4Dba9nCEanS%2B3pjzLOd%2F%2Fj1RWqk9dLVecE86tvuLViepIdwV6PDSduQRvL%2BrqvJM8C9o%2B2nfdS1YZVchcwsmRwd5FVoBxuzL3imv"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b1dc3d33f3a9fa6-AMS
expires: Sat, 02 Aug 2025 04:36:31 GMT

GET
H3 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
6 KB 240ms
116ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1663555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5978
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=burFbTIbmmbDFHZkLm%2FkbCRJaHiqKZ2bj8QyY9Wk72TKEwyFPm%2BLyEGEwhuUjdhPSgjW6R98peF9a2c8II5zaSKDTxrFPhClLaFBwNoNazP%2BLI81rnfgiDYauIMPFLjrNL1pKjjs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b1dc3d33f399fa6-AMS
expires: Sat, 02 Aug 2025 04:36:31 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
71 KB 450ms
101ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:32 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66b1ec49-11660"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71264
expires: Mon, 12 Aug 2024 05:36:32 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 503ms
67ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hi.haenselblatt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 15:27:45 GMT
x-content-type-options: nosniff
age: 479327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 15:27:45 GMT

GET
H3 200 flags.png
hi.haenselblatt.com/css/ 29 KB
29 KB 49ms
46ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.haenselblatt.com/css/flags.png
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/css/flags.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 367191b7b8ee0aa9769e2a03371f6827f715c07b217ab202112e6ff59b852359

Request headers

Referer: https://hi.haenselblatt.com/css/flags.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 119211
alt-svc: h3=":443"; ma=86400
content-length: 29222
last-modified: Mon, 19 Mar 2012 16:58:22 GMT
server: cloudflare
etag: "4f6765ae-7226"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5xU2L6gW8xBFhqfWu0YddPQvxUCFRjh7BMfbX1jMvSC%2FJPa7R8ElAgfMxXi3hemXc8TFA2imq42o2JW3y7E%2FdKB2RbZUU2G0HJyTISQonvcOs6tFKKD7cWjivkji7OvzFkfy08%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b1dc3d39fb29f5e-AMS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 search.json Show response
hi.haenselblatt.com/ 4 MB
540 KB 208ms
207ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.haenselblatt.com/search.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/simple-jekyll-search@1.5.0/dest/simple-jekyll-search.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17753933ab0b6867c788d7fff0c6b0df98221f20d6cf3b362b822437e5c96125

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:32 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Mon, 09 Mar 2020 22:10:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3c9594-5a0734708de40"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GhlU%2FCXZ6zhjr5fC4tsPj0H71IqMgsIB0JPnKTWu0gzTZZRMuFXS9z3iMTbj%2FAeGCRoznSE0QvLtpCbLZylWhVLFKubcXN58%2B9g0X09qEmet88fmg8tsIq6b3gYbbPfMhI7PsK%2BQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=5
cf-ray: 8b1dc3d40ff79f5e-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 12 Aug 2024 04:36:37 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/ 423 KB
143 KB 144ms
102ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6284591903398394&plah=hi.haenselblatt.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c71af4c8bd0f0ce02e8fd674b7145812efa411dd9f367b67d4378740f1226e7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145999
x-xss-protection: 0
server: cafe
etag: 13029983781825967743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Aug 2024 04:36:32 GMT

GET
H3 200 script.js Show response
www.anltc.cc/js/ 819 B
923 B 541ms
37ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anltc.cc/js/script.js
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/js/jquery.unveil2.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbe873ab99c1f241015fb10782da87e1c26ff337721a3f796874168430ee8f18

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:33 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Jan 2024 21:30:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2063
etag: W/"333-60eb2427e26c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oteRuWro7cRZ88jO%2BbSh56J%2FJYbQcSzneDYREME77IvV4Am%2FSTbCFYPd7yLTScZK7dVDMAw0E7JEhQLcdVJ%2Bk3bVv1Y%2B4Z5ooMBXrfKRyjCugKuc879CpCCLkYPsXKo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b1dc3da9d214160-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 5ac00c99-a9b2-47da-aa87-fd040ea5a192.min.js Show response
cmp.optad360.io/items/ 2 B
405 B 765ms
37ms Script
application/javascript 2600:9000:2156:1600:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/5ac00c99-a9b2-47da-aa87-fd040ea5a192.min.js
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/js/jquery.unveil2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 04:47:58 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
last-modified: Wed, 24 Apr 2024 11:39:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 517716
etag: "99914b932bd37a50b983c5e7c90ae93b"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2
x-amz-cf-id: d8fYvbLY0FS4wSLfjLlVk_mBqx5Y6avgfojxWdEQqBt5_6uzlqZy8Q==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 zone-7-plants-learn-about-planting-a-garden-in-zone-7.jpg
ar.haenselblatt.com/img/images/ 82 KB
0 2ms
2ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/zone-7-plants-learn-about-planting-a-garden-in-zone-7.jpg
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49e707ccb3b176db2d62295d74a56945538312bc7b3b4fe8c07ebe1763a2ea1a

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f40-148cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vjrzZErCIMHHHHP0msDpjNxxwlzWm3tnHfog%2F47FEauQr2ztDx97rxP7fVRYYj0LEC6%2BO4shaK84il7gTE7T44RWCpGfSC%2FF37SdPYNtJ0wALlD0DfC%2FA7pllMezqigkqrNaD1K2Sqb%2FJkt7B5EZHpAA"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b1dc3d28b180bc8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 84172
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zone-7-palm-trees-palm-trees-that-grow-in-zone-7.jpg
ar.haenselblatt.com/img/images/ 70 KB
0 3ms
3ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/zone-7-palm-trees-palm-trees-that-grow-in-zone-7.jpg
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7869f68b2a0849ec5dfb4de763db33377bce2fe7a4c673880b479261271208e3

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f40-1184b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lYJuZeI7a1PeCLS653e8fDV15PZJ4y3BxeGm3anjSynwGa1vthgfJIBfb8M1%2FEpWm116F6KbjRXm5xhVAN08CjAr1lYrrnErr0h0z8pAHsg9EkmLuf69ykD8xLJFn9UhZFkJ8fOUdJPF28I7ialUxLKX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b1dc3d28b170bc8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 71755
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zone-7-ornamental-grasses-learn-about-various-types-of-zone-7-grass.jpg
ar.haenselblatt.com/img/images/ 70 KB
0 7ms
7ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/zone-7-ornamental-grasses-learn-about-various-types-of-zone-7-grass.jpg
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b4cab4069bc5e90dec3326760b22daff0c9c4ff0663bb6face371e19df600dd

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f40-1171f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SdyrKMMFDx4uftDzBpmbLVVD5vzfGWtkSj9ZKY2SfeDGfEV7EH8vSxzT8zcn0E16TBzus7IZtt1aYJ5NAbMhSDXyJHFTgOfSc6GWPVJarClqLHywu49J%2FUEaEGCpb8BirMtHTus5cTBFuHgnSBdkt%2Fd1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b1dc3d28b1e0bc8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 71455
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zone-7-nut-trees-choosing-nut-trees-for-zone-7-climates.jpg
ar.haenselblatt.com/img/images/ 23 KB
0 10ms
10ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ar.haenselblatt.com/img/images/zone-7-nut-trees-choosing-nut-trees-for-zone-7-climates.jpg
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb3ffd6060849d84ff7c9cad3c155f4772879f430faac5b08b756bc112c816fb

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:31 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Feb 2020 14:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5e455f40-5cd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qT0jA8mMg9khyU6De1qCl1ZaA0kmse9JhvOou2RDsD1PK5vKDTzPReeysRgS1umkGpmy6xxQahkp6sFnFJi%2BdPZLmQAXvPBvAjCVdblXN1noEI3PzFWceZwebaKhuLEVVDzZKjsBkP%2BsQ5T5G7QqB0wH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 8b1dc3d28b1b0bc8-AMS
alt-svc: h3=":443"; ma=86400
content-length: 23765
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10458.BYpnuhnSMyVt9AYyYm5Y1SOrxjQG6FvXms8R22yO527lGNxdeZEJ6Gtjzf5HUPmb.XqqnnFGJFbeutQKIefwWsiSLE0k%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10458.TKdGInIh9xuxD4L_HHkCQOiGkYbEhROAgD8OQVK1gcV8b17VI_QCQujQWPPlFYsTDrGMXH-svNg6tAu8iKEvvxTJPPNE7uS8XC4n9SuTmEeR4Wlr2qJNb6e7N9IRfNDfnUt2H-vQgy...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10458.rW6l-AOaX0RObv3_cvJ17t1HvuELc8an5gv9sc5NUPQiuq6GohcXz6XBtJxjlBVo50MRM0TMLvw2oHcGOXmYzZlToPIBBtEwY_S0a3G90pCvf...

43 B
613 B

93ms
92ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10458.rW6l-AOaX0RObv3_cvJ17t1HvuELc8an5gv9sc5NUPQiuq6GohcXz6XBtJxjlBVo50MRM0TMLvw2oHcGOXmYzZlToPIBBtEwY_S0a3G90pCvfswtDlwz48CKiE4F1RAX7k7Zt8yUG-UaA06IvyuDJqFXhrKIslRSM4-_xQWdAUf3BhtDIVfyStkpSdpc9ef_Zg6TUOkgnTxBrlrVVy1d9Q%2C%2C.18EPPrsBjessZ-Y9CGWfYO70fjk%2C

Requested by

Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Aug 2024 04:36:32 GMT
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10458.rW6l-AOaX0RObv3_cvJ17t1HvuELc8an5gv9sc5NUPQiuq6GohcXz6XBtJxjlBVo50MRM0TMLvw2oHcGOXmYzZlToPIBBtEwY_S0a3G90pCvfswtDlwz48CKiE4F1RAX7k7Zt8yUG-UaA06IvyuDJqFXhrKIslRSM4-_xQWdAUf3BhtDIVfyStkpSdpc9ef_Zg6TUOkgnTxBrlrVVy1d9Q%2C%2C.18EPPrsBjessZ-Y9CGWfYO70fjk%2C
date: Mon, 12 Aug 2024 04:36:32 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 ca-pub-6284591903398394 Show response
fundingchoicesmessages.google.com/i/ 204 KB
67 KB 984ms
53ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-6284591903398394?href=https%3A%2F%2Fhi.haenselblatt.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6284591903398394&plah=hi.haenselblatt.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a456127371dea04a90bb6527727a01ac5c66ee6c36a6ea62c876763a0a5886aa

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-cRvnUpsFIi6S8POaN5CXtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-cRvnUpsFIi6S8POaN5CXtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw05BiOO90h-k6EEt8fcmkBcRO6TNYQ4DYp34GaxwQt948xzodiJP-nWctAWJ3rYus_kC8JOIi65HEi6yGCpdYnYF4ev0l1vlAvPfjJdajQOzIcZnVE4iFeDguLnq2lU3gx6cX95mUNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwsDCz0DEziCwwA215BAA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
575 B 74ms
70ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:32 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "66b1ec49-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 12 Aug 2024 05:36:32 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 105 KB
32 KB 938ms
60ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/c948c303-5698-4522-ab5f-4b31b2e48774/plugin.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e499071f882b3f8874e2f17e1be83a52dbce2706c2576acbd751ed1b14b54416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32839
x-xss-protection: 0
server: cafe
etag: 397 / 19947 / 31086024 / config-hash: 9072019561209455628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Aug 2024 04:36:33 GMT

GET
H2 200 prebid8.20.2.js Show response
get.optad360.io/assets/js/ 510 KB
164 KB 38ms
37ms Script
text/javascript 2600:9000:225e:c200:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/c948c303-5698-4522-ab5f-4b31b2e48774/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c200:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 510178b6d31d46a54c7bdacc0456720c5bbb9be1c47f603ecffc61899018b768

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 07:55:20 GMT
content-encoding: gzip
via: 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 07:08:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 247273
etag: W/"643c66a3d7b92031d1740b1b750e096d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=360000000
x-amz-cf-id: 0kIDKxW9MgPgAJwI7h-lXqV0E2eYrtRsrrRI_07GGX8kA2KyNsWKTw==

GET
H2 200 branding-ads.svg
cdn.optad360.net/icons/ 7 KB
3 KB 928ms
48ms Image
image/svg+xml 2600:9000:211e:e800:f:a31d:75c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.optad360.net/icons/branding-ads.svg
Requested by: Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e800:f:a31d:75c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 05:14:26 GMT
content-encoding: gzip
via: 1.1 6c7a5d26be7fb35284e54d321f16b6f6.cloudfront.net (CloudFront)
last-modified: Wed, 22 Jun 2022 12:02:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 18573728
etag: W/"b0a3aa2e09d4ddd83150d7bd3347c5c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=360000000
x-amz-cf-id: rl2Itv-cDbPVaKw_ppAI5XqouCIQNooSvqh-Xbf4pPEhv_gsde1RKQ==

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame 8F81 0
0 715ms
65ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hi.haenselblatt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Mon, 12 Aug 2024 04:36:33 GMT
etag: "66b1ec49-416"
expires: Mon, 12 Aug 2024 05:36:33 GMT
last-modified: Tue, 06 Aug 2024 09:26:33 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

GET
H2

200

1 Show response
mc.yandex.com/watch/49787647/
Redirect Chain

https://mc.yandex.com/watch/49787647?wmode=7&page-url=https%3A%2F%2Fhi.haenselblatt.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.com/watch/49787647/1?wmode=7&page-url=https%3A%2F%2Fhi.haenselblatt.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8...

476 B
874 B

98ms
87ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/49787647/1?wmode=7&page-url=https%3A%2F%2Fhi.haenselblatt.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A114784994457%3Ahid%3A263956917%3Az%3A120%3Ai%3A20240812063632%3Aet%3A1723437393%3Ac%3A1%3Arn%3A390135098%3Arqn%3A1%3Au%3A1723437393394960944%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A887%3Awv%3A2%3Ads%3A36%2C253%2C85%2C30%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723437391032%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723437393%3At%3A%E0%A4%89%E0%A4%AA%E0%A4%AF%E0%A5%8B%E0%A4%97%E0%A5%80%20%E0%A4%9C%E0%A4%BE%E0%A4%A8%E0%A4%95%E0%A4%BE%E0%A4%B0%E0%A5%80%20%E0%A4%94%E0%A4%B0%20%E0%A4%AC%E0%A4%BE%E0%A4%97%E0%A4%B5%E0%A4%BE%E0%A4%A8%E0%A5%80%20%E0%A4%9F%E0%A4%BF%E0%A4%AA%E0%A5%8D%E0%A4%B8%E0%A5%A4%20%E0%A4%AA%E0%A5%87%E0%A4%B6%E0%A5%87%E0%A4%B5%E0%A4%B0%20%E0%A4%AE%E0%A4%BE%E0%A4%B2%E0%A5%80%20%E0%A4%AC%E0%A5%8D%E0%A4%B2%E0%A5%89%E0%A4%97%21%20%7C%20%E0%A4%AA%E0%A5%87%E0%A4%B6%E0%A5%87%E0%A4%B5%E0%A4%B0%20%E0%A4%AE%E0%A4%BE%E0%A4%B2%E0%A5%80%20%E0%A4%95%E0%A5%88%E0%A4%B8%E0%A5%87%20%E0%A4%AC%E0%A4%A8%E0%A5%87%E0%A4%82%E0%A5%A4%20%E0%A4%AA%E0%A5%8C%E0%A4%A7%E0%A5%8B%E0%A4%82%20%E0%A4%95%E0%A5%80%20%E0%A4%A6%E0%A5%87%E0%A4%96%E0%A4%AD%E0%A4%BE%E0%A4%B2%20%E0%A4%95%E0%A5%87%20%E0%A4%B2%E0%A4%BF%E0%A4%8F%20%E0%A4%89%E0%A4%AA%E0%A4%AF%E0%A5%8B%E0%A4%97%E0%A5%80%20%E0%A4%9C%E0%A4%BE%E0%A4%A8%E0%A4%95%E0%A4%BE%E0%A4%B0%E0%A5%80%20%E0%A4%94%E0%A4%B0%20%E0%A4%B8%E0%A5%81%E0%A4%9D%E0%A4%BE%E0%A4%B5%E0%A5%A4%20%E0%A4%AC%E0%A4%BE%E0%A4%97%E0%A4%B5%E0%A4%BE%E0%A4%A8%E0%A5%80%20%E0%A4%95%E0%A4%BE%20%E0%A4%B5%E0%A4%BF%E0%A4%B6%E0%A5%8D%E0%A4%B5%E0%A4%95%E0%A5%8B%E0%A4%B6%E0%A5%A4&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29

Requested by

Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

65e5f4e18b36299b3d75f4c68f57ffd60831dbbb0c03c40b3fca43cccb301b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 04:36:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 12-Aug-2024 04:36:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hi.haenselblatt.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 476
x-xss-protection: 1; mode=block
expires: Mon, 12-Aug-2024 04:36:33 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Aug 2024 04:36:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 12-Aug-2024 04:36:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/49787647/1?wmode=7&page-url=https%3A%2F%2Fhi.haenselblatt.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Acstsejpcztnbm4xas7mgj8ug9n%3Afu%3A0%3Aen%3Autf-8%3Ala%3Anl-NL%3Av%3A1410%3Acn%3A1%3Adp%3A0%3Als%3A114784994457%3Ahid%3A263956917%3Az%3A120%3Ai%3A20240812063632%3Aet%3A1723437393%3Ac%3A1%3Arn%3A390135098%3Arqn%3A1%3Au%3A1723437393394960944%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A887%3Awv%3A2%3Ads%3A36%2C253%2C85%2C30%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1723437391032%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1723437393%3At%3A%E0%A4%89%E0%A4%AA%E0%A4%AF%E0%A5%8B%E0%A4%97%E0%A5%80%20%E0%A4%9C%E0%A4%BE%E0%A4%A8%E0%A4%95%E0%A4%BE%E0%A4%B0%E0%A5%80%20%E0%A4%94%E0%A4%B0%20%E0%A4%AC%E0%A4%BE%E0%A4%97%E0%A4%B5%E0%A4%BE%E0%A4%A8%E0%A5%80%20%E0%A4%9F%E0%A4%BF%E0%A4%AA%E0%A5%8D%E0%A4%B8%E0%A5%A4%20%E0%A4%AA%E0%A5%87%E0%A4%B6%E0%A5%87%E0%A4%B5%E0%A4%B0%20%E0%A4%AE%E0%A4%BE%E0%A4%B2%E0%A5%80%20%E0%A4%AC%E0%A5%8D%E0%A4%B2%E0%A5%89%E0%A4%97%21%20%7C%20%E0%A4%AA%E0%A5%87%E0%A4%B6%E0%A5%87%E0%A4%B5%E0%A4%B0%20%E0%A4%AE%E0%A4%BE%E0%A4%B2%E0%A5%80%20%E0%A4%95%E0%A5%88%E0%A4%B8%E0%A5%87%20%E0%A4%AC%E0%A4%A8%E0%A5%87%E0%A4%82%E0%A5%A4%20%E0%A4%AA%E0%A5%8C%E0%A4%A7%E0%A5%8B%E0%A4%82%20%E0%A4%95%E0%A5%80%20%E0%A4%A6%E0%A5%87%E0%A4%96%E0%A4%AD%E0%A4%BE%E0%A4%B2%20%E0%A4%95%E0%A5%87%20%E0%A4%B2%E0%A4%BF%E0%A4%8F%20%E0%A4%89%E0%A4%AA%E0%A4%AF%E0%A5%8B%E0%A4%97%E0%A5%80%20%E0%A4%9C%E0%A4%BE%E0%A4%A8%E0%A4%95%E0%A4%BE%E0%A4%B0%E0%A5%80%20%E0%A4%94%E0%A4%B0%20%E0%A4%B8%E0%A5%81%E0%A4%9D%E0%A4%BE%E0%A4%B5%E0%A5%A4%20%E0%A4%AC%E0%A4%BE%E0%A4%97%E0%A4%B5%E0%A4%BE%E0%A4%A8%E0%A5%80%20%E0%A4%95%E0%A4%BE%20%E0%A4%B5%E0%A4%BF%E0%A4%B6%E0%A5%8D%E0%A4%B5%E0%A4%95%E0%A5%8B%E0%A4%B6%E0%A5%A4&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29
access-control-allow-origin: https://hi.haenselblatt.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 12-Aug-2024 04:36:33 GMT

POST
H3 200 event Show response
www.anltc.cc/api/ 3 B
514 B 293ms
268ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anltc.cc/api/event
Requested by: Host: www.anltc.cc
URL: https://www.anltc.cc/js/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 12 Aug 2024 04:36:33 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/8.0.30
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-ratelimit-remaining: 59
vary: Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hi.haenselblatt.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EzZ2AGn9kx4SMPvMP64tOvTE4DQYcDEe%2FML8zdRbEZStuvYkqDNSWnvSlT7rONi3h9BQ9iCBbCiNzOPgdF7mBwR%2FdgafU1AnpmdPPGyoKC8v5xckXv0MkGKlgLrJK%2BU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 60
cf-ray: 8b1dc3dc997406dc-AMS

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 585ms
36ms Fetch
application/json 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20240812

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

767ccd0092a094978e626bab55c210ff5b3db7c1e2c0a5ab0704ddb5e6ed13c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 12 Aug 2024 04:36:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2131
x-jsd-version: 1.0.2145
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 831
x-served-by: cache-fra-eddf8230103-FRA, cache-lga21939-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"642-9Q0r0z6nfupR3kmFRQHZr176IJE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tT%2Fdmt%2Bmv6yBspG13AK8%2BYwg8AmFaw4FXQ9UaR52wB1eGoL9WUQbYK2%2BFZm4uTdJKmz3tkFZq82XibB2yDB51F8Y0UXdL23HS%2Fw45KBuexhZ%2Bf98Rdaa8oL3Z%2Fkkjksvz2jFnISqq1QaBRTH0HQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8b1dc3dfab709f8e-AMS

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 1 KB
1 KB 528ms
36ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 12 Aug 2024 04:36:33 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 24 Jul 2024 09:04:09 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 346749
ETag: W/"00a8e13a83b2bbab51af8e55f52be363"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Klsq08ZtXnhuQFAK319Vwo50GPjcvv%2BfNbtV2peUiSEvqYz4DwIRFcecHMDucN0Lv4%2BvVsvQKh2cUTrn6xXXOyS9uYADDXrA3pmaIfp76jaVH1hh3fXnX6DM0%2Bj4D0RW6SmIH5jMTslErji9"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 8b1dc3dfae12b918-AMS

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
225 B 231ms
32ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.20.0&cb=60669712380&lsavail=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 12 Aug 2024 04:36:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://hi.haenselblatt.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

GET
H/1.1 204
No Content / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
369 B 439ms
136ms Fetch
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=35453&adtype=banner&auc=oa-360-1723437392823_rq2vbst3d&w=1140&h=250&pos=1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36&l=nl&dt=1&pid=62135&requestId=47784ca820645b&schain=1.0%2C1!optad360.com%2C9969112%2C1%2C%2C%2C&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%226b506354-ae64-4761-a276-d80068aeeb22%22%2C%22atype%22%3A1%7D%5D%7D%5D&bidfloor=0&d=haenselblatt.com&sp=https%253A%252F%252Fhi.haenselblatt.com%252F&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=&gdpr=false&gdprcs=undefined
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 12 Aug 2024 04:36:34 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://hi.haenselblatt.com
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H3 204 pbjs Show response
useast.quantumdex.io/auction/ 0
276 B 280ms
134ms Fetch
application/json 172.67.42.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 12 Aug 2024 04:36:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://hi.haenselblatt.com
access-control-allow-credentials: true
cf-ray: 8b1dc3e078630a4c-AMS
alt-svc: h3=":443"; ma=86400

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 2 KB
2 KB 177ms
40ms Fetch
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c510d9525c73059cccca0ec82ac41beb03bcc493449e05d9aeeeb2f74bb292b

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Aug 2024 04:36:34 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://hi.haenselblatt.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1961
Expires: 0

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
131 B 139ms
24ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: b4be3bd18734a6cab59e813aeccb84de31ea5e933494f2fe2f1c491c30c01dc4

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 12 Aug 2024 04:36:33 GMT
content-encoding: gzip
via: 1.1 google
observe-browsing-topics: ?1
vary: Origin
x-forwarded-for: 31.204.152.196
content-type: text/plain
access-control-allow-origin: https://hi.haenselblatt.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
415 B 173ms
32ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://hi.haenselblatt.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST v1
prg.smartadserver.com/prebid/ 0
0

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 167ms
21ms Fetch
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

453447adfd81041c3a29ec6dd7ec5cb663dae6ff0fdb70c3aafd00677b09da6a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 04:36:34 GMT
an-x-request-uuid: dde43e53-040a-4d52-bc63-37dbb1be9d3d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hi.haenselblatt.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.196; 31.204.152.196; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
533 B 189ms
31ms Fetch 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 04:36:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hi.haenselblatt.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
17 B 164ms
20ms Fetch 147.75.34.179
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.34.179 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: omni-am-rkmt9y
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://hi.haenselblatt.com
date: Mon, 12 Aug 2024 04:36:33 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, accept-encoding, Accept-Encoding

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
17 B 255ms
60ms Fetch 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.91&pbver=8.20.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://hi.haenselblatt.com
date: Mon, 12 Aug 2024 04:36:34 GMT
access-control-allow-credentials: true
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
accept-ch-lifetime: 604800

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
181 B 245ms
21ms Fetch 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://hi.haenselblatt.com
date: Mon, 12 Aug 2024 04:36:34 GMT
access-control-max-age: 3600
access-control-allow-credentials: true
vary: Origin
access-control-allow-methods: POST

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
37 B 226ms
82ms Fetch 2606:4700:10::6816:1fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 04:36:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://hi.haenselblatt.com
cache-control: private, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b1dc3e08b5e0a7b-AMS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
182 B 242ms
19ms Fetch 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, CY),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://hi.haenselblatt.com
date: Mon, 12 Aug 2024 04:36:34 GMT
access-control-max-age: 3600
access-control-allow-credentials: true
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 164ms
20ms Fetch
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

6699b45407e496ba7dd116dee16fc9329352e9c617a35c790203fdc00255b376

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 04:36:34 GMT
an-x-request-uuid: c78a1696-fc8a-4ab2-baf1-1d477a8750a6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hi.haenselblatt.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.152.196; 31.204.152.196; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
176 B 255ms
62ms Fetch 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?bdver=5.91&pbver=8.20.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://hi.haenselblatt.com
date: Mon, 12 Aug 2024 04:36:34 GMT
access-control-allow-credentials: true
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
server: nginx
vary: Origin
accept-ch-lifetime: 604800

GET
H/1.1 204
No Content / Show response
d.vidoomy.com/api/rtbserver/prebid/ 0
369 B 438ms
140ms Fetch
text/plain 212.36.83.245
AS_ADAM Adam Data...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.vidoomy.com/api/rtbserver/prebid/?id=35453&adtype=banner&auc=oa-360-1723437392817_vvdzb3z83&w=728&h=90&pos=1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F127.0.0.0%20Safari%2F537.36&l=nl&dt=1&pid=62135&requestId=344f99fcc8522df&schain=1.0%2C1!optad360.com%2C9969112%2C1%2C%2C%2C&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%226b506354-ae64-4761-a276-d80068aeeb22%22%2C%22atype%22%3A1%7D%5D%7D%5D&bidfloor=0&d=haenselblatt.com&sp=https%253A%252F%252Fhi.haenselblatt.com%252F&usp=&coppa=false&videoContext=&bcat=&badv=&bapp=&btype=&battr=&gdpr=false&gdprcs=undefined
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.36.83.245 Barcelona, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS: lb1.vdmy.dtic.es
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Mon, 12 Aug 2024 04:36:34 GMT
Server: nginx
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://hi.haenselblatt.com
Access-Control-Expose-Headers: X-VD-C
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
416 B 163ms
25ms Fetch
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://hi.haenselblatt.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
534 B 186ms
31ms Fetch 37.157.6.243
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.243 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 04:36:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://hi.haenselblatt.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 / Show response
prebid.smilewanted.com/ 0
334 B 224ms
83ms Fetch 2606:4700:10::6816:1fd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1fd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 04:36:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: https://hi.haenselblatt.com
cache-control: private, must-revalidate
access-control-allow-credentials: true
cf-ray: 8b1dc3e08b5d0a7b-AMS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires: -1

POST v1
prg.smartadserver.com/prebid/ 0
0

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
296 B 134ms
23ms Fetch
text/plain 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 846d1d9653385f6add19117ac6faa2196d68e85ee7f3a146a0f27f9ddc7dce61

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 12 Aug 2024 04:36:33 GMT
content-encoding: gzip
via: 1.1 google
observe-browsing-topics: ?1
vary: Origin
x-forwarded-for: 31.204.152.196
content-type: text/plain
access-control-allow-origin: https://hi.haenselblatt.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H/1.1 200
OK auction Show response
rtb.adxpremium.services/openrtb2/ 2 KB
2 KB 169ms
39ms Fetch
application/json 185.106.140.18
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adxpremium.services/openrtb2/auction
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 944622afb442ffb9d3ed0d62e9012285debb7f6f4805876b122c093e7d760880

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 12 Aug 2024 04:36:34 GMT
Server: nginx
X-Prebid: pbs-go/unknown
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://hi.haenselblatt.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1962
Expires: 0

POST
H3 204 pbjs Show response
useast.quantumdex.io/auction/ 0
240 B 313ms
174ms Fetch
application/json 172.67.42.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 12 Aug 2024 04:36:34 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: POST, GET
content-type: application/json
access-control-allow-origin: https://hi.haenselblatt.com
access-control-allow-credentials: true
cf-ray: 8b1dc3e078620a4c-AMS
alt-svc: h3=":443"; ma=86400

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
226 B 104ms
32ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.20.0&cb=76783724463&lsavail=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 12 Aug 2024 04:36:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
observe-browsing-topics: ?1
vary: Origin
access-control-allow-origin: https://hi.haenselblatt.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
176 B 161ms
21ms Fetch 147.75.34.179
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.34.179 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: omni-am-rkmt9y
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://hi.haenselblatt.com
date: Mon, 12 Aug 2024 04:36:33 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
server: envoy
vary: origin, accept-encoding, Accept-Encoding

OPTIONS
H3 204 event
www.anltc.cc/api/ Frame 0
0 221ms
185ms Preflight
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.anltc.cc/api/event
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://hi.haenselblatt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://hi.haenselblatt.com
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 8b1dc3db387d06dc-AMS
content-type: text/html; charset=UTF-8
date: Mon, 12 Aug 2024 04:36:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TGfFgU35%2BkQ6JR8G0RADb1GFBEyRboLP9ll7B7XYmNwiAzSNsAXi9KQqzdjriSM8Q7vVWUcX0VZdxw71dhDzuF4SDV4Cu0M%2BuSbuIX2LiIZFKNNtsmksxpJSlhKocxc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-powered-by: PHP/8.0.30

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/ 474 KB
148 KB 31ms
29ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202408080101/pubads_impl.js?cb=31086024

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 10:00:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66954
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151130
x-xss-protection: 0
server: cafe
etag: 11205447520193479331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 11 Aug 2025 10:00:39 GMT

GET
H2 200 AGSKWxXhIGn7T3BJzcuh4df5bZDmnNfEM2-9h7Rp3jCzRBNl35SF37F8MuKEBf_kmapnJWPpbPYtoAPoVK5A36QYUg9ZPoMUjOvJ3VF4vxv9gngOop_lWEF2yejr_dc7H2w8OH59pAt5Mw== Show response
fundingchoicesmessages.google.com/f/ 412 KB
62 KB 94ms
93ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXhIGn7T3BJzcuh4df5bZDmnNfEM2-9h7Rp3jCzRBNl35SF37F8MuKEBf_kmapnJWPpbPYtoAPoVK5A36QYUg9ZPoMUjOvJ3VF4vxv9gngOop_lWEF2yejr_dc7H2w8OH59pAt5Mw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzIzNDM3MzkzLDkyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9oaS5oYWVuc2VsYmxhdHQuY29tLyIsbnVsbCxbWzgsIlZvN3Nmc1pUSWpjIl0sWzksIm5sIl0sWzE4LCJbW1swXV1dIl0sWzIyLCJ0cnVlIl0sWzE5LCIxIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.Vo7sfsZTIjc.es5.O/am=XDA/d=1/rs=AJlcJMywN7jNW3aMMYug-A5HuzFIx887sw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0e9c7b42d02c594e399653ad4adc455a80de426510d4b2e6459002a07c8f79b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vXGuSE5qvDTluNhTAY5NPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-vXGuSE5qvDTluNhTAY5NPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw15BiOHnrNtNFID7vdIfpOhBLfH3JpAXETukzWEOA2Kd-BmscELfePMc6HYiT_p1nLQFid62LrP5AvCTiIuuRxIushgqXWJ2BeHr9Jdb5QLz34yXWo0DsyHGZ1ROIhXg4Li56tpVNYMWknlvMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiYGFgYWegYm8QUGANDmRQE"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 3 B
239 B 145ms
28ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:34 GMT
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
server: cloudflare
age: 0
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray: 8b1dc3e0db04665c-AMS
content-length: 3

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/a/latest/ 71 KB
23 KB 150ms
101ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/a/latest/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4021ac3b8dc8bfabb47c753df4e2d8850b084512a751375711da648e65ee2a5c

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Mon, 12 Aug 2024 04:36:34 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 24 Jul 2024 09:04:04 GMT
Server: cloudflare
ETag: W/"5d2d2036b561962f40bb380b9e37a03c"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dfC6Zm5YVPf%2BNrkuLCDkg0f5AW2rzl94POZGP%2Fp3vWb8xIF2cqBvmokMOxirL6ITh51XT5r%2B9YtG0N0YuvQAE%2BU3zm%2FHEdof0UeaMM2VIdiD6UD1Q%2FSl40abMSgj0CGGMpPlmTgnk%2FR1oj58"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 8b1dc3e078229fd2-AMS

GET
H2 200 css
fonts.googleapis.com/ 109 KB
6 KB 54ms
53ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.nl.Vo7sfsZTIjc.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzGlc558Y3X639YfLwycwMuDEevLA/m=web_iab_tcf_v2_wall_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d6a9bc5bc1017fafc51b6075986533e3bef09aa213bd67f3cff5b26209bfdf0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Aug 2024 04:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Aug 2024 04:36:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Aug 2024 04:36:34 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 177ms
158ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.haenselblatt.com/
Origin: https://hi.haenselblatt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 12:26:16 GMT
x-content-type-options: nosniff
age: 490218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 12:26:16 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v142/ 125 KB
126 KB 180ms
161ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v142/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: hi.haenselblatt.com
URL: https://hi.haenselblatt.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hi.haenselblatt.com/
Origin: https://hi.haenselblatt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 08:46:55 GMT
x-content-type-options: nosniff
age: 416979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 19:04:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Aug 2025 08:46:55 GMT

POST
H3 204 AGSKWxVErQefkaWCJlL9X7tuYx-kdaNb1N8wnJloYaWlRFkUP64Q1RyRDBMR7VtHSAWD20K2an9_9Zjdi8FM2jCmjeyOLe1xCsUflxnrUC-ULol7b5J3APHBF4g9bNT2gSajO72yoqx-6A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 179ms
119ms XHR
text/html 172.217.18.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVErQefkaWCJlL9X7tuYx-kdaNb1N8wnJloYaWlRFkUP64Q1RyRDBMR7VtHSAWD20K2an9_9Zjdi8FM2jCmjeyOLe1xCsUflxnrUC-ULol7b5J3APHBF4g9bNT2gSajO72yoqx-6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4ZJxMMqIPQQkP76fCnLNfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Aug 2024 04:36:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4ZJxMMqIPQQkP76fCnLNfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmLw0ZBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIib49KiZ1vZBFa0PglVcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiYGFgYWegZm8QUGAGpuNDI"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hi.haenselblatt.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVErQefkaWCJlL9X7tuYx-kdaNb1N8wnJloYaWlRFkUP64Q1RyRDBMR7VtHSAWD20K2an9_9Zjdi8FM2jCmjeyOLe1xCsUflxnrUC-ULol7b5J3APHBF4g9bNT2gSajO72yoqx-6A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8jEMJf6Ov1TGpco8tRuWwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 12 Aug 2024 04:36:34 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8jEMJf6Ov1TGpco8tRuWwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjstDikmII1pBicEqfwRoCxO5aF1n9gXhJxEXWI4kXWafXX2KdD8R7P15iPQrEjhyXWT2BWIib49KiZ1vZBFZM6wtRcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiYGFgYWegZm8QUGAFqBM_M"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hi.haenselblatt.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 224ms
61ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx
etag: W/"653a6f57-17cae"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 13 Aug 2024 04:36:34 GMT

GET
H3 200 favicon.ico
ar.haenselblatt.com/img/ 6 KB
6 KB 41ms
40ms Other
image/x-icon 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ar.haenselblatt.com/img/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa4fcd05fafe89b012f96c6367b211ced5faff960b82a48419f98c46db51e82c

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 Mar 2020 20:22:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1185859
etag: W/"5e600de9-167c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rQlv15M%2FYTjGKThrLAQPrS59qTfF96e4Kw%2FkR60Hki5YaQVC%2FrzIQATjb%2Bc4E5gDtbnanFEYttUwYsAH2Xi591fOS%2FCEh0s9rL8r6aGWADo9Mo5FLqhmTCVFbgZeKRueb%2FUdZeCr"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=315360000
cf-ray: 8b1dc3e52d340b5a-AMS
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 114ms
62ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
378 B 53ms
17ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhi.haenselblatt.com%2F&domain=hi.haenselblatt.com&cw=1&pbt=1&lsw=1&gdpr=1

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: application/json

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 04:36:37 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hi.haenselblatt.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 220441
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
424 B 172ms
36ms Fetch
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: dbdc6139151089b5ab9d1fb03914e45423c080dfce3a94f1b6592289c48a3272

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 12 Aug 2024 04:36:37 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://hi.haenselblatt.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Wed, 11 Sep 2024 04:36:37 GMT

GET
H2 200 usersync
ssp.wp.pl/bidder/ Frame 05B0 0
0 147ms
50ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=36674736240783920000&sn=mc_adapter
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash

Request headers

Referer: https://hi.haenselblatt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Mon, 12 Aug 2024 04:36:37 GMT
last-modified: Sat, 06 Jul 2024 10:13:42 GMT
server: nginx
vary: Origin,Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/dmp/ Frame E7A5 0
0 117ms
25ms Document
text/html 184.28.88.227
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.28.88.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-28-88-227.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://hi.haenselblatt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 12 Aug 2024 04:36:37 GMT
ETag: "623de86a-cf34"
Expires: Tue, 13 Aug 2024 04:36:39 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 204 isyn
prebid.a-mo.net/ Frame 1B3F 0
0 65ms
18ms Document
text/plain 147.75.34.177
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.34.177 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: omni-am-hl3dur
Software: envoy /
Resource Hash

Request headers

Referer: https://hi.haenselblatt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
date: Mon, 12 Aug 2024 04:36:37 GMT
server: envoy
vary: accept-encoding, Accept-Encoding
x-envoy-upstream-service-time: 0

GET pd
optad360-d.openx.net/w/1.0/ Frame AB4F 0
0

GET
H3 200 pbjs
sync.quantumdex.io/usersync/ Frame E0D3 0
0 230ms
183ms Document
text/html 172.67.42.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.42.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://hi.haenselblatt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b1dc3f6c8400ae0-AMS
content-encoding: br
content-type: text/html
date: Mon, 12 Aug 2024 04:36:37 GMT
server: cloudflare

GET
H2 200 /
csync.smilewanted.com/ Frame 838D 0
0 119ms
53ms Document
text/html 2606:4700:10::6816:1ed1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://csync.smilewanted.com/
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1ed1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://hi.haenselblatt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8b1dc3f6faeb5c4c-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Aug 2024 04:36:37 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 5024 0
0 71ms
22ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1723437394084&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://hi.haenselblatt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync-all.html
adxbid.info/ Frame 0E62 0
0 100ms
40ms Document
text/html 2606:4700:3030::ac43:8a0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/assets/js/prebid8.20.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8a0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://hi.haenselblatt.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8b1dc3f6fa0aa007-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Aug 2024 04:36:37 GMT
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2EFrzH8QcgF1VSklitPJyZhsvmJi%2Fn59PgsEsTHjKBnhRj4qvyFi76hX1GY1%2F9hd5d%2BuL1gwJFzkG%2FnLpFyoOOp5ZUaoHWYZd3EX5CvHzxbit0mBammW0WL3TplW9cPoeGqC5TQCqp%2FcA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 cookie
cm.adform.net/ 35 B
475 B 162ms
32ms Image
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3Dundefined%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 12 Aug 2024 04:36:37 GMT
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET

sync
pool.admedo.com/ul_cb/
Redirect Chain

https://x.bidswitch.net/sync?ssp=vidoomy&gdpr=0&gdpr_consent=undefined&us_privacy=
https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&gdpr=0&gdpr_consent=undefined&us_privacy=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=3a6f46af-c09a-424f-93f3-76cfdd845510
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=3a6f46af-c09a-424f-93f3-76cfdd845510

0
0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 185ms
30ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=undefined&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: b71bced807741b20dd93dce6c2d26405
Expires: 0

GET
H2 200 prebid
rtb.openx.net/sync/ 43 B
184 B 22ms
21ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=undefined&r=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D$%7BUID%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://hi.haenselblatt.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Aug 2024 04:36:37 GMT
via: 1.1 google
vary: Origin
x-forwarded-for: 31.204.152.196
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET

cookie
a.vidoomy.com/api/rtbserver/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=undefined&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=2815fbe5-3a85-44a5-976a-639fdf3e9837-66b99155-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=2815fbe5-3a85-44a5-976a-639fdf3e9837-66b99155-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3D...
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=2815fbe5-3a85-44a5-976a-639fdf3e9837-66b99155-5553&partner_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%...
https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=2815fbe5-3a85-44a5-976a-639fdf3e9837-66b99155-5553

0
0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 147ms
16ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fhi.haenselblatt.com%2F&domain=hi.haenselblatt.com&cw=1&pbt=1&lsw=1&gdpr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://hi.haenselblatt.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://hi.haenselblatt.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 12 Aug 2024 04:36:37 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 238657
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: optad360-d.openx.net
URL: https://optad360-d.openx.net/w/1.0/pd?gdpr=0&gdpr_consent=

Domain: pool.admedo.com
URL: https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=vidoomy&bsw_custom_parameter=3a6f46af-c09a-424f-93f3-76cfdd845510

Domain: a.vidoomy.com
URL: https://a.vidoomy.com/api/rtbserver/cookie?i=CEN&uid=2815fbe5-3a85-44a5-976a-639fdf3e9837-66b99155-5553

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-21 00:53:33	Name: sync Value: CgoIoQEQzO7-ppQyCgoI4gEQzO7-ppQyCgoI5gEQzO7-ppQyCgoIhwIQzO7-ppQyCgkIOhDM7v6mlDIKCQgbEMzu_qaUMgoKCIwCEMzu_qaUMgoKCKwCEMzu_qaUMgoKCK0CEMzu_qaUMgoJCF8QzO7-ppQy
.yandex.ru/	1970-01-21 07:29:33	Name: yashr Value: 4150666901723437392
.haenselblatt.com/	1970-01-21 07:29:33	Name: _ym_uid Value: 1723437393394960944
.haenselblatt.com/	1970-01-21 07:29:33	Name: _ym_d Value: 1723437393
.mc.yandex.com/	1970-01-20 22:43:57	Name: sync_cookie_csrf Value: 640121609fake
.mc.yandex.ru/	1970-01-20 22:43:57	Name: sync_cookie_csrf Value: 4291688575fake
.yandex.com/	1970-01-21 08:19:57	Name: i Value: cH6wTTvRNff/IUzLR2lvLRO/zPFTGk0MpMjeA5ub4oanNhU0F4+iTLWoRPrO9br9l6+g/Zae/pvG+OZHh+fZLrbCVjE=
.yandex.com/	1970-01-21 07:29:33	Name: yandexuid Value: 4275217331723437392
.yandex.com/	1970-01-21 07:29:33	Name: yashr Value: 9106679651723437392
.haenselblatt.com/	1970-01-20 22:45:09	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 22:45:23	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 08:19:57	Name: yandexuid Value: 4275217331723437392
.yandex.ru/	1970-01-21 08:19:57	Name: yuidss Value: 4275217331723437392
.yandex.ru/	1970-01-21 08:19:57	Name: i Value: cH6wTTvRNff/IUzLR2lvLRO/zPFTGk0MpMjeA5ub4oanNhU0F4+iTLWoRPrO9br9l6+g/Zae/pvG+OZHh+fZLrbCVjE=
.yandex.ru/	1970-01-21 08:19:57	Name: yp Value: 1723523792.yu.6072520531723437392
.yandex.ru/	1970-01-21 07:29:33	Name: ymex Value: 1726029392.oyu.6072520531723437392
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 86298881723437393
.yandex.com/	1970-01-21 07:29:33	Name: yuidss Value: 4275217331723437392
.yandex.com/	1970-01-21 07:29:33	Name: ymex Value: 1754973393.yrts.1723437393
.yandex.com/	1970-01-21 07:29:33	Name: receive-cookie-deprecation Value: 1
.haenselblatt.com/	1970-01-21 07:29:33	Name: _sharedID Value: 6b506354-ae64-4761-a276-d80068aeeb22
.yandex.com/	1970-01-21 08:19:57	Name: bh Value: KgI/MGDRoua1Bg==
.adnxs.com/	1970-01-21 08:19:57	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 00:53:33	Name: XANDR_PANID Value: ANKfaDYWJwScMcGgeBk8iTCvBm1kp71ceZycOaJ_nxRBdIkhz2O7GF4U0HGHdShh8fSm59R1SM6z4q2RhOmxzmOUWvSDGONYFeAFCMDd7Qs.
.adnxs.com/	1970-01-21 00:53:33	Name: icu Value: ChgI5K9eEAoYASABKAEw0aLmtQY4AUABSAEQ0aLmtQYYAA..
.adnxs.com/	1970-01-21 00:53:33	Name: uuid2 Value: 4747777619250381816
.quantumdex.io/	1970-01-20 22:58:21	Name: uid Value: 176022c4-da63-44f3-9bfc-2420a47a903e
.smartadserver.com/	1970-01-21 07:29:33	Name: pbw Value: %24b%3d16999%3b%24o%3d99999
.smartadserver.com/	1970-01-21 07:29:33	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 22:45:23	Name: sasd Value: %24qc%3D1314914935%3B%24ql%3DUnknown%3B%24qt%3D212_0_0t%3B%24dma%3D0%3B%24qo%3D5
.smartadserver.com/	1970-01-21 07:29:33	Name: pid Value: 8810512095625294865
.smartadserver.com/	1970-01-20 22:45:23	Name: sasd2 Value: q=%24qc%3D1314914935%3B%24ql%3DUnknown%3B%24qt%3D212_0_0t%3B%24dma%3D0%3B%24qo%3D5&c=1&l&lo&lt=638590341944600113&o=1
.haenselblatt.com/	1970-01-21 07:29:33	Name: _sharedID_cst Value: 2SzgLJUseQ%3D%3D
.sitescout.com/	1970-01-21 07:29:33	Name: ssi Value: 2815fbe5-3a85-44a5-976a-639fdf3e9837#1723437397571
.adform.net/	1970-01-21 00:10:21	Name: uid Value: 7207137768504199427
hi.haenselblatt.com/	1970-01-21 07:29:33	Name: unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-08-12T04%3A36%3A37%22%7D
hi.haenselblatt.com/	1970-01-21 07:29:33	Name: unifiedid_cst Value: 2SzgLJUseQ%3D%3D
.sitescout.com/	1970-01-20 23:27:09	Name: _ssuma Value: eyIzOSI6MTcyMzQzNzM5NzU5OCwiNyI6MTcyMzQzNzM5NzU5OH0
.bidswitch.net/	1970-01-21 07:29:33	Name: tuuid Value: 3a6f46af-c09a-424f-93f3-76cfdd845510
.bidswitch.net/	1970-01-21 07:29:33	Name: c Value: 1723437397
.bidswitch.net/	1970-01-21 07:29:33	Name: tuuid_lu Value: 1723437397
.3lift.com/	1970-01-21 00:53:33	Name: tluidp Value: 1043777466815671242044
.3lift.com/	1970-01-21 00:53:33	Name: tluid Value: 1043777466815671242044
.smilewanted.com/	1970-01-21 07:29:54	Name: sw_user_params_infos Value: 8sdRREvsw7LjLys0YvGw8yXe8L5cwfxrSFtl23pVXWEdCC%2FlOzqqIr5m6VXmDMMvgiCp5r%2FfwAxvIJETmPqmfwETzxb2ORoHNPFOLNmDEN6Mia0dNse%2BBrdIA0FOk2u6ptLXNgwGUnMV7aq5P5bT7A%3D%3D
.tapad.com/	1970-01-21 00:10:21	Name: TapAd_TS Value: 1723437397866
.tapad.com/	1970-01-21 00:10:21	Name: TapAd_DID Value: d66d52c8-2880-4cc2-ae4f-001ecb5eb12b
.ads.pubmatic.com/	1970-01-20 22:45:23	Name: KCCH Value: YES
.casalemedia.com/	1970-01-21 07:29:33	Name: CMID Value: ZrmRVVVbLIEAADNZAdDy6AAA
.casalemedia.com/	1970-01-21 00:53:33	Name: CMPS Value: 3287
.casalemedia.com/	1970-01-21 00:53:33	Name: CMPRO Value: 3287
.tapad.com/	1970-01-21 00:10:21	Name: TapAd_3WAY_SYNCS Value:
.bing.com/	1970-01-21 08:05:33	Name: MUID Value: 021820DCB5DC6BB82BA23405B4766AFE
.c.bing.com/	1970-01-20 22:54:02	Name: MR Value: 0
.doubleclick.net/	1970-01-21 08:05:33	Name: IDE Value: AHWqTUkoDOctoZF3jc5HQflN4z_a3oktfwRajxSSu7hNvLjopxh3BBLRCRDVIepJpPc
.linkedin.com/	1970-01-21 07:29:33	Name: bcookie Value: "v=2&22cf3b8d-8d24-4e00-8cd2-a24afee66292"
.linkedin.com/	1970-01-21 03:03:09	Name: li_gc Value: MTswOzE3MjM0MzczOTc7MjswMjEXAba1A14vgsPtRGku544hiBBkVyAgWCtoykQ+5bQNPA==
.linkedin.com/	1970-01-20 22:45:23	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3420:u=1:x=1:i=1723437398:t=1723523798:v=2:sig=AQHhUZQXoenCZsd3IfarSUiPTRMGgqgU"
pool.admedo.com/	1970-01-21 07:29:33	Name: tuuid Value: 5c912d40-f89e-4496-93cf-68e199f327a0
pool.admedo.com/	1970-01-21 07:29:33	Name: c Value: 1723437398
pool.admedo.com/	1970-01-21 07:29:33	Name: tuuid_lu Value: 1723437398

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.vidoomy.com
acdn.adnxs.com
adx.adform.net
adxbid.info
ar.haenselblatt.com
bidder.criteo.com
cadmus.script.ac
cdn.jsdelivr.net
cdn.optad360.net
cdnjs.cloudflare.com
cm.adform.net
cmp.optad360.io
code.jquery.com
csync.smilewanted.com
d.vidoomy.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
get.optad360.io
gum.criteo.com
hi.haenselblatt.com
ib.adnxs.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
onetag-sys.com
optad360-d.openx.net
pagead2.googlesyndication.com
pixel.rubiconproject.com
pool.admedo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
prg.smartadserver.com
rtb.adxpremium.services
rtb.openx.net
script.4dex.io
securepubads.g.doubleclick.net
ssp.wp.pl
static.criteo.net
sync.quantumdex.io
unpkg.com
useast.quantumdex.io
www.anltc.cc
a.vidoomy.com
optad360-d.openx.net
pool.admedo.com
prg.smartadserver.com
104.17.25.14
142.250.186.162
147.75.34.177
147.75.34.179
15.197.193.217
172.217.18.110
172.67.42.201
178.250.1.8
184.28.88.227
185.106.140.18
185.184.8.90
185.89.210.141
188.114.96.3
188.114.97.3
212.36.83.245
212.77.99.29
216.58.212.162
2600:9000:211e:e800:f:a31d:75c0:93a1
2600:9000:2156:1600:6:b871:4f00:93a1
2600:9000:225e:c200:11:a4de:2580:93a1
2606:4700:10::6816:1ed1
2606:4700:10::6816:1fd1
2606:4700:20::ac43:4bf1
2606:4700:3030::ac43:8a0d
2606:4700::6811:f6cb
2606:4700::6812:1691
2606:4700::6812:ba1f
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a02:2638:3::3
2a02:2638:3::c
2a02:6b8::1:119
2a04:4e42:600::649
2a06:98c1:3121::3
35.186.253.211
37.157.6.233
37.157.6.243
51.89.9.251
51.89.9.254
69.173.144.139
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
17753933ab0b6867c788d7fff0c6b0df98221f20d6cf3b362b822437e5c96125
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
367191b7b8ee0aa9769e2a03371f6827f715c07b217ab202112e6ff59b852359
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c510d9525c73059cccca0ec82ac41beb03bcc493449e05d9aeeeb2f74bb292b
4021ac3b8dc8bfabb47c753df4e2d8850b084512a751375711da648e65ee2a5c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453447adfd81041c3a29ec6dd7ec5cb663dae6ff0fdb70c3aafd00677b09da6a
4914b807405c17918f0690e7ab75bfb6eba6053859cc7eb477f0482c255b8075
49e707ccb3b176db2d62295d74a56945538312bc7b3b4fe8c07ebe1763a2ea1a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
510178b6d31d46a54c7bdacc0456720c5bbb9be1c47f603ecffc61899018b768
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
65e5f4e18b36299b3d75f4c68f57ffd60831dbbb0c03c40b3fca43cccb301b50
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6699b45407e496ba7dd116dee16fc9329352e9c617a35c790203fdc00255b376
749d584d553121457f53926f2d79727f2b5877d012bdf2c72f2ec6b8d2d6fad6
767ccd0092a094978e626bab55c210ff5b3db7c1e2c0a5ab0704ddb5e6ed13c1
7869f68b2a0849ec5dfb4de763db33377bce2fe7a4c673880b479261271208e3
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7c6e9c08f3bf317085ed03287d8dd8c46059731d47ab7cba9e05134296fc5cfa
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846d1d9653385f6add19117ac6faa2196d68e85ee7f3a146a0f27f9ddc7dce61
897f832df132d124acdd2dfb2fbbcf71303dbd9b9a0ce5259bc097c09c8067e4
8c86b99ca8a69d370570544c357437d49d87cba057f791b88ded6978716344b2
944622afb442ffb9d3ed0d62e9012285debb7f6f4805876b122c093e7d760880
9a3e2256e233d90f0b569ce630a1168b58081b1228c529ce72d2bb65d2158e7c
9b4cab4069bc5e90dec3326760b22daff0c9c4ff0663bb6face371e19df600dd
a456127371dea04a90bb6527727a01ac5c66ee6c36a6ea62c876763a0a5886aa
b4be3bd18734a6cab59e813aeccb84de31ea5e933494f2fe2f1c491c30c01dc4
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c657f600ec9a19ba9d77dd63953305ee476031e318eef70256fc5bcc2076fb74
c71af4c8bd0f0ce02e8fd674b7145812efa411dd9f367b67d4378740f1226e7d
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
cbe873ab99c1f241015fb10782da87e1c26ff337721a3f796874168430ee8f18
d04a8585ca1c9cbff59e413fe76da6b8dcf3c567cbc68ec436b852d7f1694df1
d0e9c7b42d02c594e399653ad4adc455a80de426510d4b2e6459002a07c8f79b
d6a9bc5bc1017fafc51b6075986533e3bef09aa213bd67f3cff5b26209bfdf0d
dbdc6139151089b5ab9d1fb03914e45423c080dfce3a94f1b6592289c48a3272
dca271e5c10ab729dbf7e10ccb7c82ba4b87625a821dd4bd640279b6807f2033
e26af5f713f58232b4b3d3d0b14ca34a28582f6eb66bbba16c404c65de534c8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e499071f882b3f8874e2f17e1be83a52dbce2706c2576acbd751ed1b14b54416
e5aea814e599f370397efd9624b085cf8027153cbcabcfa7edea791550c116df
ea0958304bc117f2ab723ef287845c0b0ac69220030abd17c945427d200513cc
ec5c31174ce479e50cb8d2dd6ad045ea74a952935dd30a8021e5daf27c1b172f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09558ac9e3c60e1f166a9226e68804022e72b8683d50ce677c7046d7ddd2e74
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
fa4fcd05fafe89b012f96c6367b211ced5faff960b82a48419f98c46db51e82c
fb3ffd6060849d84ff7c9cad3c155f4772879f430faac5b08b756bc112c816fb

hi.haenselblatt.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

96 Requests

93 %HTTPS

44 %IPv6

35 Domains

44 Subdomains

42 IPs

12 Countries

2148 kBTransfer

7973 kBSize

60 Cookies

35 Outgoing links

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hi.haenselblatt.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

93 %
HTTPS

44 %
IPv6

35
Domains

44
Subdomains

42
IPs

12
Countries

2148 kB
Transfer

7973 kB
Size

60
Cookies

96 HTTP transactions
1 data transactions