2281geldebakim.buzz Open in urlscan Pro
2606:4700:3031::ac43:b0a6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://2281geldebakim.buzz/
Submission: On April 07 via automatic, source certstream-suspicious (April 7th 2023, 5:33:17 am UTC) — Scanned from DE

Summary HTTP 147 Redirects Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 28 domains to perform 147 HTTP transactions. The main IP is 2606:4700:3031::ac43:b0a6, located in United States and belongs to CLOUDFLARENET, US. The main domain is 2281geldebakim.buzz.
TLS certificate: Issued by GTS CA 1P5 on April 7th 2023. Valid for: 3 months.

This is the only time 2281geldebakim.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3031::ac43:b0a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:211... 2600:9000:211e:b000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
3	18.66.147.43 18.66.147.43	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.95 18.66.112.95	16509 (AMAZON-02) (AMAZON-02)
1	199.232.194.217 199.232.194.217	54113 (FASTLY) (FASTLY)
1 5	104.18.33.52 104.18.33.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
49	151.101.194.114 151.101.194.114	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	13.32.99.21 13.32.99.21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
1	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.19.150.54 104.19.150.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.2.114 151.101.2.114	54113 (FASTLY) (FASTLY)
2	75.2.40.13 75.2.40.13	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
5	34.224.142.209 34.224.142.209	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:2000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
5	2600:1f18:2fa... 2600:1f18:2faa:8200:f444:aefa:4863:83ec	14618 (AMAZON-AES) (AMAZON-AES)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
147	34

1 2606:4700:3031::ac43:b0a6 (United States)

ASN13335 (CLOUDFLARENET, US)

2281geldebakim.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:b000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:af (United States)

ASN13335 (CLOUDFLARENET, US)

a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nr-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-43.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-95.fra56.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.194.217 (United States)

ASN54113 (FASTLY, US)

static.scroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.33.52 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 151.101.194.114 (United States)

ASN54113 (FASTLY, US)

modulous.huffpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.huffingtonpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.huffpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

a2a5c7f9-3fa0-4182-889a-15aa61acf59b.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.122 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.114 (United States)

ASN54113 (FASTLY, US)

abeagle-public.buzzfeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.224.142.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-142-209.compute-1.amazonaws.com

pixiedust.buzzfeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:2000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:2faa:8200:f444:aefa:4863:83ec (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

fbcapiv2.buzzfeed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	huffingtonpost.com img.huffingtonpost.com — Cisco Umbrella Rank: 29909	288 KB
16	huffpost.com modulous.huffpost.com — Cisco Umbrella Rank: 53516 www.huffpost.com — Cisco Umbrella Rank: 23778	356 KB
11	buzzfeed.com abeagle-public.buzzfeed.com — Cisco Umbrella Rank: 20506 pixiedust.buzzfeed.com — Cisco Umbrella Rank: 16880 fbcapiv2.buzzfeed.com	1 KB
7	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 2705 api.permutive.com — Cisco Umbrella Rank: 2000	35 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	327 B
6	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 958 c2.taboola.com — Cisco Umbrella Rank: 9288 nr-events.taboola.com — Cisco Umbrella Rank: 11357	217 KB
5	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 2798 cds.connatix.com — Cisco Umbrella Rank: 2895 capi.connatix.com — Cisco Umbrella Rank: 2446 ins.connatix.com Failed lit.connatix.com Failed vid.connatix.com Failed pl.connatix.com Failed	283 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 100 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 201	31 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1960	77 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	177 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 3013	473 B
2	gstatic.com fonts.gstatic.com	48 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 imasdk.googleapis.com Failed	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5216	408 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	408 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1047	2 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1131	9 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 230	825 B
1	prmutv.co a2a5c7f9-3fa0-4182-889a-15aa61acf59b.prmutv.co — Cisco Umbrella Rank: 34299	229 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111	47 KB
1	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 162	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	44 KB
1	scroll.com static.scroll.com — Cisco Umbrella Rank: 17565	7 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 3027	33 KB
1	permutive.app a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app — Cisco Umbrella Rank: 41437	358 KB
1	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 2919	326 B
1	2281geldebakim.buzz 2281geldebakim.buzz	78 KB
147	28

	Domain	Requested by
33	img.huffingtonpost.com	2281geldebakim.buzz
15	www.huffpost.com	2281geldebakim.buzz tagan.adlightning.com
6	www.facebook.com	2281geldebakim.buzz blank
6	api.permutive.com	a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app
5	fbcapiv2.buzzfeed.com	connect.facebook.net
5	pixiedust.buzzfeed.com	www.huffpost.com
3	tagan.adlightning.com	2281geldebakim.buzz tagan.adlightning.com
3	cdn.taboola.com	2281geldebakim.buzz cdn.taboola.com
2	connect.facebook.net	2281geldebakim.buzz connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	api.sail-personalize.com	ak.sail-horizon.com
2	capi.connatix.com	2281geldebakim.buzz cd.connatix.com
2	nr-events.taboola.com	c2.taboola.com 2281geldebakim.buzz
2	fonts.gstatic.com	fonts.googleapis.com
2	cds.connatix.com	2281geldebakim.buzz tagan.adlightning.com cd.connatix.com
2	fonts.googleapis.com	2281geldebakim.buzz
1	www.google.de	blank
1	www.google.com	blank
1	securepubads.g.doubleclick.net	tagan.adlightning.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	rules.quantcount.com	secure.quantserve.com
1	googleads.g.doubleclick.net	tagan.adlightning.com
1	secure.quantserve.com	2281geldebakim.buzz
1	abeagle-public.buzzfeed.com	www.huffpost.com
1	cdn.permutive.com	a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app
1	ib.adnxs.com	a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app
1	a2a5c7f9-3fa0-4182-889a-15aa61acf59b.prmutv.co	a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app
1	pagead2.googlesyndication.com	modulous.huffpost.com
1	sb.scorecardresearch.com	cdn.taboola.com
1	www.googletagmanager.com	2281geldebakim.buzz
1	modulous.huffpost.com	2281geldebakim.buzz
1	cd.connatix.com	1 redirects
1	static.scroll.com	2281geldebakim.buzz
1	ak.sail-horizon.com	2281geldebakim.buzz
1	c2.taboola.com	2281geldebakim.buzz
1	a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app	2281geldebakim.buzz
1	cmp.quantcast.com	2281geldebakim.buzz
1	2281geldebakim.buzz
0	pl.connatix.com Failed	cd.connatix.com
0	imasdk.googleapis.com Failed	cd.connatix.com
0	vid.connatix.com Failed	cd.connatix.com
0	lit.connatix.com Failed	cd.connatix.com
0	ins.connatix.com Failed	cd.connatix.com
147	43

This site contains no links.

Subject Issuer	Validity	Valid
*.2281geldebakim.buzz GTS CA 1P5	`2023-04-07` - `2023-07-06`	3 months	crt.sh
cmp.quantcast.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2023-03-11` - `2023-06-09`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-07`	4 months	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-16`	a year	crt.sh
*.scroll.com R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
www.huffpost.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-19` - `2024-01-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.prmutv.co R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
api.permutive.com R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
*.buzzfeed.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-30` - `2024-01-31`	a year	crt.sh
api.sail-personalize.com Amazon RSA 2048 M01	`2023-02-28` - `2023-06-23`	4 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-14` - `2023-04-14`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
buzzfeed.com Amazon RSA 2048 M02	`2023-02-27` - `2024-02-03`	a year	crt.sh
quantserve.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
fbcapiv2.buzzfeed.com R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://2281geldebakim.buzz/
Frame ID: DB27CBAA4B2E75D96AEC5D870E9F756B
Requests: 118 HTTP requests in this frame

Frame: https://cds.connatix.com/p/253991/connatix.player.dc.js?cid=1bf35e8b-3d55-48a6-aef8-0ebfdd277df7&tier=1
Frame ID: 7132C713C2354214D75B2D07B2DDD157
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html
Frame ID: 94FE968B82E14556F40E628AC1A047D3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

147
Requests

76 %
HTTPS

55 %
IPv6

28
Domains

43
Subdomains

34
IPs

4
Countries

2117 kB
Transfer

8592 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://cd.connatix.com/connatix.player.js?cid=1bf35e8b-3d55-48a6-aef8-0ebfdd277df7 HTTP 302
https://cds.connatix.com/p/253991/connatix.player.dc.js?cid=1bf35e8b-3d55-48a6-aef8-0ebfdd277df7&tier=1

147 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
2281geldebakim.buzz/ 657 KB
78 KB 118ms
73ms Document
text/html 2606:4700:3031::ac43:b0a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2281geldebakim.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:b0a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9c1aa6d17305ec202a78ca22134ccca41cc5061a71ff6f7e0565ce0716eb20a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b3fe4574bd63764-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 07 Apr 2023 05:32:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2B1wfxV%2FeJCuVU7%2FPGdcjN2xsvvg3bCtF1gHyv7mzUypmfGHhSeosQv5e0CxvYF3JD9mIU%2Bs83ANM7Ddu5mKgA7xG0Reh2jxeAm%2BMl1NrFGY%2Fc3r49FXfiUB09V%2Bn0oQRFXTri1h1pi4lMavWqLIwsSU"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 204 choice.js Show response
cmp.quantcast.com/choice/3aud4J6uA4Z6Y/2281geldebakim.buzz/ 0
326 B 434ms
403ms Script
text/plain 2600:9000:211e:b000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/3aud4J6uA4Z6Y/2281geldebakim.buzz/choice.js
Requested by: Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:b000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: FRA56-C2
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Error from cloudfront
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: AUMr6eYmfCWYuOQGnNSaqlsVGN-zwcxHdOf939_1syNH7cpDc1rKDg==

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 132ms
46ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800,900&display=fallback

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fccd2ac71f20b43dec9aabd928f67828e5f4148246a960ce4f09df788e6b0027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 05:22:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Apr 2023 05:32:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
519 B 96ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Alfa+Slab+One&display=fallback

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d274799a330049ab53b8224eb50efc51e2581a3d2f40808805797944c6f8e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 03:43:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Apr 2023 05:32:47 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/buzzfeedinc-network/ 209 KB
41 KB 31ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/buzzfeedinc-network/loader.js
Requested by: Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44fecf519043b6f97ad57fa9a4bcf7b6de82df8501a97d4fefb562f59bf6b526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: r6qKxHapU5rUYzfOEc4B6JgOqLYr6IKD
content-encoding: gzip
via: 1.1 varnish
date: Fri, 07 Apr 2023 05:32:47 GMT
x-amz-request-id: 8W5VJQ2WG69JBG18
age: 72
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 41823
x-amz-id-2: +eUyZBCUJYbaJuOjH41gYnup+87W3t5OXKqsPd60Tigzn7GduzLnWhnBavmnS4ilyBFZlirzv/s=
x-served-by: cache-fra-eddf8230131-FRA
last-modified: Tue, 04 Apr 2023 14:24:43 GMT
server: AmazonS3
x-timer: S1680845567.166812,VS0,VE1
etag: "16bffeedce44af4bb6f6a153b8d721bc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 35
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 d0aea23f-b86d-47b4-9d71-210104685824-web.js Show response
a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app/ 1 MB
358 KB 82ms
40ms Script
application/javascript 2606:4700::6812:af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app/d0aea23f-b86d-47b4-9d71-210104685824-web.js
Requested by: Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39f5970cfa544293ac039746d270477c553b6c394a8ea2b1e7f18d7b5ad30e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: a2a5c7f9-3fa0-4182-889a-15aa61acf59b
age: 0
x-guploader-uploadid: ADPycdvRD9-KOpGdV2lQaiInVpImfyU1uSm7I162HZf1YCIgPMFWnmwfqTWcPIl2fTx3CwotfHkgcXXHa10spJxsUbBikg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Wed, 05 Apr 2023 20:39:18 GMT
server: cloudflare
etag: W/"d8f5bec7316b53e84c31bab66021c7e7"
vary: Accept-Encoding
x-goog-generation: 1680727158848457
content-type: application/javascript
x-goog-hash: crc32c=OqbeCg==, md5=2PW+xzFrU+hMMbq2YCHH5w==
cache-control: public, max-age=900
x-goog-stored-content-length: 399302
timing-allow-origin: *
cf-ray: 7b3fe45aef372ba2-FRA
expires: Fri, 07 Apr 2023 05:47:47 GMT

GET
H2 200 newsroom.js Show response
c2.taboola.com/nr/buzzfeedinc-huffpostus/ 63 KB
18 KB 35ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/buzzfeedinc-huffpostus/newsroom.js
Requested by: Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f9b8d245fba3e03e30b3f64eddf44ca62f251b9876da82ea4c81107781a0ff6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 varnish
date: Fri, 07 Apr 2023 05:32:47 GMT
x-amz-request-id: QDY5JW2H0Y079SM9
age: 17
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 17700
x-amz-id-2: 5l3ni+7TEwto+lPSVBN0Y4+yfQuRPhwC9S9CMRiUdy0g4AeUbNydehkqZQIoR+KjQLzStyJVzG0=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Thu, 16 Mar 2023 10:47:19 GMT
server: AmazonS3
x-timer: S1680845567.171815,VS0,VE1
etag: "dfb92db1e0ad3208241b9826e2653a08"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 op.js Show response
tagan.adlightning.com/buzzfeed/ 46 KB
18 KB 35ms
8ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/buzzfeed/op.js
Requested by: Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5860d02b2fc20353d304498ece030b5335734fb0f758bcece86c10648dc40499

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 64a83fqTy3kJ0yQ7Xb0TzcnVBslVJEZj
content-encoding: gzip
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
date: Fri, 07 Apr 2023 05:29:32 GMT
x-amz-cf-pop: FRA60-P4
age: 196
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18238
x-amz-meta-git_commit: f140f48
last-modified: Tue, 04 Apr 2023 12:27:38 GMT
server: AmazonS3
etag: "5f63cad68bc37aa7545ae5e283904014"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: CzyIAw-tqjQRFqhiqiVLXb5JM9RkQ3RYt2JaEkICTjxZU2H7VkPsfg==

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 98 KB
33 KB 64ms
8ms Script
application/javascript 18.66.112.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-95.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:30:26 GMT
content-encoding: gzip
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jan 2023 16:08:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 142
x-amz-server-side-encryption: AES256
etag: W/"be0aea74754407f0a826a84e140dd5ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: ClNifPJ3uITDLRGBZO-kMy9LBjtjKSwoRoegytNEA7gwPp9jStGw4A==

GET
H2 200 scroll.js Show response
static.scroll.com/js/ 17 KB
7 KB 39ms
7ms Script
application/javascript 199.232.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scroll.js
Requested by: Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Wed, 15 Mar 2023 02:27:16 GMT
date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 14980
x-guploader-uploadid: ADPycdtywzTxYfiVy4GABWBtHNkK5wUh4O8U9l7CFSWH0zO4YIppBMUyOIPBDv7kZdBVrdJBhgsrMtIh7eUGMRmJJdeN8GVbquY-
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 6181
x-served-by: cache-fra-eddf8230053-FRA
last-modified: Thu, 17 Mar 2022 19:00:06 GMT
server: UploadServer
x-timer: S1680845567.176478,VS0,VE0
etag: "1e95949e7c12b7ee6c5f4dd56d15b476"
vary: Origin
x-goog-generation: 1647543606481892
content-type: application/javascript
x-goog-hash: crc32c=S/xPEw==, md5=HpWUnnwSt+5sX03VbRW0dg==
cache-control: public, max-age=0, s-maxage=86400
access-control-allow-credentials: true
x-goog-stored-content-length: 6181
accept-ranges: bytes
x-scrolljs: 2
x-cache-hits: 26

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/253991/ Frame 7132
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=1bf35e8b-3d55-48a6-aef8-0ebfdd277df7
https://cds.connatix.com/p/253991/connatix.player.dc.js?cid=1bf35e8b-3d55-48a6-aef8-0ebfdd277df7&tier=1

1021 KB
262 KB

42ms
25ms

Script
application/javascript

104.18.33.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/253991/connatix.player.dc.js?cid=1bf35e8b-3d55-48a6-aef8-0ebfdd277df7&tier=1
Requested by: Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/
Protocol: H2
Server: 104.18.33.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495114c9b9813606a32181b6a65e1cf8e49976eb6351af4f9cd6bc8efd8deb61

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
x-amz-version-id: 8w2CCP1gDNFHyOM_aU8feLFXRT758MPx
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Apr 2023 15:55:07 GMT
server: cloudflare
etag: W/"f7cbe55b3dea63707e33cc5e0b4d33d0"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7b3fe45c7fa5bbbb-FRA
access-control-allow-headers: range
expires: Sat, 06 Apr 2024 05:32:47 GMT

Redirect headers

date: Fri, 07 Apr 2023 05:32:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
location: https://cds.connatix.com/p/253991/connatix.player.dc.js?cid=1bf35e8b-3d55-48a6-aef8-0ebfdd277df7&tier=1
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7b3fe45acdfbbbbb-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1680117875-bundle-hp-gam-b83750b.min.js Show response
modulous.huffpost.com/2023/03/29/ 200 KB
55 KB 45ms
7ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://modulous.huffpost.com/2023/03/29/1680117875-bundle-hp-gam-b83750b.min.js

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7974d187b5f44aace3ac545180c005da28b04a61669c4469789c47f5273cd84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31536000
age: 36353
x-cache: HIT
content-length: 55939
x-served-by: cache-fra-eddf8230036-FRA
last-modified: Wed, 29 Mar 2023 19:24:36 GMT
server: AmazonS3
x-timer: S1680845567.182594,VS0,VE0
etag: "13190c29594c3046bdbb61be0f2349bc"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 22

GET
H2 200 642f6ca923000033006d6f0e.jpg
img.huffingtonpost.com/asset/ 16 KB
17 KB 22ms
14ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f6ca923000033006d6f0e.jpg?ops=800_450&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6e0e1b4750d89db853ad49ee2963f8065b5daa2523a5d219a96509de76af113f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 15956
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 16754
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000160-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.189119,VS0,VE0
etag: W/"4172-5Vf+S53uIfjie4eqyonZBKE3EXU"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 15, 4

GET
H2 200 642f6ca923000033006d6f0e.jpg
img.huffingtonpost.com/asset/ 25 KB
26 KB 22ms
14ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f6ca923000033006d6f0e.jpg?ops=1280_480&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2b17e1cfc14685f164b2ea731839c9efbd62fe237285dec79cb804840767364a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 15956
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 26080
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100030-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.188979,VS0,VE0
etag: W/"65e0-Yzm4OITj/TyfImbeZCCU8XYW/7o"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 15, 4

GET
H2 200 vendors~SubNav~critical-static-leftnav~embed~featured~highline~life~news~opinion~react-intl~spoils~v~9d9da2a4.b71e82be11c97852dd52.js Show response
www.huffpost.com/static-assets/cambria/app/ 61 KB
18 KB 21ms
12ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/vendors~SubNav~critical-static-leftnav~embed~featured~highline~life~news~opinion~react-intl~spoils~v~9d9da2a4.b71e82be11c97852dd52.js

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

23599bf00f00a24951b5bfe0becfc5ef6e05640a14d663785e615cad9e1ddf8d

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: QpngnVn.IWNwV3H4f5_rm79of71DzXyF
content-encoding: gzip
via: 1.1 varnish
date: Fri, 07 Apr 2023 05:32:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: TVTMJ0XJGHT337WQ
age: 651906
x-amz-server-side-encryption: AES256
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-cache: HIT
content-length: 17737
x-amz-id-2: SOA6BjEo6ndgWLs9ustpCfVFW6rVbIuI3/QQl3s9np83JDaCP2EnuX5+v8R5jr3u7tryxHDzv9A=
x-request-id: 5a66e1a2ca531d8e970de0e659735407
x-served-by: cache-fra-eddf8230036-FRA
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Mar 2023 20:13:40 GMT
server: nginx
x-timer: S1680845567.184427,VS0,VE0
etag: "72abe4b9d30c02736e7cafea31f79047"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,immutable
accept-ranges: bytes
x-cache-hits: 33

GET
H2 200 vendors~embed~featured~highline~life~news~opinion~react-dom~spoils~video~voices.12a842b06edd4e77b90b.js Show response
www.huffpost.com/static-assets/cambria/app/ 109 KB
35 KB 16ms
13ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/vendors~embed~featured~highline~life~news~opinion~react-dom~spoils~video~voices.12a842b06edd4e77b90b.js

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

14fb0a31c6e37dd5af21cb826eb7497fabf5541320434bc0370d0781ccadebd9

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Wed, 13 Mar 2024 06:57:08 GMT
date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 2068539
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-guploader-uploadid: ADPycduSiIofTra_hGRtnGGZ0l4y8HSctpMOgLak1ztsNLmZKeiWn6NAU4OvNR-XYHD0gs7AfVGWqVJkuaYtjCCYsc95ww
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 35451
x-xss-protection: 1; mode=block
x-request-id: 7638983ee93018100feed66e2a81dba3
x-served-by: cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Mar 2023 05:37:11 GMT
server: nginx
x-timer: S1680845567.184623,VS0,VE0
etag: "e6e3b5c6ad13f7f5c8efa52ca9ac17c3"
vary: Accept-Encoding
x-goog-hash: crc32c=h04o8g==, md5=5uO1xq0T9/XI76UsqawXww==
content-type: application/javascript; charset=utf-8
x-goog-generation: 1678509286439262
cache-control: max-age=31536000,immutable
x-goog-stored-content-length: 111359
accept-ranges: bytes
x-cache-hits: 33

GET
H2 200 news.92c819ad0fd95cc03baf.js Show response
www.huffpost.com/static-assets/cambria/app/ 121 KB
34 KB 14ms
13ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/news.92c819ad0fd95cc03baf.js

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c4ed00a4c6212266b70c24db0267532045888bd70e66671455d66e77967fdb18

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: Kz3LJCluxo5mvQ0HaCIWAxDubqpU4k9b
content-encoding: gzip
via: 1.1 varnish
date: Fri, 07 Apr 2023 05:32:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: NA8Q9SVRV5NW801G
age: 38907
x-amz-server-side-encryption: AES256
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-cache: HIT
content-length: 34064
x-amz-id-2: Q9CMWwfmqZPi9rmpCwbBqIvE038Zd1n0JfVVzWpqQGCDE5rkflf1ioBxP6IEWNy/cXZekf5zwPot6mDqx9wY0A==
x-request-id: 8a51453fd86bbcb648d9db08d3f34c48
x-served-by: cache-fra-eddf8230036-FRA
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Apr 2023 06:00:39 GMT
server: nginx
x-timer: S1680845567.184614,VS0,VE0
etag: "8efa285fd4c6a82a33e6dfdfb35570d0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,immutable
accept-ranges: bytes
x-cache-hits: 27

GET
H2 200 news.b31465aeb744ccc8155c.css
www.huffpost.com/static-assets/cambria/app/ 62 KB
10 KB 8ms
8ms Stylesheet
text/css 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/news.b31465aeb744ccc8155c.css

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

df37ba053762268830d5b2360df6f3451cdf9764c7ac8ec5cfe9cb88afebd5f6

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: zsVAgYJs.1HtMhm_pB8F9Z5qf9plgmXs
content-encoding: gzip
via: 1.1 varnish
date: Fri, 07 Apr 2023 05:32:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 5Y90AZXB0FJM5REY
age: 1326676
x-amz-server-side-encryption: AES256
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-cache: HIT
content-length: 9529
x-amz-id-2: 07pF7X6KDdFFnUNooYanrEPxVBmUcXqUqDvvk38hJrkCTQ//BWk6ubmIjiZU8tRpZvPhBMDAzcI=
x-request-id: 815bdbfce8e6cd90afa7f352a6ef33f4
x-served-by: cache-fra-eddf8230036-FRA
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 22 Mar 2023 18:40:56 GMT
server: nginx
x-timer: S1680845567.195972,VS0,VE0
etag: "ba86507441e6389acc9694f2bde1d246"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000,immutable
accept-ranges: bytes
x-cache-hits: 28

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 132ms
46ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1740781-82

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

678e20186aa0f524b0c01604e77d38dbc3d52d8c05bf55ff58af317ce4eb4b95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44941
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Apr 2023 05:32:47 GMT

GET proxima-nova-regular.hash-79c14ea7490af62fc90c4c91a9ebdc4e.woff
www.huffpost.com/static-assets/cambria/app/fonts/ 0
0

GET proxima-nova-condensed-extrabld.hash-40acc89242624bef183ace6be58d6dfd.woff2
www.huffpost.com/static-assets/cambria/app/fonts/ 0
0

GET proxima-nova-condensed-bold.hash-cfe96e1adc5f15e8d1e1dbea32f45eaf.woff2
www.huffpost.com/static-assets/cambria/app/fonts/ 0
0

GET proxima-nova-condensed-extrabold-italic.hash-0ee0e93dd385edd2c35c066ec5916f29.woff2
www.huffpost.com/static-assets/cambria/app/fonts/ 0
0

GET proxima-nova-condensed-bold-italic.hash-22dfcf1417067b49e8c1e5304f3e60b5.woff2
www.huffpost.com/static-assets/cambria/app/fonts/ 0
0

GET proxima-nova-bold.hash-c5b5d29cb016c8df27f6fc56fb8d9a84.woff
www.huffpost.com/static-assets/cambria/app/fonts/ 0
0

GET
H2 200 642f5e2326000039009f76c6.jpg
img.huffingtonpost.com/asset/ 18 KB
18 KB 13ms
6ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f5e2326000039009f76c6.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f88502e7d2bb6dd74d747018ad9f073a31b9b2fa2011673966293c842a3513a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6243
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 18294
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200164-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.250571,VS0,VE0
etag: W/"4776-TZeL0vleCbx3LRGCA+bH9Ih+Ndw"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 11, 4

GET
H2 200 642ecd9623000033006d6e94.jpg
img.huffingtonpost.com/asset/ 5 KB
5 KB 14ms
7ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642ecd9623000033006d6e94.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2f0786c5252571299efb61540cf748b0c8220fe34c703d631de6d6a18b976097

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6242
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 5314
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100179-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.251357,VS0,VE0
etag: W/"14c2-sn/Pliw0h8Dc/dpow4PGw6Sqg0Y"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 11, 4

GET
H2 200 642f331d23000035009bf241.jpg
img.huffingtonpost.com/asset/ 18 KB
19 KB 16ms
9ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f331d23000035009bf241.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

684b4397186c1626ea93a2886af459cd4728fb864f19103ebd624339c50a3b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6243
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 18806
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100105-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.251758,VS0,VE0
etag: W/"4976-cOB0diTJfzKKVcm7xUxE4KLROHk"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 11, 4

GET
H2 200 642f290623000058006d6ef4.jpg
img.huffingtonpost.com/asset/ 6 KB
7 KB 14ms
8ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f290623000058006d6ef4.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b9735417b283bcb7c0b8b67f83de9a1fbd62156ae86ebec12f9c8c42802612ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6242
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 6588
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200065-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.251682,VS0,VE0
etag: W/"19bc-CUgMISDEltoot44QQb4Mv4FFSwI"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 9, 4

GET
H2 200 642f7d792600005a009f76d7.jpg
img.huffingtonpost.com/asset/ 7 KB
7 KB 13ms
7ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f7d792600005a009f76d7.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f84b559ad55e9433b9d1084668509b841769f7052bd8c22da12dffc46b4ae70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6243
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 6832
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200079-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.251675,VS0,VE0
etag: W/"1ab0-xmbXF+F7jAll4B4mxi074YNSqzE"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 3, 4

GET
H2 200 642f7fe62500003400c6b7bc.jpg
img.huffingtonpost.com/asset/ 5 KB
5 KB 13ms
8ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f7fe62500003400c6b7bc.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

305fe71cda673a5581e0e34f60339a09fd903d0ac38ed2b09bf0c3a71efeb4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6240
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 5286
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000055-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.251679,VS0,VE0
etag: W/"14a6-RsubbK++vJYlRJYJCOYa3fPpuo8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 11, 4

GET
H2 200 642f2b3f2300006f009bf236.jpg
img.huffingtonpost.com/asset/ 5 KB
5 KB 10ms
8ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f2b3f2300006f009bf236.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76a60fc40979b4063d480de67a287b683367d0baf7e1034b12d71268c6f23e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6242
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 5354
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100077-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.263334,VS0,VE0
etag: W/"14ea-0ibzGuAUuFohFBU9NBmO+pbUn0o"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 8, 4

GET
H2 200 642f2fda26000033009f76bb.jpg
img.huffingtonpost.com/asset/ 18 KB
18 KB 11ms
9ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f2fda26000033009f76bb.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

181e417c9b8e99a67f1d4910367e8c0fe56a30aaa3c3e4c7a1e48e0bb37b1f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6242
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 17982
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000109-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.263716,VS0,VE0
etag: W/"463e-hcy0PuKh1FP4aqs42I7p55GrlPM"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 2, 4

GET
H2 200 642eeb692500006100c6b766.jpg
img.huffingtonpost.com/asset/ 7 KB
7 KB 9ms
7ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642eeb692500006100c6b766.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9842685514895256ac3c32c32e878d1fcc1fe927cdaf29f6f1e35a108d82e1c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6242
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 6948
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000054-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.263256,VS0,VE0
etag: W/"1b24-H2DsQKmpTCtUqZaMGMjVLxV7HmI"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 4

GET
H2 200 642f4c7c2300006f009bf24a.jpg
img.huffingtonpost.com/asset/ 7 KB
7 KB 9ms
8ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f4c7c2300006f009bf24a.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

df186ee5e29b47173707c906c5e59c186cd351c7bdbe517a5c674a82e4d298d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6243
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 7228
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100030-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.263266,VS0,VE0
etag: W/"1c3c-OuL8U/esKvU+2iGBE5v7GqVQDwE"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 10, 4

GET
H2 200 642e077b2300005e0003bf18.jpg
img.huffingtonpost.com/asset/ 10 KB
10 KB 12ms
10ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642e077b2300005e0003bf18.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f95d1ce0af64eb024a1b1f6b6d18b8b2f3a198d4a2a0d02403b0a38260ff15f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6243
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 10430
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200074-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.263819,VS0,VE0
etag: W/"28be-wAYFlg40yfNZhDW5sFtXVlmQfxs"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 6, 4

GET
H2 200 642f322623000033006d6f00.jpg
img.huffingtonpost.com/asset/ 6 KB
6 KB 12ms
11ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f322623000033006d6f00.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ab53c645e80cd22eff68b35d52791a3bf92c2c2e675b6ffbb3378c8a18817a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6242
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 6162
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200029-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.264267,VS0,VE0
etag: W/"1812-kvAw6O07RlEDSc6igsRZy/rnNRE"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 11, 4

GET
H2 200 642f0b392600001b009f7699.jpg
img.huffingtonpost.com/asset/ 10 KB
10 KB 11ms
6ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f0b392600001b009f7699.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e6cc1e6880d913f633856ab40b8d950889959afb47a3a8901f40fcd21a045a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6239
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 10472
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100171-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.277936,VS0,VE0
etag: W/"28e8-KPUQ31TJrEPkfZJ/M609z5tTihc"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 9, 4

GET
H2 200 642f55102600001f009f76c0.jpg
img.huffingtonpost.com/asset/ 11 KB
11 KB 11ms
6ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f55102600001f009f76c0.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

765c48866dd89de23069c09af8955ccc1ecd767326f4c45510a35d45a2223a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6239
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 11146
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100179-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.277934,VS0,VE0
etag: W/"2b8a-h2YrhglssyJCYOd4c/ofBMSfkmA"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 9, 4

GET
H2 200 642ed2c92500006f00c6b74b.jpg
img.huffingtonpost.com/asset/ 6 KB
7 KB 13ms
8ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642ed2c92500006f00c6b74b.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

20b538a25e41b188ddaa618ce3f1b47837884bdf658d711184f548375ed1bdb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 45710
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 6602
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000153-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.278180,VS0,VE0
etag: W/"19ca-kAdxhjQFLzE4Pl/jxJ71S3JVSho"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 34, 4

GET
H2 200 642f3cb323000062009bf244.jpg
img.huffingtonpost.com/asset/ 10 KB
10 KB 12ms
7ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f3cb323000062009bf244.jpg?ops=352_198&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

294bb5998cd8169b05f68efebd2bdf08420c111837b1ab8ffe52872c0c42f79e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6239
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 10300
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000028-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.278125,VS0,VE0
etag: W/"283c-KUeF2VAjENcqdcUkMNDVLKGIbl0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 9, 4

GET
H2 200 642d90612300001a0003be99.jpg
img.huffingtonpost.com/asset/ 20 KB
21 KB 12ms
9ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642d90612300001a0003be99.jpg?ops=368_207&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ce756cc1c32b302c1d10d4d31e6cda1a82b66f5b2c62e66e6e6eecbbbab5bb16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6238
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 20922
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000109-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.278839,VS0,VE0
etag: W/"51ba-CD88MPGfFnuSGhKTDDKAaH/Q7p4"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 5, 4

GET
H2 200 642c53d72300001f00c0831f.jpg
img.huffingtonpost.com/asset/ 17 KB
17 KB 11ms
8ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642c53d72300001f00c0831f.jpg?ops=368_207&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5409df784011d69816ff3c94885d553d304d864e9ba0bf62521e421774ad4590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6238
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 17180
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100064-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.278829,VS0,VE0
etag: W/"431c-XRuH4Ln1uiTiMm0RKUkNGNWzjXE"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 7, 4

GET
H2 200 642ee31723000033006d6eb3.jpg
img.huffingtonpost.com/asset/ 7 KB
7 KB 8ms
7ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642ee31723000033006d6eb3.jpg?ops=368_207&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7d066b450783af4710895ad0fe96f76a9a0d8c42c8b41950c87adbeba6974bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6238
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 7142
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200032-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.288495,VS0,VE0
etag: W/"1be6-MVkw8NOo5OoCIIZU6FEZqCVzhAk"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 19, 4

GET
H2 200 642ef06a23000035009bf1fc.jpg
img.huffingtonpost.com/asset/ 8 KB
8 KB 10ms
9ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642ef06a23000035009bf1fc.jpg?ops=368_207&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5950f2b6dd24c5b82d3b7459e5e51ee1a027f52efd2b5fb570e60c898f6e84e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6236
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 8330
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100178-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.289309,VS0,VE0
etag: W/"208a-kQD+6vTLKlAbk02F05/Xxf+XpuY"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 14, 4

GET
H2 200 642c2c9d2400001a00f7ab8a.jpg
img.huffingtonpost.com/asset/ 2 KB
2 KB 9ms
8ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642c2c9d2400001a00f7ab8a.jpg?ops=92_92&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4e21c593d4be79790419dfe230a359c0315cbba2d2b5a18525db9bdd4da56fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6241
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 1786
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kcgs7200057-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.288866,VS0,VE0
etag: W/"6fa-gw48Dxzu16zyskir54UHMr9IFGs"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 3, 4

GET
H2 200 642b30732400003600c6c2bd.jpg
img.huffingtonpost.com/asset/ 2 KB
2 KB 9ms
8ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642b30732400003600c6c2bd.jpg?ops=92_92&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f7595d4988ed20897ca4558144596e07ebae703c647320b63e32ebf781538674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6241
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 1700
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100155-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.288846,VS0,VE0
etag: W/"6a4-NG2e3Nstp6gm5GGwROqgAZF6sFU"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 8, 4

GET
H2 200 642ddf9e230000610003beff.jpg
img.huffingtonpost.com/asset/ 2 KB
2 KB 8ms
8ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642ddf9e230000610003beff.jpg?ops=92_92&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a0fb95e2b70be2d5f4decee30553b991dfd18e3ddebd8925af7b8fb406368fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6237
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 1898
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.288835,VS0,VE0
etag: W/"76a-ge0OGm5QqhW6vLeChEoiSLugo9o"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 5, 4

GET
H2 200 642dda832300001c0003befd.jpg
img.huffingtonpost.com/asset/ 3 KB
3 KB 8ms
7ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642dda832300001c0003befd.jpg?ops=92_92&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5d0c497c3a6e20573f4b89f3078e34000feceffcd77813ea8fa5de41c6484e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6238
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 2630
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100052-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.288817,VS0,VE0
etag: W/"a46-Uix2NkPB0I/GV8TfwpC4Pnx3UV8"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 5, 4

GET
H2 200 6411da412500003c00754f19.jpg
img.huffingtonpost.com/asset/ 1 KB
2 KB 9ms
7ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/6411da412500003c00754f19.jpg?ops=92_92&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ba8fdce71e121e7ab671780e66cbb3d33bbcb35d04a0d68ec5b2f41b51b414a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6237
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 1416
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000136-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.300149,VS0,VE0
etag: W/"588-LkLUzOYZSn9LYUfuMbaaF/A18Lw"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 5, 4

GET
H2 200 642b45a62500001e00b007d7.jpg
img.huffingtonpost.com/asset/ 3 KB
3 KB 9ms
7ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642b45a62500001e00b007d7.jpg?ops=224_126&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1b97d3df4f2f76a7c2d29dded223038128d1eac3e6738a21ddabd178128b24e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6238
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 2896
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100145-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.300130,VS0,VE0
etag: W/"b50-ngaP7RdtlawAwU7iWe5mNbs/MuI"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 35, 4

GET
H2 200 642db6fe2200006f00447074.jpg
img.huffingtonpost.com/asset/ 5 KB
5 KB 10ms
8ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642db6fe2200006f00447074.jpg?ops=224_126&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fad3025731a9931690015eb21c8d3c4522f96ce567fcef6e4a02495abbaff5c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6238
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 5458
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000170-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.300513,VS0,VE0
etag: W/"1552-sZmNr7gO89M7QMxUvnGQTDtOpbI"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 35, 4

GET
H2 200 642dcb9f2200003000447084.jpg
img.huffingtonpost.com/asset/ 4 KB
4 KB 10ms
8ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642dcb9f2200003000447084.jpg?ops=224_126&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3fd48b066cf9049e3bef3e6932ee2e91a376a08ad6e59a3fbeb93e5393a58dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6238
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 4096
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000135-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.300541,VS0,VE0
etag: W/"1000-LD+cb/zLA542OsMcEBqsqBiD/J0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 38, 90

GET
H2 200 642ee0f62300001b006d6eae.jpg
img.huffingtonpost.com/asset/ 7 KB
7 KB 9ms
7ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642ee0f62300001b006d6eae.jpg?ops=224_126&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ce31d0c9c938524ee7978fd63764bb030c365f65bfb5f1d34b2323f07bec8178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6237
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 6774
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kiad7000052-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.300521,VS0,VE0
etag: W/"1a76-nwXhlKBCGnjbvqpYAf0ieJ8e+tc"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 36, 4

GET
H2 200 642f23eb2600005a009f76aa.jpg
img.huffingtonpost.com/asset/ 3 KB
3 KB 10ms
9ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f23eb2600005a009f76aa.jpg?ops=224_126&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

68cbe3d348b345e03a8268f9b7b8e4beaaffd570be3c96f6d1e3727719110cd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6238
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 3228
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100168-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.300542,VS0,VE0
etag: W/"c9c-8uChLDE6/ZG6B63Nqc44PZlYjhE"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 36, 5

GET
H2 200 642f028f2500001a00c6b787.jpg
img.huffingtonpost.com/asset/ 6 KB
6 KB 7ms
7ms Image
image/webp 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.huffingtonpost.com/asset/642f028f2500001a00c6b787.jpg?ops=224_126&format=webp

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98add146dfaf952b6018ba597793055f7f6145252a951d231cf6381480ca188b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 6237
x-dns-prefetch-control: off
x-cache: HIT, HIT
content-length: 5750
x-xss-protection: 1; mode=block
x-served-by: cache-iad-kjyo7100104-IAD, cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
x-timer: S1680845567.309635,VS0,VE0
etag: W/"1676-QIhyjTZXc0f9QMtRnJTlwlzwtkE"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public,max-age=86400
accept-ranges: bytes
x-cache-hits: 30, 4

GET
H2 200 impl.20230403-3-RELEASE.js Show response
cdn.taboola.com/libtrc/ 740 KB
155 KB 9ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230403-3-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/buzzfeedinc-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 05e0c0f5f3b5407e2600bbef4eac47ccdbac0bc8224365fed80bc19fed9f6c1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: QvwYx8.BvXjnY.2at3Q2UXDRvPeUc7sv
content-encoding: br
via: 1.1 varnish
date: Fri, 07 Apr 2023 05:32:47 GMT
x-amz-request-id: XM8H7TZETQAG9RVE
age: 15568
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 158081
x-amz-id-2: 2xDgGZzg9AWnqlUU5zXfp82kt7GL/RRP/Oj8B5lRoCPUWcVZ83dnQCy35ciugsHBGgvIXphFpbs=
x-served-by: cache-fra-eddf8230131-FRA
last-modified: Mon, 03 Apr 2023 09:11:26 GMT
server: AmazonS3-br
x-timer: S1680845567.289332,VS0,VE0
etag: "6ffb34af0a740c4b6bd3c678cf4b60e3"
vary: Accept-Encoding
content-type: application/javascript
abp: 8
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 642

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 35ms
8ms Script
application/javascript 13.32.99.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/buzzfeedinc-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Thu, 06 Apr 2023 06:30:31 GMT
content-encoding: gzip
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 82937
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: fAfkdrmWpDCFLbBeYKx7RL8z9Rs_4AmQRhryC_ONK9phPk3BJBRGEQ==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 135ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800,900&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2281geldebakim.buzz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 10:31:28 GMT
x-content-type-options: nosniff
age: 241279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 10:31:28 GMT

GET
H2 200 6NUQ8FmMKwSEKjnm5-4v-4Jh2dJhew.woff2
fonts.gstatic.com/s/alfaslabone/v17/ 17 KB
18 KB 169ms
80ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alfaslabone/v17/6NUQ8FmMKwSEKjnm5-4v-4Jh2dJhew.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alfa+Slab+One&display=fallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9374de123126424cc9576c36c508f12954bb9c1da8a23d035bf8a0131f7113f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2281geldebakim.buzz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 11:33:32 GMT
x-content-type-options: nosniff
age: 237555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17896
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:03:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 11:33:32 GMT

GET proxima-nova-semibold.hash-f45999e0380f344650ac535a7a00e6a9.woff
www.huffpost.com/static-assets/cambria/app/fonts/ 0
0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
47 KB 181ms
95ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: modulous.huffpost.com
URL: https://modulous.huffpost.com/2023/03/29/1680117875-bundle-hp-gam-b83750b.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfac1c069c26d6d6e929d31231de45cbc67717136dd23fd44338dc3918b3f63e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47949
x-xss-protection: 0
server: cafe
etag: 14561552375850871308
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 Apr 2023 05:32:47 GMT

GET
H2 200 pxid Show response
a2a5c7f9-3fa0-4182-889a-15aa61acf59b.prmutv.co/v2.0/ 12 B
229 B 75ms
20ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a2a5c7f9-3fa0-4182-889a-15aa61acf59b.prmutv.co/v2.0/pxid?k=406b9ad8-2772-474f-82e6-774a332d9754
Requested by: Host: a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app
URL: https://a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app/d0aea23f-b86d-47b4-9d71-210104685824-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer: https://2281geldebakim.buzz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://2281geldebakim.buzz
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
825 B 52ms
17ms XHR
application/json 185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app
URL: https://a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app/d0aea23f-b86d-47b4-9d71-210104685824-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://2281geldebakim.buzz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 07 Apr 2023 05:32:47 GMT
AN-X-Request-Uuid: 1f215db0-c4d6-4a52-aa8d-5af67542510f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://2281geldebakim.buzz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.173; 185.213.155.173; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 d0aea23f-b86d-47b4-9d71-210104685824-models.bin Show response
cdn.permutive.com/models/v2/ 46 KB
34 KB 67ms
44ms XHR
application/x-binary 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/d0aea23f-b86d-47b4-9d71-210104685824-models.bin
Requested by: Host: a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app
URL: https://a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app/d0aea23f-b86d-47b4-9d71-210104685824-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4f1fcbe947745a3b1cac4aef064cc94b1f227fe9682aa10848f0b5ad14a8751

Request headers

Referer: https://2281geldebakim.buzz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
cf-cache-status: MISS
x-goog-meta-oid: a2a5c7f9-3fa0-4182-889a-15aa61acf59b
age: 0
x-guploader-uploadid: ADPycds1xSOeoewlQMmJ8_mR6CGmzFaoy8ezaFNTnvEcherHg6z7sP9V1i4P5qqyfg9qP1KcTE8KgTaYLsfDpOrzRi7w-RE2gmUp
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 34324
last-modified: Wed, 05 Apr 2023 20:39:22 GMT
server: cloudflare
etag: "5d998be76419bf2f02dbc6a441b191d7"
vary: Accept-Encoding
x-goog-generation: 1680727162530737
content-type: application/x-binary
access-control-allow-origin: *
x-goog-hash: crc32c=yiXfKg==, md5=XZmL52QZvy8C28akQbGR1w==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 34324
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7b3fe45cfea89b67-FRA
expires: Fri, 07 Apr 2023 05:32:47 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 261 B
372 B 56ms
19ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=406b9ad8-2772-474f-82e6-774a332d9754
Requested by: Host: a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app
URL: https://a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app/d0aea23f-b86d-47b4-9d71-210104685824-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 39c5031fa5e04352d50fff0f766f4c5f77f2e30a45fcf73d0470bd41cd041394

Request headers

Referer: https://2281geldebakim.buzz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://2281geldebakim.buzz
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 2 B
87 B 61ms
25ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=406b9ad8-2772-474f-82e6-774a332d9754
Requested by: Host: a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app
URL: https://a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app/d0aea23f-b86d-47b4-9d71-210104685824-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://2281geldebakim.buzz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://2281geldebakim.buzz
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

GET
H2 200 get-action Show response
nr-events.taboola.com/newsroom/1.0/buzzfeedinc-huffpostus/ 132 B
299 B 23ms
15ms Script
application/json 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://nr-events.taboola.com/newsroom/1.0/buzzfeedinc-huffpostus/get-action?page.url=https%3A%2F%2Fwww.huffpost.com%2F&view.id=440717797702901141&page.template=home&page.dashboard=home
Requested by: Host: c2.taboola.com
URL: https://c2.taboola.com/nr/buzzfeedinc-huffpostus/newsroom.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f3b5abb02caf6b5032e568f335911dbd73c5615a70d1ac22ccdcff1a33bbd99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230022-FRA
tbl-x-upstream: 10.44.35.217:8080
date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish
server: nginx
x-timer: S1680845568.558930,VS0,VE9
x-cache: MISS
content-type: application/json;charset=UTF-8
accept-ranges: bytes
content-length: 132
x-application-context: front-page-event-server:production
x-cache-hits: 0

GET
H2 200 si
capi.connatix.com/tr/ 0
78 B 158ms
140ms Image
application/json 104.18.33.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capi.connatix.com/tr/si?token=08c32caf-3de9-4dec-b089-28af763b377b&cid=1bf35e8b-3d55-48a6-aef8-0ebfdd277df7
Requested by: Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7b3fe45d589bbbbb-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 experiment_variants Show response
abeagle-public.buzzfeed.com/v3/ 299 B
676 B 131ms
107ms Fetch
application/json 151.101.2.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://abeagle-public.buzzfeed.com/v3/experiment_variants?user_id=0dbf2761-26d1-4593-9317-d5648a0036f8&source=huffpost_web&experiment_names=hp_ml_related_test_v1%3Bhp_bottom_recirc_test
Requested by: Host: www.huffpost.com
URL: https://www.huffpost.com/static-assets/cambria/app/news.92c819ad0fd95cc03baf.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 91a16e8a6f44cc03c9407ebdc69175e8a10c5780db18fccf27e5bd360299c8a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230124-FRA
date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish
age: 0
x-timer: S1680845568.582735,VS0,VE100
etag: "8c45c4b1612a7b2d7f96c73f3295140816b2dde4"
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
cache-control: no-store
accept-ranges: bytes
content-length: 299
x-cache-hits: 0

GET
BLOB 200
OK 92e62702-c70f-4750-841f-e6124b1c60b6
https://2281geldebakim.buzz/ 826 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://2281geldebakim.buzz/92e62702-c70f-4750-841f-e6124b1c60b6
Requested by: Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c6ee8945a594b74cfefe2e34ab05ad3c90df777e62340097250e1e6c605e710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 846019
Content-Type

GET
BLOB 200
OK b673c516-3e1f-4093-8cef-9f84f225ec07
https://2281geldebakim.buzz/ 826 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://2281geldebakim.buzz/b673c516-3e1f-4093-8cef-9f84f225ec07
Requested by: Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c6ee8945a594b74cfefe2e34ab05ad3c90df777e62340097250e1e6c605e710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Length: 846019
Content-Type

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 313ms
99ms Preflight
text/plain 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://2281geldebakim.buzz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://2281geldebakim.buzz
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Fri, 07 Apr 2023 05:32:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1740781-82

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Apr 2023 04:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5255
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 07 Apr 2023 06:05:12 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 32ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Apr 2023 05:32:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27909
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: zoZ1jCg5wCq7kP7JmHPL2t2lEBy3JktO4y2s/OmhT2LDBa2nf64PhOffkl32z555Ysc81RTBDLeicVaaa5KceA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 42ms
7ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
etag: "DUHyBE1e2vdA+NAhXV6BXg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 14 Apr 2023 05:32:47 GMT

GET
H2 200 b-f140f48-062e7711.js Show response
tagan.adlightning.com/buzzfeed/ 79 KB
29 KB 8ms
8ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/buzzfeed/b-f140f48-062e7711.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b80a8c5968510a6773d057e73914372457bf2e6af25f8e5674ed7d181cc87fce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 01:39:50 GMT
content-encoding: gzip
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-version-id: CEvUge93gQEomjvEUfdtjjGuWjPYqqkM
x-amz-cf-pop: FRA60-P4
age: 273178
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29690
x-amz-meta-git_commit: f140f48
last-modified: Mon, 23 Jan 2023 14:42:46 GMT
server: AmazonS3
etag: "c0bf962607f14019f659d0f3bc7d7c83"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: aQ79_-eKx6KUKjzD0ybHAqYW5InsbKo8GSl4ukMlEn4pQHT1V2h0Ug==

GET
H2 200 bl-deea5a1-fd48763f.js Show response
tagan.adlightning.com/buzzfeed/ 69 KB
29 KB 10ms
10ms Script
application/javascript 18.66.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/buzzfeed/bl-deea5a1-fd48763f.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f4efc8e1a3527819280956282a7d2caab6dc6d66f2f3df19f64dec0b81e7439

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 12:27:41 GMT
content-encoding: gzip
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-version-id: W.hjt6RmGxiWpSzGFMXV8CTBM8d.uCXf
x-amz-cf-pop: FRA60-P4
age: 234307
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 29355
x-amz-meta-git_commit: deea5a1
last-modified: Tue, 04 Apr 2023 12:27:15 GMT
server: AmazonS3
etag: "fe73a8715dedcb32273725a7dcd731e8"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: DqsarGUBKgSpntR2fzmjHDfrBmh35Iijhm2FbPiaudGrFBq1a18AqA==

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 256 B
473 B 102ms
102ms Fetch
application/json 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: de582904fd7bf1499e50e8642266ee8c3fb54c06b7baa2f0b7ee2d969443167a

Request headers

x-lib-version: v1.0.1
accept-language: de-DE,de;q=0.9
authorization: Bearer ef61ea729b0d2b3168a9ca339d950d91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://2281geldebakim.buzz/
x-referring-url: https://2281geldebakim.buzz/

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 05:32:48 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 172
expires: -1

GET
H2 200 LeftNavTop.bc5f7f32b93fc0f6d025.js Show response
www.huffpost.com/static-assets/cambria/app/ 10 KB
5 KB 7ms
7ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/LeftNavTop.bc5f7f32b93fc0f6d025.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d689724dec41be15e0ba090e12a5da08cbe0e1fda3d36e69909023d7300b4ff8

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Thu, 04 Apr 2024 14:08:14 GMT
date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 141873
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-guploader-uploadid: ADPycdt1LutpWY1TiZ8YeXkmckdZdfGp1fAW5IgD6Ob01Z6ezjJU-J-LBGAQQs7HO8GJf-ml2llc_1YKhf3ns3q1d4KG2T2vDYb4
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 3611
x-xss-protection: 1; mode=block
x-request-id: 560730e5afeb9a5da6f000612c200abd
x-served-by: cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 05 Apr 2023 13:59:58 GMT
server: nginx
x-timer: S1680845568.684617,VS0,VE0
etag: "21af25483db53297717dd06520e5a424"
vary: Accept-Encoding
x-goog-hash: crc32c=Ff0g0Q==, md5=Ia8lSD21MpdxfdBlIOWkJA==
content-type: application/javascript; charset=utf-8
x-goog-generation: 1680703197920585
cache-control: max-age=31536000,immutable
x-goog-stored-content-length: 10721
accept-ranges: bytes
x-cache-hits: 19

GET
H2 200 vendors~Bookmark~Corrections~FeedbackToaster~LatestInZone~Liveblog~LiveblogContent~OfferModule~SeeMo~b4f80f81.22b77b89e6603a0e51fe.js Show response
www.huffpost.com/static-assets/cambria/app/ 12 KB
5 KB 8ms
7ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/vendors~Bookmark~Corrections~FeedbackToaster~LatestInZone~Liveblog~LiveblogContent~OfferModule~SeeMo~b4f80f81.22b77b89e6603a0e51fe.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2324b4e2e3e90ca2e3afe7f664047984f6e7d381d28dc67cbd2a43e19f66c272

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: C07lorPwxTLrf5a4zo39TqPkrqZog19V
content-encoding: gzip
via: 1.1 varnish
date: Fri, 07 Apr 2023 05:32:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: FJ3QRSCSN9J7H7EY
age: 38901
x-amz-server-side-encryption: AES256
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-cache: HIT
content-length: 4321
x-amz-id-2: /uZZWiUJg7vqDEsBdrL7MCPjsqPJPkwVaVnlBcLnlspq19l1WVyJskoapHm91cEa0qiTBt0RN2xxopQTiXqKmg==
x-request-id: e7a9fc742766909a54657a7cea2749b9
x-served-by: cache-fra-eddf8230036-FRA
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 Apr 2023 18:58:01 GMT
server: nginx
x-timer: S1680845568.684918,VS0,VE0
etag: "901fc919803c3751f185c83126b25019"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,immutable
accept-ranges: bytes
x-cache-hits: 6

GET
H2 200 vendors~LatestInZone~SeeMore.9ad2517b0fd48ab12d3b.js Show response
www.huffpost.com/static-assets/cambria/app/ 307 KB
99 KB 8ms
7ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/vendors~LatestInZone~SeeMore.9ad2517b0fd48ab12d3b.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

f568992c69d21e7f9435d7a54a47489d167f19732ced4d88508b3a729b238dc3

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 18:44:18 GMT
date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 38910
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-guploader-uploadid: ADPycdsvZ8PUT9q1ofcGxEjvQ0kjZQ8yi-FXc4-2YvNRodY0AH3oL_mp-NpinsQTBdpM20k5RI7c8Y5BwDVjRiphh9Z5vitB9R8x
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 100291
x-xss-protection: 1; mode=block
x-request-id: 7801273aae7aee8785f81f050d5c3209
x-served-by: cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Apr 2023 18:42:48 GMT
server: nginx
x-timer: S1680845568.685327,VS0,VE0
etag: "2d2b6258d2ac4de286ed5a2f8fe67c34"
vary: Accept-Encoding
x-goog-hash: crc32c=46eA2A==, md5=LStiWNKsTeKG7Vovj+Z8NA==
content-type: application/javascript; charset=utf-8
x-goog-generation: 1680806567919240
cache-control: max-age=31536000,immutable
x-goog-stored-content-length: 314442
accept-ranges: bytes
x-cache-hits: 7

GET
H2 200 Bookmark.1c8c71f86ef35684ecf1.js Show response
www.huffpost.com/static-assets/cambria/app/ 15 KB
6 KB 10ms
9ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/Bookmark.1c8c71f86ef35684ecf1.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c6319a600ce455c97632e514c4cf2abf8c0ff8174362798324942ddd4b1f51a2

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 18:44:20 GMT
date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 38908
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-guploader-uploadid: ADPycdvJOZMNxUN0cko8X_Nw3F3QDDHeKUoLdmQQBBlQC9diQVgxdH68wqPY2YwCLUZOjmBjuFooOCw8BGFM4UqpjkFITw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 4977
x-xss-protection: 1; mode=block
x-request-id: 2a156dfeb9b3881ef054555bfaa5a36b
x-served-by: cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Apr 2023 18:42:48 GMT
server: nginx
x-timer: S1680845568.685616,VS0,VE0
etag: "77d532d98a1ac6bd3615355c8701ad5f"
vary: Accept-Encoding
x-goog-hash: crc32c=CTginQ==, md5=d9Uy2Yoaxr02FTVchwGtXw==
content-type: application/javascript; charset=utf-8
x-goog-generation: 1680806567909970
cache-control: max-age=31536000,immutable
x-goog-stored-content-length: 14888
accept-ranges: bytes
x-cache-hits: 6

GET
H2 200 LatestInZone~Liveblog~LiveblogContent~SeeMore.4b5235ef5b6532e99592.js Show response
www.huffpost.com/static-assets/cambria/app/ 44 KB
17 KB 10ms
9ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/LatestInZone~Liveblog~LiveblogContent~SeeMore.4b5235ef5b6532e99592.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

d991a0540ba302f8fb2342c367402d8b887c57af42070121ee3d614826aa6144

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: pjtk72reGLZrBaS9cIqypgdNdyqx7tO6
content-encoding: gzip
via: 1.1 varnish
date: Fri, 07 Apr 2023 05:32:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: FJ3Z5SHMH3DV70V2
age: 38901
x-amz-server-side-encryption: AES256
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-cache: HIT
content-length: 16541
x-amz-id-2: soN7pPEKIoJj8uxQ1wyW8q/O7AT4e4iRzpdlVH6QdRlq7+meHJ7sKJUrK4M9K9aYuAOBnZKaGeB5DGClhsdYBp1XzaIGLJ71wD9pJfTGWf4=
x-request-id: cac283269e94447b2759d6236d0ec92e
x-served-by: cache-fra-eddf8230036-FRA
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 Apr 2023 18:58:00 GMT
server: nginx
x-timer: S1680845568.685656,VS0,VE0
etag: "41e836c325a0c0348f9f53ed1eddbab4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,immutable
accept-ranges: bytes
x-cache-hits: 5

GET
H2 200 LatestInZone.cc682ae6ce27cdef7eff.js Show response
www.huffpost.com/static-assets/cambria/app/ 90 KB
24 KB 11ms
10ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/LatestInZone.cc682ae6ce27cdef7eff.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e82c8d0460e64a3c293371039eeb14ba88ec612662624883cc943f2e8950b336

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: OBCQuWdEqtH52TldnO45Vx5mSHcSunxA
content-encoding: gzip
via: 1.1 varnish
date: Fri, 07 Apr 2023 05:32:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 9DG8NQM8WWVR4H4R
age: 38865
x-amz-server-side-encryption: AES256
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-cache: HIT
content-length: 23827
x-amz-id-2: hYmToZNYxB5BHHII34dDpZD24lx968aAP02GAE88+EHPzctOpilpWgRI1ylfPtGM3TJIXvt2iEM=
x-request-id: 918c328ce14b3b54a6a8ce4b7e63c246
x-served-by: cache-fra-eddf8230036-FRA
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 Apr 2023 18:58:00 GMT
server: nginx
x-timer: S1680845568.686111,VS0,VE0
etag: "e6259384f2b70ceed69c560cd596f21a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,immutable
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 MemberStatus.5b66b500a010461fe18f.js Show response
www.huffpost.com/static-assets/cambria/app/ 8 KB
4 KB 11ms
11ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/MemberStatus.5b66b500a010461fe18f.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5f19caf5d00424be9464752561fa4b49a5dcb2140e9047ed0c13aead331e43b7

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 18:44:21 GMT
date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 38906
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-guploader-uploadid: ADPycdtQkPoy4240hFcgP0x02JQ0hAetKiKZ7Wq0GcvKFvWk4nlS7ylKrokaorMkoBR-SwtDMmI0dKyEuzSlPx5uQ8rJh0ybap7a
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 2983
x-xss-protection: 1; mode=block
x-request-id: 66df3f6fac439ecd257a21545b725cb6
x-served-by: cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Apr 2023 18:42:47 GMT
server: nginx
x-timer: S1680845568.686083,VS0,VE0
etag: "d5ffc0fa1936744b4efe76cd82c7d16f"
vary: Accept-Encoding
x-goog-hash: crc32c=G9XqDw==, md5=1f/A+hk2dEtO/nbNgsfRbw==
content-type: application/javascript; charset=utf-8
x-goog-generation: 1680806567840715
cache-control: max-age=31536000,immutable
x-goog-stored-content-length: 7771
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 vendors~Slideshow~SubNav.8057307183f6a3e290e9.js Show response
www.huffpost.com/static-assets/cambria/app/ 12 KB
5 KB 12ms
12ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/vendors~Slideshow~SubNav.8057307183f6a3e290e9.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

47eec67045136b6d5e885d5871131bae400861171e1246bbb9bf467d8d70fc43

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Fri, 05 Apr 2024 18:44:16 GMT
date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
age: 38911
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-guploader-uploadid: ADPycdt5E5Q-CHyLyhJC1Bf4h61RV-oENUNH2ELoBTXGB6F883t2Ovs-4Vnutb1ZhbWLFbnCfkAkjl5yYch4KE7_4Gmqv1PgG9KU
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 4705
x-xss-protection: 1; mode=block
x-request-id: d7d6c956a86474ae2a1d1d66d6a56aba
x-served-by: cache-fra-eddf8230036-FRA
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Apr 2023 18:42:48 GMT
server: nginx
x-timer: S1680845568.686774,VS0,VE0
etag: "5bc00ff32b91601ff04000add9a08b13"
vary: Accept-Encoding
x-goog-hash: crc32c=9HVVKQ==, md5=W8AP8yuRYB/wQACt2aCLEw==
content-type: application/javascript; charset=utf-8
x-goog-generation: 1680806567911779
cache-control: max-age=31536000,immutable
x-goog-stored-content-length: 11908
accept-ranges: bytes
x-cache-hits: 655

GET
H2 200 SubNav.327384891f4c18e8bb4e.js Show response
www.huffpost.com/static-assets/cambria/app/ 82 KB
27 KB 12ms
12ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/SubNav.327384891f4c18e8bb4e.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

df6f888b405a9c789a36510343e1b7b90004ffbc89f33c820c483ce8b9811cf9

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: fOqA_whpea9Rljs8fYgN.3o.Ver.Dauf
content-encoding: gzip
via: 1.1 varnish
date: Fri, 07 Apr 2023 05:32:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: FJ3RQDE8ZRYT0EJQ
age: 38901
x-amz-server-side-encryption: AES256
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-cache: HIT
content-length: 26571
x-amz-id-2: QEftOQDj4pEezMhVQH9MOGsytyopmgCTJXY9TdTjmEOK20tTYsjYVLrLJpwuPadjndfZplzIpVI=
x-request-id: 0bcc8d1f22ac7c934d46bb8bcdfedb15
x-served-by: cache-fra-eddf8230036-FRA
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 Apr 2023 18:58:00 GMT
server: nginx
x-timer: S1680845568.686781,VS0,VE0
etag: "8f4593d615c2c0780584b92fd0e3d702"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,immutable
accept-ranges: bytes
x-cache-hits: 13

GET
H2 200 Image.c0ac8750036bab98d9f2.js Show response
www.huffpost.com/static-assets/cambria/app/ 19 KB
6 KB 14ms
14ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/Image.c0ac8750036bab98d9f2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7fd1e23e0402b701442062344ca63a365878b0da17af93678bd48595cd15eae8

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: CoNsF3KB2XSnJ2ddV5BxW2FVZrK6HcKJ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 07 Apr 2023 05:32:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: NR5H99YT2K1CHAKH
age: 38865
x-amz-server-side-encryption: AES256
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-cache: HIT
content-length: 5661
x-amz-id-2: m+3KJopDrZ2uJyo4vhowIP1swNguWoC939RsghaAhfNBEkoB0hZMSucPXzDrpMdXKVMJa383F5U=
x-request-id: 54c9908f9f5587a145b69927f20189ee
x-served-by: cache-fra-eddf8230036-FRA
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 Apr 2023 18:58:00 GMT
server: nginx
x-timer: S1680845568.687268,VS0,VE0
etag: "710d4a97926970cf6255fc53b1450857"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,immutable
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 Newsletter.d5e6d7c124a2bdefd809.js Show response
www.huffpost.com/static-assets/cambria/app/ 18 KB
7 KB 15ms
14ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huffpost.com/static-assets/cambria/app/Newsletter.d5e6d7c124a2bdefd809.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.114 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

5be557e9ac5a294c756c75cfa3dac8d7d47c376685d66a49298f45a6e13172a0

Security Headers

Name	Value
Content-Security-Policy	sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' .huffpost.com .huffingtonpost.com .huffpost.net .buzzfeed.com clients.opinary.com compass.pressekompass.net .newsbreak.com .newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: kaYpRVpYcGyEp3IDNRevAEWye6X6aWo.
content-encoding: gzip
via: 1.1 varnish
date: Fri, 07 Apr 2023 05:32:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: FJ3H5M9XFR5P7BX7
age: 38900
x-amz-server-side-encryption: AES256
content-security-policy: sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation allow-top-navigation-by-user-activation; frame-ancestors 'self' *.huffpost.com *.huffingtonpost.com *.huffpost.net *.buzzfeed.com clients.opinary.com compass.pressekompass.net *.newsbreak.com *.newsbreakapp.com; report-uri https://huffpost.report-uri.com/r/d/csp/enforce;
x-cache: HIT
content-length: 6368
x-amz-id-2: ovQYb0X2NTD7QTBbrCFkTTxw6Dve7VRUKIXQOSMCPHlX1Lk7YJ9/UhY/IBcVvAKOE6TO8DDPkoM=
x-request-id: 39236546b4ab3d84232fd51b0d0e6739
x-served-by: cache-fra-eddf8230036-FRA
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 03 Apr 2023 18:58:00 GMT
server: nginx
x-timer: S1680845568.690434,VS0,VE0
etag: "afdf4b990ac1ea3c3d7c86eb45058981"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000,immutable
accept-ranges: bytes
x-cache-hits: 11

GET
H2 200 card-interference-detector.20230403-3-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
3 KB 8ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/card-interference-detector.20230403-3-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/buzzfeedinc-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9357df199cf8dbe3f41d85e47ce707b1a930cf858ba1d8341f2d09ccf05f2f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id: 2_prg3ImbfpzIMfRL7O0V6BmThBASLup
content-encoding: gzip
via: 1.1 varnish
date: Fri, 07 Apr 2023 05:32:47 GMT
x-amz-request-id: EGRY8FCHJXGR0K10
age: 227559
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2179
x-amz-id-2: VMYnR7KJaTjrYugBNL9yycdcq7A2eZmMYakzzP/p2oNZ9UUZ/ABe1CBmqsrnUbvW6uJVaXtYWRc=
x-served-by: cache-fra-eddf8230131-FRA
last-modified: Tue, 04 Apr 2023 14:20:09 GMT
server: AmazonS3
x-timer: S1680845568.702144,VS0,VE0
etag: "72c94cf8e18b1c3b9ec45c31bd039677"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 8
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 6426

GET
H2 204 notify-impression
nr-events.taboola.com/newsroom/1.0/buzzfeedinc-huffpostus/ 0
65 B 16ms
15ms Image
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr-events.taboola.com/newsroom/1.0/buzzfeedinc-huffpostus/notify-impression?page.url=https%3A%2F%2Fwww.huffpost.com%2F&view.id=440717797702901141&page.template=home&page.dashboard=home
Requested by: Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230022-FRA
tbl-x-upstream: 10.44.62.142:8080
date: Fri, 07 Apr 2023 05:32:47 GMT
via: 1.1 varnish
server: nginx
x-timer: S1680845568.713821,VS0,VE9
x-cache: MISS
accept-ranges: bytes
x-application-context: front-page-event-server:production
x-cache-hits: 0

POST
H/1.1 200
OK events
pixiedust.buzzfeed.com/ 0
0 421ms
107ms Ping
text/plain 34.224.142.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixiedust.buzzfeed.com/events
Requested by: Host: www.huffpost.com
URL: https://www.huffpost.com/static-assets/cambria/app/news.92c819ad0fd95cc03baf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.142.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-142-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2281geldebakim.buzz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 identify Show response
api.permutive.com/v2.0/ 50 B
267 B 50ms
20ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=406b9ad8-2772-474f-82e6-774a332d9754
Requested by: Host: a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app
URL: https://a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app/d0aea23f-b86d-47b4-9d71-210104685824-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44c2c6ee91994e8ca7347fac1421eaf4b9e73c64f9d1ccbaf1c83b15b135d1d4

Request headers

Referer: https://2281geldebakim.buzz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://2281geldebakim.buzz
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 player.css
cds.connatix.com/p/253991/ 64 KB
11 KB 16ms
16ms Stylesheet
text/css 104.18.33.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/253991/player.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9edc05982381ab2889031e810fb25a7c87f5587307d4779bb9890cd36fe5189b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:47 GMT
x-amz-version-id: wPdibIJ_C..Mhn70.v48piLh3caGkApw
content-encoding: br
cf-cache-status: HIT
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 06 Apr 2023 15:55:08 GMT
server: cloudflare
etag: W/"7145088910d36c8d1fa9433a90dbe70a"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 7b3fe45eba19bbbb-FRA
access-control-allow-headers: range
expires: Sat, 06 Apr 2024 05:32:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/ Frame 94FE 10 KB
5 KB 135ms
37ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2281geldebakim.buzz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14364
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Apr 2023 01:33:23 GMT
etag: 2378337311435320485
expires: Fri, 21 Apr 2023 01:33:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rules-p-3aud4J6uA4Z6Y.js Show response
rules.quantcount.com/ 9 KB
2 KB 43ms
7ms Script
application/javascript 2600:9000:223c:2000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-3aud4J6uA4Z6Y.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:2000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5423a8b64392927336c6ed24e4504d9655370ae2fb885954a1bbf519e0da8100

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:03:23 GMT
content-encoding: gzip
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1765
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Wed, 17 Nov 2021 20:52:23 GMT
server: AmazonS3
etag: W/"54c17dc48c3834d548677108ac4d7613"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: LpN4wdBcaLGD3KfSMeR6sJQU3GcdvfSt1jLkQX2E57WmhyDpsbfpGw==

GET
H2 200 1621685564716533 Show response
connect.facebook.net/signals/config/ 513 KB
149 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1621685564716533?v=2.9.100&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42f9d01b1cb8de6cc434cf17eaa2e9376e4fd559cc7ab7f557617555ecd3ae9a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Apr 2023 05:32:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 152048
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: o4RAJAP/fCmlfgoWxaanLMGB4clznwylXjdB1xCq0Zp/PPcdJtmgP+e2/ZbwsU3aGCwtQaVgPbzbPNIEwIhSJA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 45ms
45ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=70883139&t=pageview&_s=1&dl=https%3A%2F%2F2281geldebakim.buzz%2F&ul=en-us&de=UTF-8&dt=HuffPost%20-%20Breaking%20News%2C%20U.S.%20and%20World%20News%20%7C%20HuffPost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GBAAUABAAAAACAAI~&jid=265420732&gjid=235185932&cid=2008500210.1680845568&tid=UA-1740781-82&_gid=1390808397.1680845568&_r=1&gtm=457e3430&cd1=home&cd4=us&cd5=homepage&cd6=front-page&cd10=cambria&cd11=0&z=1397729393

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2281geldebakim.buzz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 05:32:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2281geldebakim.buzz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pls Show response
capi.connatix.com/core/ Frame 7132 27 KB
9 KB 173ms
173ms XHR
application/x-protobuf 104.18.33.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=253991&cid=1bf35e8b-3d55-48a6-aef8-0ebfdd277df7
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=1bf35e8b-3d55-48a6-aef8-0ebfdd277df7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 612b9af1a1d27c8f59cf48bcfc0918bbaf0651d6cbb60dafec3534ae6a93d4f3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Fri, 07 Apr 2023 05:32:48 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://2281geldebakim.buzz
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 7b3fe4608bdabbbb-FRA
access-control-allow-headers: x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK events
pixiedust.buzzfeed.com/ 0
0 310ms
107ms Ping
text/plain 34.224.142.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixiedust.buzzfeed.com/events
Requested by: Host: www.huffpost.com
URL: https://www.huffpost.com/static-assets/cambria/app/news.92c819ad0fd95cc03baf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.142.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-142-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://2281geldebakim.buzz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 410ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-1740781-82&cid=2008500210.1680845568&jid=265420732&gjid=235185932&_gid=1390808397.1680845568&_u=4GBAAUAAAAAAACAAI~&z=2059151862

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2281geldebakim.buzz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 07 Apr 2023 05:32:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://2281geldebakim.buzz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 events Show response
fbcapiv2.buzzfeed.com/ 0
166 B 460ms
103ms XHR
text/plain 2600:1f18:2faa:8200:f444:aefa:4863:83ec
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fbcapiv2.buzzfeed.com/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1621685564716533?v=2.9.100&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f18:2faa:8200:f444:aefa:4863:83ec Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://2281geldebakim.buzz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://2281geldebakim.buzz
date: Fri, 07 Apr 2023 05:32:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 365ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1621685564716533&ev=PageView&dl=https%3A%2F%2F2281geldebakim.buzz%2F&rl=&if=false&ts=1680845568142&sw=1600&sh=1200&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680845568138.393336553&eid=ob3_plugin-set_469526c0f903c4019e9639d668015920babb2d93e183dd4ad0d238bc06c9a714&it=1680845567959&coo=false&rqm=GET

Requested by

Host: 2281geldebakim.buzz
URL: https://2281geldebakim.buzz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 05:32:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 segment Show response
api.permutive.com/adv/v2/ 30 B
94 B 31ms
31ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=406b9ad8-2772-474f-82e6-774a332d9754
Requested by: Host: a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app
URL: https://a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app/d0aea23f-b86d-47b4-9d71-210104685824-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer: https://2281geldebakim.buzz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 07 Apr 2023 05:32:48 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
content-type: application/json

GET insights.bin
ins.connatix.com/886b52e0-2307-4488-a01b-9019f9bdcfed/3/ Frame 7132 0
0

GET insights.bin
ins.connatix.com/5483e7f4-c0b1-4280-9583-4bed52171e25/3/ Frame 7132 0
0

GET insights.bin
ins.connatix.com/d5f34b86-0373-470b-b5a0-6cb1a7fa51a9/3/ Frame 7132 0
0

GET insights.bin
ins.connatix.com/d866066e-f955-4537-9567-c4d6801c7c55/4/ Frame 7132 0
0

GET insights.bin
ins.connatix.com/08c9d2ee-4c6b-4937-95f3-d77648194c38/3/ Frame 7132 0
0

GET insights.bin
ins.connatix.com/978cb1ea-837a-44fe-99c4-96fa11a0199a/16/ Frame 7132 0
0

GET insights.bin
ins.connatix.com/97f21b3d-1e53-4af3-90e4-7709b2bfb6d7/3/ Frame 7132 0
0

GET insights.bin
ins.connatix.com/a4769b98-f961-43c8-818b-160458573f28/3/ Frame 7132 0
0

GET insights.bin
ins.connatix.com/e0a81325-cb95-4b62-81a7-d38d99a967a5/3/ Frame 7132 0
0

GET insights.bin
ins.connatix.com/03a61312-6d64-495e-93fd-0cb26ae6ea45/3/ Frame 7132 0
0

GET blockedDomains_1.bin
lit.connatix.com/ecac3f99-2966-413d-8629-5746951209fe/ Frame 7132 0
0

POST sr
capi.connatix.com/tr/ Frame 7132 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
26 KB 297ms
99ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/buzzfeed/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a82ef00e733c55541beb3b07a6f3b47e8048c98d45143799043bad2610daf67a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2281geldebakim.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 05:32:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25654
x-xss-protection: 0
server: cafe
etag: 22 / 19454 / m202303300101 / config-hash: 10004049301988528966
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Apr 2023 05:32:48 GMT

GET 3_media.bin
vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/886b52e0-2307-4488-a01b-9019f9bdcfed/ Frame 7132 0
0

GET ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 7132 0
0

GET elements.ui.1328ced3e07d06f80173.js
cds.connatix.com/p/253991/ Frame 7132 0
0

GET 3_media.bin
vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/5483e7f4-c0b1-4280-9583-4bed52171e25/ Frame 7132 0
0

GET 3_media.bin
vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/d5f34b86-0373-470b-b5a0-6cb1a7fa51a9/ Frame 7132 0
0

GET 4_media.bin
vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/d866066e-f955-4537-9567-c4d6801c7c55/ Frame 7132 0
0

GET 3_media.bin
vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/08c9d2ee-4c6b-4937-95f3-d77648194c38/ Frame 7132 0
0

GET 16_media.bin
vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/978cb1ea-837a-44fe-99c4-96fa11a0199a/ Frame 7132 0
0

GET 3_media.bin
vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/97f21b3d-1e53-4af3-90e4-7709b2bfb6d7/ Frame 7132 0
0

GET 3_media.bin
vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/a4769b98-f961-43c8-818b-160458573f28/ Frame 7132 0
0

GET 3_media.bin
vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/e0a81325-cb95-4b62-81a7-d38d99a967a5/ Frame 7132 0
0

GET 3_media.bin
vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/03a61312-6d64-495e-93fd-0cb26ae6ea45/ Frame 7132 0
0

POST /
pl.connatix.com/ Frame 7132 0
0

POST
H2 200 events Show response
fbcapiv2.buzzfeed.com/ 0
165 B 103ms
101ms XHR
text/plain 2600:1f18:2faa:8200:f444:aefa:4863:83ec
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fbcapiv2.buzzfeed.com/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1621685564716533?v=2.9.100&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f18:2faa:8200:f444:aefa:4863:83ec Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://2281geldebakim.buzz
date: Fri, 07 Apr 2023 05:32:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 9ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1621685564716533&ev=PermutiveSegmentEntry&dl=about%3Ablank&rl=&if=false&ts=1680845568510&cd[segment_id]=7684&sw=1600&sh=1200&v=2.9.100&r=stable&ec=1&o=30&eid=ob3_plugin-set_70db2f7a3afee0938d88daefea0f3eb683ae8b0e7e067cca74f7ad20d739b671&it=1680845567959&coo=false&rqm=GET

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 05:32:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 events Show response
fbcapiv2.buzzfeed.com/ 0
165 B 192ms
190ms XHR
text/plain 2600:1f18:2faa:8200:f444:aefa:4863:83ec
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fbcapiv2.buzzfeed.com/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1621685564716533?v=2.9.100&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f18:2faa:8200:f444:aefa:4863:83ec Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://2281geldebakim.buzz
date: Fri, 07 Apr 2023 05:32:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 9ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1621685564716533&ev=PermutiveSegmentEntry&dl=about%3Ablank&rl=&if=false&ts=1680845568510&cd[segment_id]=18874&sw=1600&sh=1200&v=2.9.100&r=stable&ec=2&o=30&eid=ob3_plugin-set_9900063d730ba193b1c88ba37e7ff21e56923c3fad11ccf15b97d20b8fae53a7&it=1680845567959&coo=false&rqm=GET

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 05:32:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 events Show response
fbcapiv2.buzzfeed.com/ 0
165 B 193ms
191ms XHR
text/plain 2600:1f18:2faa:8200:f444:aefa:4863:83ec
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fbcapiv2.buzzfeed.com/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1621685564716533?v=2.9.100&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f18:2faa:8200:f444:aefa:4863:83ec Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://2281geldebakim.buzz
date: Fri, 07 Apr 2023 05:32:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 9ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1621685564716533&ev=PermutiveSegmentEntry&dl=about%3Ablank&rl=&if=false&ts=1680845568511&cd[segment_id]=30797&sw=1600&sh=1200&v=2.9.100&r=stable&ec=3&o=30&eid=ob3_plugin-set_39a86fdf3122330dfa59c10ef10284909b3ec614c78450598a37bd1df6e1d0ee&it=1680845567959&coo=false&rqm=GET

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 05:32:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 events Show response
fbcapiv2.buzzfeed.com/ 0
165 B 193ms
192ms XHR
text/plain 2600:1f18:2faa:8200:f444:aefa:4863:83ec
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://fbcapiv2.buzzfeed.com/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1621685564716533?v=2.9.100&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f18:2faa:8200:f444:aefa:4863:83ec Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://2281geldebakim.buzz
date: Fri, 07 Apr 2023 05:32:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 9ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1621685564716533&ev=PermutiveSegmentEntry&dl=about%3Ablank&rl=&if=false&ts=1680845568511&cd[segment_id]=30951&sw=1600&sh=1200&v=2.9.100&r=stable&ec=4&o=30&eid=ob3_plugin-set_bdf4df2cea10470cf86fc03423f34cef456fce92dcf182c0f6b39677e9b14b92&it=1680845567959&coo=false&rqm=GET

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 05:32:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 132ms
47ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1740781-82&cid=2008500210.1680845568&jid=265420732&_u=4GBAAUAAAAAAACAAI~&z=513312212

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 05:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 134ms
50ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-1740781-82&cid=2008500210.1680845568&jid=265420732&_u=4GBAAUAAAAAAACAAI~&z=513312212

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Apr 2023 05:32:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 501 B
230 B 21ms
20ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=406b9ad8-2772-474f-82e6-774a332d9754
Requested by: Host: a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app
URL: https://a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app/d0aea23f-b86d-47b4-9d71-210104685824-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 0bdee3e8668d12b29fbd41098321c8681318b43bd70444ae8db43be87483e4af

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 07 Apr 2023 05:32:49 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://2281geldebakim.buzz
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 212

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
33 B 197ms
197ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=406b9ad8-2772-474f-82e6-774a332d9754
Requested by: Host: a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app
URL: https://a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app/d0aea23f-b86d-47b4-9d71-210104685824-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Fri, 07 Apr 2023 05:32:49 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 8ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1621685564716533&ev=Microdata&dl=about%3Ablank&rl=&if=false&ts=1680845569647&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.100&r=stable&ec=5&o=30&eid=ob3_plugin-set_2cd2d0cd5d7be7606b5ff8a4e14dd77fc63778f575c4c2266f245570f16e42d7&it=1680845567959&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Apr 2023 05:32:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H/1.1 200
OK events
pixiedust.buzzfeed.com/ 0
0 302ms
104ms Ping
text/plain 34.224.142.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixiedust.buzzfeed.com/events
Requested by: Host: www.huffpost.com
URL: https://www.huffpost.com/static-assets/cambria/app/news.92c819ad0fd95cc03baf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.142.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-142-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK events
pixiedust.buzzfeed.com/ 0
0 309ms
105ms Ping
text/plain 34.224.142.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixiedust.buzzfeed.com/events
Requested by: Host: www.huffpost.com
URL: https://www.huffpost.com/static-assets/cambria/app/news.92c819ad0fd95cc03baf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.142.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-142-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

POST
H/1.1 200
OK events
pixiedust.buzzfeed.com/ 0
0 642ms
107ms Ping
text/plain 34.224.142.209
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixiedust.buzzfeed.com/events
Requested by: Host: www.huffpost.com
URL: https://www.huffpost.com/static-assets/cambria/app/news.92c819ad0fd95cc03baf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.142.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-142-209.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.huffpost.com
URL: https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-regular.hash-79c14ea7490af62fc90c4c91a9ebdc4e.woff

Domain: www.huffpost.com
URL: https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-condensed-extrabld.hash-40acc89242624bef183ace6be58d6dfd.woff2

Domain: www.huffpost.com
URL: https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-condensed-bold.hash-cfe96e1adc5f15e8d1e1dbea32f45eaf.woff2

Domain: www.huffpost.com
URL: https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-condensed-extrabold-italic.hash-0ee0e93dd385edd2c35c066ec5916f29.woff2

Domain: www.huffpost.com
URL: https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-condensed-bold-italic.hash-22dfcf1417067b49e8c1e5304f3e60b5.woff2

Domain: www.huffpost.com
URL: https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-bold.hash-c5b5d29cb016c8df27f6fc56fb8d9a84.woff

Domain: www.huffpost.com
URL: https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-semibold.hash-f45999e0380f344650ac535a7a00e6a9.woff

Domain: ins.connatix.com
URL: https://ins.connatix.com/886b52e0-2307-4488-a01b-9019f9bdcfed/3/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/5483e7f4-c0b1-4280-9583-4bed52171e25/3/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/d5f34b86-0373-470b-b5a0-6cb1a7fa51a9/3/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/d866066e-f955-4537-9567-c4d6801c7c55/4/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/08c9d2ee-4c6b-4937-95f3-d77648194c38/3/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/978cb1ea-837a-44fe-99c4-96fa11a0199a/16/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/97f21b3d-1e53-4af3-90e4-7709b2bfb6d7/3/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/a4769b98-f961-43c8-818b-160458573f28/3/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/e0a81325-cb95-4b62-81a7-d38d99a967a5/3/insights.bin

Domain: ins.connatix.com
URL: https://ins.connatix.com/03a61312-6d64-495e-93fd-0cb26ae6ea45/3/insights.bin

Domain: lit.connatix.com
URL: https://lit.connatix.com/ecac3f99-2966-413d-8629-5746951209fe/blockedDomains_1.bin

Domain: capi.connatix.com
URL: https://capi.connatix.com/tr/sr?v=253991&tier=1

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/886b52e0-2307-4488-a01b-9019f9bdcfed/3_media.bin

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Domain: cds.connatix.com
URL: https://cds.connatix.com/p/253991/elements.ui.1328ced3e07d06f80173.js

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/5483e7f4-c0b1-4280-9583-4bed52171e25/3_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/d5f34b86-0373-470b-b5a0-6cb1a7fa51a9/3_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/d866066e-f955-4537-9567-c4d6801c7c55/4_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/08c9d2ee-4c6b-4937-95f3-d77648194c38/3_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/978cb1ea-837a-44fe-99c4-96fa11a0199a/16_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/97f21b3d-1e53-4af3-90e4-7709b2bfb6d7/3_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/a4769b98-f961-43c8-818b-160458573f28/3_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/e0a81325-cb95-4b62-81a7-d38d99a967a5/3_media.bin

Domain: vid.connatix.com
URL: https://vid.connatix.com/pid-08c32caf-3de9-4dec-b089-28af763b377b/03a61312-6d64-495e-93fd-0cb26ae6ea45/3_media.bin

Domain: pl.connatix.com
URL: https://pl.connatix.com/

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.2281geldebakim.buzz/	1970-01-20 20:30:05	Name: bf_visit Value: u%3D.sop2E2kYV%26uuid%3D0dbf2761-26d1-4593-9317-d5648a0036f8%26v%3D2
.2281geldebakim.buzz/	1970-01-20 10:54:07	Name: bf-xdomain-session-uuid Value: 8a126c79-3590-42f8-ae19-f48db5071977
.2281geldebakim.buzz/	1970-01-20 15:17:36	Name: permutive-id Value: 61d14f73-a347-4cff-a136-eedb923468f8
2281geldebakim.buzz/	1970-01-20 10:54:07	Name: sailthru_pageviews Value: 1
.2281geldebakim.buzz/	1970-01-20 20:30:05	Name: _ga Value: GA1.2.2008500210.1680845568
.2281geldebakim.buzz/	1970-01-20 10:55:31	Name: _gid Value: GA1.2.1390808397.1680845568
.2281geldebakim.buzz/	1970-01-20 10:54:05	Name: _gat_gtag_UA_1740781_82 Value: 1
2281geldebakim.buzz/	1970-01-20 19:39:41	Name: sailthru_visitor Value: a56d66be-a03b-4707-b2d9-daec9f159d90
.2281geldebakim.buzz/	1970-01-20 13:03:41	Name: _fbp Value: fb.1.1680845568138.393336553
2281geldebakim.buzz/	1970-01-20 10:54:07	Name: bf-xdomain-session-uuid Value: 8a126c79-3590-42f8-ae19-f48db5071977

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://2281geldebakim.buzz/ Message: Access to font at 'https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-condensed-bold.hash-cfe96e1adc5f15e8d1e1dbea32f45eaf.woff2' from origin 'https://2281geldebakim.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-condensed-bold.hash-cfe96e1adc5f15e8d1e1dbea32f45eaf.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://2281geldebakim.buzz/ Message: Access to font at 'https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-bold.hash-c5b5d29cb016c8df27f6fc56fb8d9a84.woff' from origin 'https://2281geldebakim.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-bold.hash-c5b5d29cb016c8df27f6fc56fb8d9a84.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://2281geldebakim.buzz/ Message: Access to font at 'https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-condensed-bold-italic.hash-22dfcf1417067b49e8c1e5304f3e60b5.woff2' from origin 'https://2281geldebakim.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-condensed-bold-italic.hash-22dfcf1417067b49e8c1e5304f3e60b5.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://2281geldebakim.buzz/ Message: Access to font at 'https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-condensed-extrabold-italic.hash-0ee0e93dd385edd2c35c066ec5916f29.woff2' from origin 'https://2281geldebakim.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-condensed-extrabold-italic.hash-0ee0e93dd385edd2c35c066ec5916f29.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://2281geldebakim.buzz/ Message: Access to font at 'https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-regular.hash-79c14ea7490af62fc90c4c91a9ebdc4e.woff' from origin 'https://2281geldebakim.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-regular.hash-79c14ea7490af62fc90c4c91a9ebdc4e.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://2281geldebakim.buzz/ Message: Access to font at 'https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-condensed-extrabld.hash-40acc89242624bef183ace6be58d6dfd.woff2' from origin 'https://2281geldebakim.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-condensed-extrabld.hash-40acc89242624bef183ace6be58d6dfd.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://2281geldebakim.buzz/ Message: Access to font at 'https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-semibold.hash-f45999e0380f344650ac535a7a00e6a9.woff' from origin 'https://2281geldebakim.buzz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huffpost.com/static-assets/cambria/app/fonts/proxima-nova-semibold.hash-f45999e0380f344650ac535a7a00e6a9.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2281geldebakim.buzz
a2a5c7f9-3fa0-4182-889a-15aa61acf59b.edge.permutive.app
a2a5c7f9-3fa0-4182-889a-15aa61acf59b.prmutv.co
abeagle-public.buzzfeed.com
ak.sail-horizon.com
api.permutive.com
api.sail-personalize.com
c2.taboola.com
capi.connatix.com
cd.connatix.com
cdn.permutive.com
cdn.taboola.com
cds.connatix.com
cmp.quantcast.com
connect.facebook.net
fbcapiv2.buzzfeed.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
img.huffingtonpost.com
ins.connatix.com
lit.connatix.com
modulous.huffpost.com
nr-events.taboola.com
pagead2.googlesyndication.com
pixiedust.buzzfeed.com
pl.connatix.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.scroll.com
stats.g.doubleclick.net
tagan.adlightning.com
vid.connatix.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.huffpost.com
capi.connatix.com
cds.connatix.com
imasdk.googleapis.com
ins.connatix.com
lit.connatix.com
pl.connatix.com
vid.connatix.com
www.huffpost.com
104.18.33.52
104.19.150.54
13.32.99.21
151.101.129.44
151.101.193.44
151.101.194.114
151.101.2.114
18.66.112.95
18.66.147.43
185.89.210.122
199.232.194.217
2600:1f18:2faa:8200:f444:aefa:4863:83ec
2600:9000:211e:b000:9:46dc:4700:93a1
2600:9000:223c:2000:6:44e3:f8c0:93a1
2606:4700:3031::ac43:b0a6
2606:4700::6812:af
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:810::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.107.254.252
34.224.142.209
35.241.9.51
75.2.40.13
05e0c0f5f3b5407e2600bbef4eac47ccdbac0bc8224365fed80bc19fed9f6c1c
0bdee3e8668d12b29fbd41098321c8681318b43bd70444ae8db43be87483e4af
0d274799a330049ab53b8224eb50efc51e2581a3d2f40808805797944c6f8e6b
14fb0a31c6e37dd5af21cb826eb7497fabf5541320434bc0370d0781ccadebd9
181e417c9b8e99a67f1d4910367e8c0fe56a30aaa3c3e4c7a1e48e0bb37b1f7c
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b97d3df4f2f76a7c2d29dded223038128d1eac3e6738a21ddabd178128b24e5
20b538a25e41b188ddaa618ce3f1b47837884bdf658d711184f548375ed1bdb7
2324b4e2e3e90ca2e3afe7f664047984f6e7d381d28dc67cbd2a43e19f66c272
23599bf00f00a24951b5bfe0becfc5ef6e05640a14d663785e615cad9e1ddf8d
294bb5998cd8169b05f68efebd2bdf08420c111837b1ab8ffe52872c0c42f79e
2b17e1cfc14685f164b2ea731839c9efbd62fe237285dec79cb804840767364a
2c6ee8945a594b74cfefe2e34ab05ad3c90df777e62340097250e1e6c605e710
2f0786c5252571299efb61540cf748b0c8220fe34c703d631de6d6a18b976097
305fe71cda673a5581e0e34f60339a09fd903d0ac38ed2b09bf0c3a71efeb4e0
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
39c5031fa5e04352d50fff0f766f4c5f77f2e30a45fcf73d0470bd41cd041394
39f5970cfa544293ac039746d270477c553b6c394a8ea2b1e7f18d7b5ad30e49
42f9d01b1cb8de6cc434cf17eaa2e9376e4fd559cc7ab7f557617555ecd3ae9a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c2c6ee91994e8ca7347fac1421eaf4b9e73c64f9d1ccbaf1c83b15b135d1d4
44fecf519043b6f97ad57fa9a4bcf7b6de82df8501a97d4fefb562f59bf6b526
47eec67045136b6d5e885d5871131bae400861171e1246bbb9bf467d8d70fc43
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
495114c9b9813606a32181b6a65e1cf8e49976eb6351af4f9cd6bc8efd8deb61
4e21c593d4be79790419dfe230a359c0315cbba2d2b5a18525db9bdd4da56fc1
4f3b5abb02caf6b5032e568f335911dbd73c5615a70d1ac22ccdcff1a33bbd99
5409df784011d69816ff3c94885d553d304d864e9ba0bf62521e421774ad4590
5423a8b64392927336c6ed24e4504d9655370ae2fb885954a1bbf519e0da8100
5860d02b2fc20353d304498ece030b5335734fb0f758bcece86c10648dc40499
5950f2b6dd24c5b82d3b7459e5e51ee1a027f52efd2b5fb570e60c898f6e84e7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5be557e9ac5a294c756c75cfa3dac8d7d47c376685d66a49298f45a6e13172a0
5d0c497c3a6e20573f4b89f3078e34000feceffcd77813ea8fa5de41c6484e85
5f19caf5d00424be9464752561fa4b49a5dcb2140e9047ed0c13aead331e43b7
612b9af1a1d27c8f59cf48bcfc0918bbaf0651d6cbb60dafec3534ae6a93d4f3
678e20186aa0f524b0c01604e77d38dbc3d52d8c05bf55ff58af317ce4eb4b95
684b4397186c1626ea93a2886af459cd4728fb864f19103ebd624339c50a3b6d
68cbe3d348b345e03a8268f9b7b8e4beaaffd570be3c96f6d1e3727719110cd0
6e0e1b4750d89db853ad49ee2963f8065b5daa2523a5d219a96509de76af113f
765c48866dd89de23069c09af8955ccc1ecd767326f4c45510a35d45a2223a2c
76a60fc40979b4063d480de67a287b683367d0baf7e1034b12d71268c6f23e9c
7974d187b5f44aace3ac545180c005da28b04a61669c4469789c47f5273cd84b
7d066b450783af4710895ad0fe96f76a9a0d8c42c8b41950c87adbeba6974bcc
7f84b559ad55e9433b9d1084668509b841769f7052bd8c22da12dffc46b4ae70
7f9b8d245fba3e03e30b3f64eddf44ca62f251b9876da82ea4c81107781a0ff6
7fd1e23e0402b701442062344ca63a365878b0da17af93678bd48595cd15eae8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8f4efc8e1a3527819280956282a7d2caab6dc6d66f2f3df19f64dec0b81e7439
91a16e8a6f44cc03c9407ebdc69175e8a10c5780db18fccf27e5bd360299c8a5
9842685514895256ac3c32c32e878d1fcc1fe927cdaf29f6f1e35a108d82e1c2
98add146dfaf952b6018ba597793055f7f6145252a951d231cf6381480ca188b
9edc05982381ab2889031e810fb25a7c87f5587307d4779bb9890cd36fe5189b
9f88502e7d2bb6dd74d747018ad9f073a31b9b2fa2011673966293c842a3513a
a0fb95e2b70be2d5f4decee30553b991dfd18e3ddebd8925af7b8fb406368fa4
a82ef00e733c55541beb3b07a6f3b47e8048c98d45143799043bad2610daf67a
a9357df199cf8dbe3f41d85e47ce707b1a930cf858ba1d8341f2d09ccf05f2f8
a9374de123126424cc9576c36c508f12954bb9c1da8a23d035bf8a0131f7113f
ab53c645e80cd22eff68b35d52791a3bf92c2c2e675b6ffbb3378c8a18817a61
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b80a8c5968510a6773d057e73914372457bf2e6af25f8e5674ed7d181cc87fce
b9735417b283bcb7c0b8b67f83de9a1fbd62156ae86ebec12f9c8c42802612ab
ba8fdce71e121e7ab671780e66cbb3d33bbcb35d04a0d68ec5b2f41b51b414a9
c4ed00a4c6212266b70c24db0267532045888bd70e66671455d66e77967fdb18
c6319a600ce455c97632e514c4cf2abf8c0ff8174362798324942ddd4b1f51a2
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ce31d0c9c938524ee7978fd63764bb030c365f65bfb5f1d34b2323f07bec8178
ce756cc1c32b302c1d10d4d31e6cda1a82b66f5b2c62e66e6e6eecbbbab5bb16
d4f1fcbe947745a3b1cac4aef064cc94b1f227fe9682aa10848f0b5ad14a8751
d689724dec41be15e0ba090e12a5da08cbe0e1fda3d36e69909023d7300b4ff8
d7685d961a175a9df933dc1ecc9bb703db5496c5c442961232c2c204b126fcb3
d991a0540ba302f8fb2342c367402d8b887c57af42070121ee3d614826aa6144
dbf060c555e91a539d9cb849f4aa0c656db9b0a1da32c99aafb12d7c508c6849
dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de582904fd7bf1499e50e8642266ee8c3fb54c06b7baa2f0b7ee2d969443167a
df186ee5e29b47173707c906c5e59c186cd351c7bdbe517a5c674a82e4d298d5
df37ba053762268830d5b2360df6f3451cdf9764c7ac8ec5cfe9cb88afebd5f6
df6f888b405a9c789a36510343e1b7b90004ffbc89f33c820c483ce8b9811cf9
dfac1c069c26d6d6e929d31231de45cbc67717136dd23fd44338dc3918b3f63e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fd48b066cf9049e3bef3e6932ee2e91a376a08ad6e59a3fbeb93e5393a58dd
e6cc1e6880d913f633856ab40b8d950889959afb47a3a8901f40fcd21a045a94
e82c8d0460e64a3c293371039eeb14ba88ec612662624883cc943f2e8950b336
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f568992c69d21e7f9435d7a54a47489d167f19732ced4d88508b3a729b238dc3
f7595d4988ed20897ca4558144596e07ebae703c647320b63e32ebf781538674
f95d1ce0af64eb024a1b1f6b6d18b8b2f3a198d4a2a0d02403b0a38260ff15f9
f9c1aa6d17305ec202a78ca22134ccca41cc5061a71ff6f7e0565ce0716eb20a
fad3025731a9931690015eb21c8d3c4522f96ce567fcef6e4a02495abbaff5c6
fccd2ac71f20b43dec9aabd928f67828e5f4148246a960ce4f09df788e6b0027

2281geldebakim.buzz Open in urlscan Pro 2606:4700:3031::ac43:b0a6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

147 Requests

76 %HTTPS

55 %IPv6

28 Domains

43 Subdomains

34 IPs

4 Countries

2117 kBTransfer

8592 kBSize

10 Cookies

0 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

2281geldebakim.buzz Open in urlscan Pro
2606:4700:3031::ac43:b0a6 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

76 %
HTTPS

55 %
IPv6

28
Domains

43
Subdomains

34
IPs

4
Countries

2117 kB
Transfer

8592 kB
Size

10
Cookies

147 HTTP transactions
0 data transactions