hubdrive.top Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hubdrive.in/
Effective URL:
https://hubdrive.top/
Submission Tags: falconsandbox
Submission: On February 24 via api (February 24th 2023, 6:51:43 pm UTC) from US — Scanned from DE

Summary HTTP 139 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 45 IPs in 8 countries across 34 domains to perform 139 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is hubdrive.top.
TLS certificate: Issued by GTS CA 1P5 on February 1st 2023. Valid for: 3 months.

This is the only time hubdrive.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:f13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3030::ac43:8325	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.32 99.86.4.32	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700:e2:... 2606:4700:e2::ac40:850f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:234... 2600:9000:234e:3e00:2:e529:700:93a1	16509 (AMAZON-02) (AMAZON-02)
17	185.180.12.68 185.180.12.68	60068 (CDN77 ^_^) (CDN77 ^_^)
2	143.204.89.65 143.204.89.65	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	192.0.78.218 192.0.78.218	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:802::2001	15169 (GOOGLE) (GOOGLE)
1	18.223.141.84 18.223.141.84	16509 (AMAZON-02) (AMAZON-02)
4	13.225.78.15 13.225.78.15	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:400d:803::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2006	15169 (GOOGLE) (GOOGLE)
1	18.66.122.44 18.66.122.44	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
3 4	172.217.19.98 172.217.19.98	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:400d:803::2003	15169 (GOOGLE) (GOOGLE)
4	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
1 5	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
1	2a0b:4d07:401::1 2a0b:4d07:401::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	49.12.22.42 49.12.22.42	24940 (HETZNER-AS) (HETZNER-AS)
1	18.169.231.46 18.169.231.46	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.180.230 142.250.180.230	15169 (GOOGLE) (GOOGLE)
1	18.66.147.52 18.66.147.52	16509 (AMAZON-02) (AMAZON-02)
1	18.66.15.50 18.66.15.50	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
2	18.133.166.146 18.133.166.146	16509 (AMAZON-02) (AMAZON-02)
1	89.58.19.99 89.58.19.99	() ()
139	45

1 2606:4700:3033::6815:f13 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hubdrive.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hubdrive.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:8325 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hubdrive.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)

hubdrive.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-32.fra6.r.cloudfront.net

arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:850f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7eaf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:234e:3e00:2:e529:700:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.orquideassp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net

static.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
core.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-65.fra50.r.cloudfront.net

services.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.218 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

supertruco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2001 (Ireland)

ASN15169 (GOOGLE, US)

ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.223.141.84 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-141-84.us-east-2.compute.amazonaws.com

warden.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.78.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-15.fra2.r.cloudfront.net

p.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:803::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-44.fra60.r.cloudfront.net

stats-dev.brid.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.19.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s27-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.244 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.117 (Böblingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.99.165.19 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal900028.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (France) 1 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.169.231.46 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-231-46.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.180.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-50.vie50.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.133.166.146 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-166-146.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.58.19.99 (None, )

ASN- ()

strn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 140	270 KB
19	arc.io arc.io — Cisco Umbrella Rank: 21614 static.arc.io — Cisco Umbrella Rank: 49719 core.arc.io — Cisco Umbrella Rank: 68476 tracker.arc.io Failed warden.arc.io — Cisco Umbrella Rank: 54015	971 KB
17	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 419527	241 KB
10	hubdrive.top hubdrive.top	247 KB
9	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 35870 hal900028.redintelligence.net — Cisco Umbrella Rank: 262553	261 KB
7	brid.tv services.brid.tv — Cisco Umbrella Rank: 17196 p.brid.tv — Cisco Umbrella Rank: 26344 stats-dev.brid.tv — Cisco Umbrella Rank: 20557	110 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	63 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 306 fonts.googleapis.com — Cisco Umbrella Rank: 36 imasdk.googleapis.com — Cisco Umbrella Rank: 442	155 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531	3 KB
4	orquideassp.com tags.orquideassp.com — Cisco Umbrella Rank: 114894	6 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 856	88 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 18601 api.webgains.io — Cisco Umbrella Rank: 51787	31 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	145 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	40 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 105848	6 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 195	2 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 761	12 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 339	6 KB
1	strn.pl strn.pl	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	41 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 46652	3 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 40433	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 158522	401 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 48696	629 B
1	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 49470 medialead.de Failed	592 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 132014	931 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	17 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8947	531 B
1	supertruco.com supertruco.com — Cisco Umbrella Rank: 282347	2 KB
1	hubdrive.tv 1 redirects hubdrive.tv	466 B
1	hubdrive.mx 1 redirects hubdrive.mx	473 B
1	hubdrive.in 1 redirects hubdrive.in	690 B
139	34

	Domain	Requested by
16	static.arc.io	arc.io core.arc.io static.arc.io
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com tpc.googlesyndication.com hubdrive.top googleads.g.doubleclick.net
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com www.googletagservices.com
10	hubdrive.top	hubdrive.top
9	securepubads.g.doubleclick.net	tags.orquideassp.com securepubads.g.doubleclick.net hubdrive.top www.googletagservices.com
5	hal900028.redintelligence.net	1 redirects ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com hal900028.redintelligence.net
4	hal9000.redintelligence.net	ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com hal900028.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	p.brid.tv	services.brid.tv
4	tags.orquideassp.com	hubdrive.top
4	use.fontawesome.com	hubdrive.top use.fontawesome.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com securepubads.g.doubleclick.net hubdrive.top
3	www.google-analytics.com	hubdrive.top www.google-analytics.com p.brid.tv
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	hubdrive.top securepubads.g.doubleclick.net hal900028.redintelligence.net
2	api.webgains.io	analytics.webgains.io
2	8019191.fls.doubleclick.net	1 redirects hubdrive.top
2	cdn.retailads.net	1 redirects futalis.de
2	www.gstatic.com	securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com pagead2.googlesyndication.com
2	ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net 8019191.fls.doubleclick.net
2	cdnjs.cloudflare.com	static.arc.io
2	services.brid.tv	tags.orquideassp.com services.brid.tv
2	unpkg.com	1 redirects hubdrive.top
2	cdn.jsdelivr.net	hubdrive.top
1	strn.pl	static.arc.io
1	www.googletagmanager.com	adv.office-partner.de
1	cdn.track.production.webgains.team	ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	hubdrive.top
1	futalis.de	hal900028.redintelligence.net
1	pb.media01.eu	hal900028.redintelligence.net
1	pv.medialead.de	1 redirects
1	adv.office-partner.de	hal900028.redintelligence.net
1	www.google.com	tpc.googlesyndication.com
1	stats-dev.brid.tv
1	s0.2mdn.net	imasdk.googleapis.com
1	warden.arc.io	static.arc.io
1	adservice.google.de	securepubads.g.doubleclick.net
1	imasdk.googleapis.com	services.brid.tv imasdk.googleapis.com
1	supertruco.com	hubdrive.top
1	core.arc.io	arc.io
1	ajax.googleapis.com	hubdrive.top
1	arc.io	hubdrive.top
1	hubdrive.tv	1 redirects
1	hubdrive.mx	1 redirects
1	hubdrive.in	1 redirects
0	medialead.de Failed	ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
0	tracker.arc.io Failed	static.arc.io
139	52

This site contains links to these domains. Also see Links.

Domain
orquidea.ai

Subject Issuer	Validity	Valid
*.hubdrive.top GTS CA 1P5	`2023-02-01` - `2023-05-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
arc.io Amazon RSA 2048 M02	`2023-02-21` - `2024-03-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tags.orquideassp.com Amazon	`2022-05-30` - `2023-06-28`	a year	crt.sh
static.arc.io R3	`2023-02-01` - `2023-05-02`	3 months	crt.sh
core.arc.io R3	`2023-02-01` - `2023-05-02`	3 months	crt.sh
brid.tv Amazon RSA 2048 M01	`2023-02-23` - `2024-01-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tls.automattic.com R3	`2023-01-13` - `2023-04-13`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
redintelligence.net R3	`2023-02-08` - `2023-05-09`	3 months	crt.sh
adv.office-partner.de R3	`2023-01-01` - `2023-04-01`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-20` - `2023-05-21`	a year	crt.sh
*.futalis.de R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-13`	5 months	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2022-06-17` - `2023-06-18`	a year	crt.sh
strn.pl ZeroSSL ECC Domain Secure Site CA	`2023-02-22` - `2023-05-23`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://hubdrive.top/
Frame ID: 210E91AE9D6F470987634A06A1CCC187
Requests: 62 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?13acafc
Frame ID: E7A9E85824E000B50A94887EFB47CE81
Requests: 7 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?13acafc
Frame ID: AB422A71960B8AC5A8CCB8BC74005AAE
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?13acafc
Frame ID: 4E94EB59EB6240D025EC1A5F38175B53
Requests: 9 HTTP requests in this frame

Frame: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 46CFBC5EF8E230D0D63B5162EAA23177
Requests: 1 HTTP requests in this frame

Frame: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4D9766B6D102EAF518ED308A30414BBC
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNV2DWrcUxaemNpdpAFmxYJSEgNa5-xhZp1Esy_TJe0j0LNk1huZ5joyxk2iSr3Pdcp7XgqIL33XyEKRd0So0HCBnMwNbTreIAkhLHHgpM5bj0vZWM7thAGaFYLuQ5xQS-YAO_PN5sMKjvoswy45WVthsM-OYXVk4wbnXP1TOL_BHivsi2zcQHMVgrKUtMIoTJjdZ2EC
Frame ID: E3BB06AB1625384D615107E6568E5A57
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html
Frame ID: C9AC325361B6C3F23696B94F7CDD052F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B0A5E44B66BC30C5EEBCCD7832ACAFEC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D010C30539427245FA93D2EA9C5DCD08
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsta7SGjcV1WLAqv21rvT6qUpdh2DZsuOihwjRZMgn9LcOW94cDwF5zLIcFUdLjNiX5sEN-J8JgWkR_sHDgefYh6uDv144WwxxBAR-17hF_dLlomo4S5f8a1gln1F9ba0Kxle4CGFjV7Uaqhbf0Ki5xeOAhW2QgQHy6uuAOwo6OgKCKYWaznCEQwedxX1GpsbVkSVHlf9czG0J7f8XgKIGuJaIwgSgiLDoiHa_IXnSrl675ejC0KGHCUHU_g37SahjyUWf-UXbKVTGnYWzTx2wFuN8413wuUGscHW6tRtEDZzQZ1_-kwDpvX_8NhNH-VHEUwerCysa3fJLzDGxqhoA&sai=AMfl-YSsrIPRNALVhJsRIexSbprlSRVxuiB_Vs6jUSsGVobb7qwI7_ytPlf1HR2eNoWX8HZ3qjrk0wmHVkGzYTiO68Y1CLPXbaOFoDz5vBjxlWZvcmtNzzhhhvBk5OHnYSBBeKPMFYtBeBExMRA_LVA&sig=Cg0ArKJSzEc76J8UlpfGEAE&uach_m=[UACH]&adurl=
Frame ID: 6B51789D0DD0906662C720DB2BD14DAD
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: 9ABA2AC580972D033A1062815F515BCC
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js
Frame ID: BED80B7C8CCE01AEC8DAAB810332D651
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DA1CA071B7742CD443A1BF824534395E
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 65E024E01929272E54A7916DAA2A6DAD
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48864800162527104444978012245028&actionid=981741&produktid=&dt_url=
Frame ID: 4506A3470C57F574FEDDDF11A7DB49B2
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2309070247
Frame ID: 81059E4304F940A9C65B846AFE0B188D
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMSkqfXprv0CFSkCogMdOvINDg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313829397526.6113
Frame ID: E73609CC7D682B703525B5144DACE6F9
Requests: 2 HTTP requests in this frame

Frame: https://hal900028.redintelligence.net/request_content.php?s=48864800162527104444978012245028&a=80bc7d69
Frame ID: 775C3E5F1721B47F576D84030D308D80
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HubDrive | G-Drive File Sharing Site ! Shorten your Google Drive Links.

Page URL History Show full URLs

http://hubdrive.in/ HTTP 301
https://hubdrive.mx/ HTTP 301
https://hubdrive.tv/ HTTP 301
https://hubdrive.top/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

139
Requests

93 %
HTTPS

56 %
IPv6

34
Domains

52
Subdomains

45
IPs

8
Countries

2723 kB
Transfer

7819 kB
Size

21
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://orquidea.ai/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hubdrive.in/ HTTP 301
https://hubdrive.mx/ HTTP 301
https://hubdrive.tv/ HTTP 301
https://hubdrive.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO180CYDWeHVlrLXyXMg8K4&google_cver=1

Request Chain 93

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-kHO879QH3RKVO1inaGOgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO180CYDWeHVlrLXyXMg8K4&google_cver=1

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBWctfrSocXMIZS91X6i9co&google_cver=1

Request Chain 95

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIzNzgxNTEwMzQ0NTU0MzM5MQ%3D%3D

Request Chain 114

https://hal900028.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=a69f516428&subid=&uid=fe583909a4036fea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZnQUOgf5Y_vgMayF9u8P_LqduAim5b2gab2YnKfJD_AuEAEgp461SGCVgoCAtAfIAQmpAqZezyGDs7E-qAMBqgT_AU_Q5nMOeZBIqA8pThKf4aSPlQr9QCUnarfxBI1NkO8XcYpIID8ecXCUFZ5VOzpT48nntPlWm23uIsr2tWLapT_bAUEk5Ip3rbGkDPP8AY4rDLSBdvkR3_P-aFZ2BZv9e4mv9A9LRHJl4YDjFzyesEyBXxKqnvBP6Euc_hdMZhz-MY5IuRAQyWqR-JiN_zk7UFVE8wd7tiq4c2mG6ByvI5F124TL4c8XjLy9-Ek3laqFboM-S4MtKCPNn99XN9buHVIjtSEvg--EGk2w7MjVvl1scGezis7-0Mmbyi4iVhq06dT4ILgYy_SV4vAb-D3jZKBla5RLSVvGoj_KsyWJOMAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymRy0e9oaZrDYfXex5CVbkP_3e9nNy4z3erP3VS1ucuTYHZ-ela01L3KelrpTxCeZVxBZKh4PwPen_hinoTLn4bmzSTd7ZBxgB%26sig%3DAOD64_3OgQ3l0wYH2JbQNo8k2qc5oW_NBQ%26client%3Dca-pub-2726428685015992%26dbm_c%3DAKAmf-A4CdjrgkogNAdu15ni9hi_h1oEwpnJ3mBy_sb2XifaGPUmXrPXzHgPy1L3Ygae1MwGt-9E5L_YfXNLL9mF6iQjZhJ0od-2rTgznjo2YEI_UAxSQoV_4DIMcAQF9O9ndh_9uNA-QqE3i6UpMdj01G97t6yTNPGdmneAlUMHw0jTUK3TdMg%26cry%3D1%26dbm_d%3DAKAmf-D8jvH7FFKhkmAsvuyuTXT6jwxXBW5kO7RjWVpwPc1zLIbftHBbRi7H4nLZzweKwsXmwFcC6nkiWe1nFEOQlRuAL-P_yo-QmHEv9CIhjwbaqvsyASf8akf7BpDcFpElayoKcId5fxSnv1UFn4xqTHa4w44dIgAhOXvbCw5u7plSGYBdGNxmmgAtdm_YpJCZTTf6wCx1aQgxLFkkMoMIGtObDr4HtjwN2ngiWL7a6jfOkyeYo2hER4Yq-lrKFu6DedtqSefNkp71zJCVBOyYo7ERKESQFwPPLRp9hdnR6cVqfkrkO7b21X6z93aj9NCZq-u07K4adL5UCbEiig98dKm2EJslf7czjFBac11GVgWPW8eWAdAxwxa3iulIqgMbCFmFnlSwBm38jZjf2T6G09vmw_QcGeMhxg8DWTbdzShZ0_YBle5M0qmEM0BOTxo6WxTwqYlTBEFj2o9mQxzBKvUuYItGI566E5x5QdKbm32MINsFewo%26adurl%3D&documentReferer=https%3A%2F%2Fed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fhubdrive.top&random=3669561233902&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900028.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=a69f516428&subid=&uid=fe583909a4036fea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZnQUOgf5Y_vgMayF9u8P_LqduAim5b2gab2YnKfJD_AuEAEgp461SGCVgoCAtAfIAQmpAqZezyGDs7E-qAMBqgT_AU_Q5nMOeZBIqA8pThKf4aSPlQr9QCUnarfxBI1NkO8XcYpIID8ecXCUFZ5VOzpT48nntPlWm23uIsr2tWLapT_bAUEk5Ip3rbGkDPP8AY4rDLSBdvkR3_P-aFZ2BZv9e4mv9A9LRHJl4YDjFzyesEyBXxKqnvBP6Euc_hdMZhz-MY5IuRAQyWqR-JiN_zk7UFVE8wd7tiq4c2mG6ByvI5F124TL4c8XjLy9-Ek3laqFboM-S4MtKCPNn99XN9buHVIjtSEvg--EGk2w7MjVvl1scGezis7-0Mmbyi4iVhq06dT4ILgYy_SV4vAb-D3jZKBla5RLSVvGoj_KsyWJOMAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymRy0e9oaZrDYfXex5CVbkP_3e9nNy4z3erP3VS1ucuTYHZ-ela01L3KelrpTxCeZVxBZKh4PwPen_hinoTLn4bmzSTd7ZBxgB%26sig%3DAOD64_3OgQ3l0wYH2JbQNo8k2qc5oW_NBQ%26client%3Dca-pub-2726428685015992%26dbm_c%3DAKAmf-A4CdjrgkogNAdu15ni9hi_h1oEwpnJ3mBy_sb2XifaGPUmXrPXzHgPy1L3Ygae1MwGt-9E5L_YfXNLL9mF6iQjZhJ0od-2rTgznjo2YEI_UAxSQoV_4DIMcAQF9O9ndh_9uNA-QqE3i6UpMdj01G97t6yTNPGdmneAlUMHw0jTUK3TdMg%26cry%3D1%26dbm_d%3DAKAmf-D8jvH7FFKhkmAsvuyuTXT6jwxXBW5kO7RjWVpwPc1zLIbftHBbRi7H4nLZzweKwsXmwFcC6nkiWe1nFEOQlRuAL-P_yo-QmHEv9CIhjwbaqvsyASf8akf7BpDcFpElayoKcId5fxSnv1UFn4xqTHa4w44dIgAhOXvbCw5u7plSGYBdGNxmmgAtdm_YpJCZTTf6wCx1aQgxLFkkMoMIGtObDr4HtjwN2ngiWL7a6jfOkyeYo2hER4Yq-lrKFu6DedtqSefNkp71zJCVBOyYo7ERKESQFwPPLRp9hdnR6cVqfkrkO7b21X6z93aj9NCZq-u07K4adL5UCbEiig98dKm2EJslf7czjFBac11GVgWPW8eWAdAxwxa3iulIqgMbCFmFnlSwBm38jZjf2T6G09vmw_QcGeMhxg8DWTbdzShZ0_YBle5M0qmEM0BOTxo6WxTwqYlTBEFj2o9mQxzBKvUuYItGI566E5x5QdKbm32MINsFewo%26adurl%3D&documentReferer=https%3A%2F%2Fed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fhubdrive.top&random=3669561233902&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 118

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=48864800162527104444978012245028&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48864800162527104444978012245028&actionid=981741&produktid=&dt_url=

Request Chain 119

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=48864800162527104444978012245028&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2309070247

Request Chain 121

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313829397526.6113 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMSkqfXprv0CFSkCogMdOvINDg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313829397526.6113

139 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hubdrive.top/
Redirect Chain

http://hubdrive.in/
https://hubdrive.mx/
https://hubdrive.tv/
https://hubdrive.top/

10 KB
4 KB

340ms
71ms

Document
text/html

2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49d9c74f1817bab13f3b6a9964facbd2a3db21c28efdb1044e6d10509b0b38dc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 79ea64c84b3e2c5a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 18:51:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihLyIMEz7684vVXa5MBBSRQRMouJffjJqqGbXPxosgWR8cCoD6C%2BdmRGbdQlXXNBsFLk3OXAXe1CDbHdFpaFlppaC8Sd7qcdsn83THub6IINndwVJQ8fomf3v4AIfRdS9tJ%2BjLOviiYsH28%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 79ea64c65cc49012-FRA
date: Fri, 24 Feb 2023 18:51:37 GMT
expires: Fri, 24 Feb 2023 19:51:37 GMT
location: https://hubdrive.top/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaghVXerN394M%2F1ZdAr24ejzA2UD1E6r3941%2F30Su%2FFXd3crWXa2qhwQMFIZtnb%2FlIQgQFleBckggsLogk4LyQfbGmflwAK8REVBIut6i41Ts16p%2FsysS18Hvsj7hfhIEbtQ3YSozybzgA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 clipboard.min.js Show response
cdn.jsdelivr.net/clipboard.js/1.5.12/ 10 KB
4 KB 243ms
52ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clipboard.js/1.5.12/clipboard.min.js

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 209824
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230119-FRA, cache-yyz4568-YYZ
server: cloudflare
etag: W/"2780-g62mlKGgQ7iOUNNGqfIWRxX9voo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBv%2B9kx%2BU4K%2BMQNmqVGoNH6Bor7bQ6ElJXVSkSnUsadlIi4vSxX3ZonzItk7ZW3f802%2FIdi9UjXHOkI%2Fq7KKpN03cWHjt8e%2FlzeEu4XQA0GeO3JzTfl9fUAU0J9JtXKKYuU8jzc3shTWcKC23uY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 79ea64ca09d0373f-FRA

GET
H2 200 widget.min.js Show response
arc.io/ 7 KB
3 KB 243ms
41ms Script
application/javascript 99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arc.io/widget.min.js

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-32.fra6.r.cloudfront.net

Software

Resource Hash

70f14c160387f33d521daeeeab26a64b5cf71b78efa10406600042471620a895

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:07:02 GMT
content-encoding: br
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 01 Dec 2022 19:22:44 GMT
x-amz-cf-pop: FRA6-C1
age: 2675
etag: "6388ff04-b73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=864000
content-length: 2931
x-amz-cf-id: fclBwi8I2mxof9oCzHkdYKLwIqkf4R6oixffrpxy8SRoamQdCHicrg==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 276ms
52ms Script
text/javascript 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 09:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 09:24:30 GMT

GET
H2 200 hubdrive4.min.js Show response
cdn.jsdelivr.net/gh/BadAss-King/hubdrive/ 8 KB
2 KB 51ms
47ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/BadAss-King/hubdrive/hubdrive4.min.js

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35876455baa5aee4bfb708042ab2a3c663020c92d4df5b2c1439fd540123fd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32216
x-jsd-version: master
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230079-FRA, cache-yyz4543-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"20c0-dGBYjUf3YnPvk0t+6zLJ2Lcq5Uc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bITCaM5d%2Bm72v0HmAz2yP5dWxyTg7mZaIrsHbo%2F0gBOpHUYqvj0zOKa1VGg0ZYfXA6geAeCFH86xhTNxRVHyHgm70Z4eSjrV8QQlNBctMJb3kBWvqhSieIaFdcmwBe70FzfJdJXYh2F4xYGLlLY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 79ea64cc7d7a373f-FRA

GET
H2 200 746f656c7a.js Show response
use.fontawesome.com/ 9 KB
4 KB 241ms
48ms Script
text/javascript 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/746f656c7a.js
Requested by: Host: hubdrive.top
URL: https://hubdrive.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757b9768e0c48924a1cdf690463a65d4f48b864f131da4a6e67cafc15bd66430

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3BCMN0NE4T6YGEHZ
age: 6928
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: mQJ9oy4qBlzcMIi788NkwtYdn8heydfH+BZc02bTy5tpK48EIAM0uMN2J1yiu2A+GeWvAdqLADVCb+kTnQD9IA==
last-modified: Tue, 07 Feb 2023 19:22:04 GMT
server: cloudflare
etag: W/"5064cc74c4928fbbc06ece65efb72afd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHI0BxVueOx65%2F%2BAD3pJn40uoeTdxKT5CVnWOoMS4u4FLbk2BxN4uOBRMqTIHY8WAAG0ARXxxqmPJppXW8TIcBpvkiBTGKHQ8L8btEhZEeQB0LWSYsIRyUbCwKsvoiFpU6aS7vDvWmEDEpqQ1b8%2F7MEL"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=1800
cf-ray: 79ea64ca1f752be2-FRA

GET
H2

200

sweetalert.min.js Show response
unpkg.com/sweetalert@2.1.2/dist/
Redirect Chain

https://unpkg.com/sweetalert/dist/sweetalert.min.js
https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

40 KB
12 KB

50ms
50ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2624957
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FT89TNSQAY15ZAA4FKYD0RXW
server: cloudflare
etag: W/"9f68-Kj2qvHAjLGNQq0jTJgXcSmrB8fo"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 79ea64ca6b7530f0-FRA

Redirect headers

date: Fri, 24 Feb 2023 18:51:37 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GT2BZ9ATXQWC25YRQQGEFBPW-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 300
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /sweetalert@2.1.2/dist/sweetalert.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 79ea64ca1aeb30f0-FRA

GET
H2 200 all.min.css
hubdrive.top/assets/vendor/fontawesome-free/css/ 55 KB
12 KB 157ms
151ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.top/assets/vendor/fontawesome-free/css/all.min.css
Requested by: Host: hubdrive.top
URL: https://hubdrive.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 Nov 2020 21:20:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 181030
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lO9GeQL71XZITnborhp%2BSsNDSrbW2VYRiQ5NKpDZdB2lLBMPNWjR01cQ8vCxvmcOtx8ZD8rUNx6ttrey%2FpZWQyLtRz96mZWAGEP7Q4FtGQERvl4sNrAsZhhloAop2sTHdL0KHRBs%2FvwHPuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 79ea64c97d372c5a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Mar 2023 16:34:27 GMT

GET
H2 200 sb-admin-2.css
hubdrive.top/assets/css/ 210 KB
30 KB 143ms
138ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.top/assets/css/sb-admin-2.css
Requested by: Host: hubdrive.top
URL: https://hubdrive.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf2abd4f78e157af7edeba86bb54eb73d623347b8eb2d643e63bb3c430f8a907

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 07 Jan 2023 22:51:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 181030
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4cBX0yBlao0rlNduqi3oi4DSFRWIxSn3PQuuLTxfkghwoIu%2FNAVowuxoGjvEfIGxwqyWrlGoc%2FE7iPGkV%2FnxsB5bNH%2BcI7fIAtPGxVo6V2CXRcrybN5jF3ttyNhoud1yiowT8nJeRpxwofg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 79ea64c97d392c5a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Mar 2023 16:34:27 GMT

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 295ms
75ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4aed2b077fb16b8450e7247d0bd9bace9d177bbc01058a2e8973b4169ea31c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Feb 2023 18:51:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 16:55:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Feb 2023 18:51:37 GMT

GET
H2 200 14001 Show response
tags.orquideassp.com/tag/ 248 B
729 B 286ms
63ms Script
text/javascript 2600:9000:234e:3e00:2:e529:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.orquideassp.com/tag/14001

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:234e:3e00:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

00e7751397a60c6912a7a3715cf3bd6ede60fc1ed95ee0c90c5d5e0e37eec1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Fri, 24 Feb 2023 18:00:07 GMT
x-content-type-options: nosniff
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
age: 3090
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 248
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"f8-KMmuLIBEmIrhYBCIVUCxtPnCL+E"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: TFnxG213PAzNnyIUSkkbokX4b6iGW_OBVjYJGLNsFJhoMjUXG255EA==

GET
H2 200 14014 Show response
tags.orquideassp.com/tag/ 993 B
1 KB 286ms
64ms Script
text/javascript 2600:9000:234e:3e00:2:e529:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.orquideassp.com/tag/14014

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:234e:3e00:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

b853b541d9f3a9de9bf1ecb3fad3dcea55d567b1f59222a27221e1ce347dd430

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Fri, 24 Feb 2023 18:00:07 GMT
x-content-type-options: nosniff
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
age: 3090
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 993
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"3e1-7046jcL19gT7jqPz2NuHjVJKylM"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: WE9z1ZMJ8MZ_Tvv9n7AriVVU7hHfk-jIRfMJqEj68sJqiHUbMJygOA==

GET
H3 200 HubDrive-NewLogo.png
hubdrive.top/assets/img/ 12 KB
13 KB 53ms
50ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hubdrive.top/assets/img/HubDrive-NewLogo.png
Requested by: Host: hubdrive.top
URL: https://hubdrive.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1664d91ecac81370ecbbe5f5ae6297a1a5e6c80e8cc5b51ff934ee2bf47f51f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 177140
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12781
last-modified: Sun, 21 Nov 2021 17:36:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kw76OZ%2FpmOacjYhpO%2BMPXUWcB63B0IA1DvSKcAaPewtddI%2Fnlgl3UgMMJE3YNqc6NBe0xZ0kMFLPQRxH7iZ8zpqNuqvyzRhdTcz7pjXk35Cincq4Y2ZOnICq1ejUZhtPnh28%2Bx8RwclYvc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 79ea64cc7ce1373d-FRA
expires: Wed, 01 Mar 2023 17:39:18 GMT

GET
H3 200 neo2.png
hubdrive.top/assets/img/ 81 KB
82 KB 129ms
126ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hubdrive.top/assets/img/neo2.png
Requested by: Host: hubdrive.top
URL: https://hubdrive.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56e39e1784c4964af570a91d05c26ba56fdfda270588db4fcc284d6acb720760

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 349820
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 82926
last-modified: Sat, 14 Nov 2020 21:20:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sa1Gt8k0%2BaEnbqIdOJa1TjrpKsgcMkZQoEDFB577Uw0SrmXjtqQizXjOcwWv9YbHb4hsbvmNz%2FadJejklj9ukKvQslF2AFX%2BU5yFO38Y%2FvFA%2FRa0g9Ar5%2B35A8VFulWGr5mJcIZXFc5RkL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 79ea64cc7ce2373d-FRA
expires: Mon, 27 Feb 2023 17:41:18 GMT

GET
H3 200 google-sign-in.png
hubdrive.top/assets/img/ 7 KB
7 KB 180ms
177ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hubdrive.top/assets/img/google-sign-in.png
Requested by: Host: hubdrive.top
URL: https://hubdrive.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b349674b658ecfa432c71981f4fb39325d943b1a3470c2811ea0b838cb899d4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 349819
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7027
last-modified: Sun, 21 Nov 2021 17:36:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcFfmxzHWrrX5Rcg%2FSQXVgNT%2Fyjvq95kgQsPrii5OaqBgBvHz3GTAXQzs8RhgLlIn%2BstfpCq%2FXf%2FOYPfVlxMYh%2BvyxhZfcOqu7wJz5sYFIDNps12uysirmEHmooMIBVftJqKFjsnZcz6yig%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 79ea64cc7ce3373d-FRA
expires: Mon, 27 Feb 2023 17:41:19 GMT

GET
H2 200 14005 Show response
tags.orquideassp.com/tag/ 824 B
1 KB 63ms
63ms Script
text/javascript 2600:9000:234e:3e00:2:e529:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.orquideassp.com/tag/14005

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:234e:3e00:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

808f8735b3d41a8f14c1a2f6ff7186ef83238aedb40c703ebe5f96c546e04c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Fri, 24 Feb 2023 18:00:08 GMT
x-content-type-options: nosniff
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
age: 3090
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 824
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"338-IAqw3JurNRnKjxbxN/W1SG9+uVI"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: bcX_EgHUhThbcjBsV5ug_OJYTk06kWfrRGWiwqkWldBIrBep0tQKGw==

GET
H2 200 14013 Show response
tags.orquideassp.com/tag/ 3 KB
3 KB 67ms
63ms Script
text/javascript 2600:9000:234e:3e00:2:e529:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.orquideassp.com/tag/14013

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:234e:3e00:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

0caa7bfd2e4c73c0b4eaaf29dedf315bfad12fd29f5d82c06ac2e6f4f634b7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Fri, 24 Feb 2023 18:03:48 GMT
x-content-type-options: nosniff
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
age: 2870
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
content-length: 2662
x-xss-protection: 1; mode=block
server: nginx/1.16.1
etag: W/"a66-pcRNozfoleDvPIkBJXzSlvV9UXY"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: 40ZBpSEtAIuWGtqLm1MWSAiEm7QVvuKZPTg9hzkmrt3ObgpTUkQ_aQ==

GET
H3 200 bootstrap.bundle.min.js Show response
hubdrive.top/assets/vendor/bootstrap/js/ 77 KB
23 KB 91ms
87ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.top/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
Requested by: Host: hubdrive.top
URL: https://hubdrive.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 Nov 2020 21:20:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 182988
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsLGdz5%2F%2BH3K6E7Z0lRKl%2B9Cqlmefbp0u2HsoyRlaeXQymKVfp0hyTvn5itJLaEiDNSD56G9r8TK6LZ885kJmIl6wJQitBe%2B0aApLjg4Z0j8Impz4MJTfdKWRG1yqElaXVkIl8ssz9s7sL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 79ea64cc7cd6373d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Mar 2023 16:01:50 GMT

GET
H3 200 jquery.easing.min.js Show response
hubdrive.top/assets/vendor/jquery-easing/ 2 KB
1 KB 51ms
47ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.top/assets/vendor/jquery-easing/jquery.easing.min.js
Requested by: Host: hubdrive.top
URL: https://hubdrive.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 Nov 2020 21:20:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 182987
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KqtFMmtC08UnjdT3JBKuLi360Ctd31x1YXEmar4F7%2FensvmE24u4kUkcbyzcW2efmRuzoRjn%2BjikCoI6Eyb%2FpqrlED7M6LHVI6p7Hq02vpm4ufJbv3fruJZW9q9vaR5zihxp55NxSPID6QU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 79ea64cc7cd9373d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Mar 2023 16:01:51 GMT

GET
H3 200 sb-admin-2.min.js Show response
hubdrive.top/assets/js/ 1 KB
1 KB 171ms
167ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.top/assets/js/sb-admin-2.min.js
Requested by: Host: hubdrive.top
URL: https://hubdrive.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b427d8f35f62c5248275f275507fcff1f57dfcf743d9a95d12083a4ded0768e5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 14 Nov 2020 21:20:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 182987
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ashsEbGiAVJ4Qip8G6fL%2FSELi4ZxIBToVby6CGTYJHYitONkV3dGXD2lQm%2BGNPnGCLo%2FIuaD%2Fhyca%2FQ8SMYk4x029PmsWep8pun6%2FPl4UT61XOK4%2Bu%2BL0YS1vXe4tqFhOX2m0coXlkak05k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 79ea64cc7cde373d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 01 Mar 2023 16:01:51 GMT

GET
H2 200 core.js Show response
static.arc.io/widget/js/ 310 KB
104 KB 242ms
47ms Script
text/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/core.js?13acafc
Requested by: Host: arc.io
URL: https://arc.io/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: e31cc671675cb43aed360a6f90c66fd21bcbf634d96864dc1ee65a1e7abac232

Request headers

Referer
Origin: https://hubdrive.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: EPG3AVZ8J47RRZFK
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/11/2023 19:24:49
cdn-pullzone: 786569
x-amz-id-2: 95P8Hf7pAi9WyuiSQ2k9Dr25h6mx8E9G0WcC4VnVxz1bXDS77fubIaHBjU46ukVE+0EtJlbMo64=
last-modified: Thu, 01 Dec 2022 19:23:02 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"88d7bf3a29e19b09811106cde2c97e98"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 67f81bec19a4b2881b6c29a0d4e75733
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 broker.html Show response
core.arc.io/ Frame E7A9 2 KB
1 KB 243ms
90ms Document
text/html 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://core.arc.io/broker.html?13acafc

Requested by

Host: arc.io
URL: https://arc.io/widget.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-731.bunnyinfra.net

Software

BunnyCDN-AT1-731 /

Resource Hash

0b0ccab5c33b6a68fdde04836a4c4ea787c32a69915bfe75e906f15cb67f7b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=2592000
cdn-cache: HIT
cdn-cachedat: 02/11/2023 19:24:49
cdn-edgestorageid: 731
cdn-proxyver: 1.03
cdn-pullzone: 786568
cdn-requestcountrycode: DE
cdn-requestid: 66d623b7f943f7be1031ce18aba17801
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-status: 200
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
content-encoding: br
content-type: text/html
date: Fri, 24 Feb 2023 18:51:38 GMT
etag: W/"61e89f9d-612"
expires: Mon, 13 Mar 2023 19:24:49 GMT
last-modified: Wed, 19 Jan 2022 23:32:45 GMT
server: BunnyCDN-AT1-731
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding

GET
H2 200 746f656c7a.css
use.fontawesome.com/ 1 KB
790 B 50ms
49ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/746f656c7a.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/746f656c7a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e3737c1cbde4b54f6c8b42fcb3448200d1321b3b514684fcff6411f7e93c63d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: SNCSPVJJ22GN8HC3
age: 3274
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: nkFwSfR5EYg9A/GBLpKmi0x6Iwl9y5e/hJ26frwu58rBHAmFkHagpnJBRI8WWKnPT6UgzNW2H58=
last-modified: Tue, 07 Feb 2023 19:22:04 GMT
server: cloudflare
etag: W/"7f642d48d16b59af74ffbd2c54362a45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ex0IlmIHw0PyTYQSlIxIsn0amaibo%2BLG2QfeiyV00jtvFuT06xjKGdxh3MElD4yerUepJULAGJ67HAobMjJgh1uOTgq69xBimli7ZKxlVwnx%2FFmE9g9onweDqHK6VR8FO15dbl4Qky%2BG5c%2BYhZDTGqGh"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1800
cf-ray: 79ea64cb09972be2-FRA

GET
H2 200 brid.outstream.min.js Show response
services.brid.tv/player/build/ 175 KB
49 KB 166ms
46ms Script
application/javascript 143.204.89.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/player/build/brid.outstream.min.js
Requested by: Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/14001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-65.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e6c1daf6282bfed80fd596538602f5acb173a18c5e10284d13fce2a3db05b53

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 24 Feb 2023 18:34:05 GMT
content-encoding: br
via: 1.1 a394c864b23364262af48fed4e7e9fac.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 11:52:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 1054
x-amz-server-side-encryption: AES256
etag: W/"645aac2527833d1c6765260b576226de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1200, public
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8AqLuXHrjRqccbiWfMLP0vXGEifdG5_fO3ec5hF9gnHQztHP5YGcLg==

GET
H3 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
7 KB 51ms
51ms Stylesheet
text/css 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/746f656c7a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XR8P559ZYEVRVVKG
age: 725763
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 0pIjxtsYxwyF3r2K2xyIm9aNsx5w0jq9uwnYiZN70ZQymW5HRYiemTCMotwdMtqtyqxzVO3YRAA=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfzACPsPjzTCrwvZ7crVgyuQXcs7%2FRLP8U%2FSCCg4Tvw%2FjMLfu5UvVnl6WK%2Fb2sW65LQrpLlM4lyKfRAMQOQWKO3bwXQK2Ab8McETkWRGfvT%2BzKlfT4fJRMYJyyl3q8qiWpuqzWDnV%2F6%2FS4prIZMki12s"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 79ea64cb5fbf8ff8-FRA

GET
H3 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 94ms
51ms Font
application/font-woff2 2606:4700:e2::ac40:850f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/746f656c7a.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:850f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://use.fontawesome.com/746f656c7a.css
Origin: https://hubdrive.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: HK5SRMMFG7KNBXNX
age: 1466800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
x-amz-id-2: Wj5isfRT3TyO9lO3H4qd+5gpLF47vePRMzHnPif4pg+7cHLq+6lwgHsHOzmk5QyYoXfufzanT0E=
last-modified: Wed, 30 Jun 2021 15:26:48 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXgj0cawJWauElM431LsND%2FAmcxJzX7Y8YCDDaXpTd9Y%2BeRngD2%2B8N1PnnBcb3lgUiQmz3%2BvmiA6Ng8qyXBp%2FY%2Ftc91wQfPiprUJyL3%2FGxPgUosGCqRUiSSuM%2FF%2Ft%2F50ZChfTzk5%2FP6INO2ZsaOnQcf%2F"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 79ea64cc2cac2bc9-FRA

GET
H2 200 broker.b281d075.js Show response
static.arc.io/broker/js/ Frame E7A9 24 KB
10 KB 69ms
68ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/broker.b281d075.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?13acafc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: 187a5e0bc9badf1f52db4ac8a96a470b7abfc7a57b06b2037039137b281fcf00

Request headers

Referer: https://core.arc.io/
Origin: https://core.arc.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: EPG8M4RP30CATKYC
cdn-cachedat: 02/11/2023 19:24:49
cdn-pullzone: 786569
x-amz-id-2: 28zhZzj34PKspU/NHFsDFpGhVJIJJtW8nBCthpxpUOAld/ZcCDEavnsn7mblzZzonrfXtrfmzQM=
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"8c5f6da1d62d33cc4c32a8ce63be2bf6"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: d14b6d3cdfe6fcc0701578355156508a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 chunk-vendors.5e1d8045.js Show response
static.arc.io/broker/js/ Frame E7A9 49 KB
20 KB 68ms
67ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/chunk-vendors.5e1d8045.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?13acafc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: 3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0

Request headers

Referer: https://core.arc.io/
Origin: https://core.arc.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: EPG7FTEZSJAHNDKV
cdn-cachedat: 02/11/2023 19:24:49
cdn-pullzone: 786569
x-amz-id-2: wyyVXnpEqEfGd56qWCPOAjAR+u1BHcu4Q2dnZYIS1UYmRVp872uDqSjFRWl3Dn8Mc9K6kdCV0HI=
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"7baaa27cb0e1201fe90ecc5efca8fbcf"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 063d79bc3a8654cffde70e6f29c0dd34
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame E7A9 0
5 KB 134ms
44ms Other
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?13acafc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: EPGEW37JJYQ662KA
cdn-cachedat: 02/11/2023 19:24:49
cdn-pullzone: 786569
x-amz-id-2: uDgJxcLXzr4jtY3y5m9nXqmZ5+eYo/eU48aCHQ7lGPyT40D7Jn40t00bRhrmizkRRM4vlSR/5fk=
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"7fd8734437dbdc553c3513d10d0c0a97"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: e99ef4bedab59af6538e4884d48071f5
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame E7A9 0
16 KB 147ms
57ms Other
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?13acafc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: EPGEBNVJ6WDERDHX
cdn-cachedat: 02/11/2023 19:24:50
cdn-pullzone: 786569
x-amz-id-2: qiojBTKFERJJqa5OXWdfYMMU/GCNtiKJidfHz4wdv7nskkl2FjmNQVEEiIjRQsOvOFPfd2sM1DE=
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 0072ce05470631ecea648ff8cd495069
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
BLOB 206
Partial Content 154b9599-bd70-4ea6-8572-b354bf724872
https://hubdrive.top/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://hubdrive.top/154b9599-bd70-4ea6-8572-b354bf724872
Requested by: Host: hubdrive.top
URL: https://hubdrive.top/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 144ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/14014

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b8514c85c13a143e983c709b2f011704416baf80c4afc94e687438143852ce5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26502
x-xss-protection: 0
server: sffe
etag: "1492 / 986 of 1000 / last-modified: 1677240773"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Feb 2023 18:51:38 GMT

GET
H3 200 fa-solid-900.woff2
hubdrive.top/assets/vendor/fontawesome-free/webfonts/ 74 KB
74 KB 203ms
200ms Font
font/woff2 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hubdrive.top/assets/vendor/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: hubdrive.top
URL: https://hubdrive.top/assets/vendor/fontawesome-free/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

Referer: https://hubdrive.top/assets/vendor/fontawesome-free/css/all.min.css
Origin: https://hubdrive.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 182987
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75408
last-modified: Sat, 14 Nov 2020 21:20:04 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a67NKmCFHFXqjZYaxnmFgpKkiHEVB1jR%2FEkh2qGKPpZEgA6%2FEA5c8BOYdmoWKK%2FWL73GiRu%2BFXU793gIo8KRnlXFYQxZ9seh8c7%2BRbahENc2IzNQff2sp%2Fu10Q%2BTq75tfA6DFC01i59p1NY%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 79ea64cc7ce5373d-FRA
expires: Wed, 01 Mar 2023 16:01:51 GMT

GET
H2 200 XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 35 KB
36 KB 182ms
54ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito:200,200i,300,300i,400,400i,600,600i,700,700i,800,800i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hubdrive.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 10:08:47 GMT
x-content-type-options: nosniff
age: 31371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35904
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 10:08:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 179ms
53ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 17:12:19 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5959
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 24 Feb 2023 19:12:19 GMT

GET
H2 200 icon.svg
supertruco.com/ 4 KB
2 KB 158ms
40ms Image
image/svg+xml 192.0.78.218
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://supertruco.com/icon.svg

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.218 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6500f7835a2323775cb4c894af2f8c7506ab6266809823cd23c1de35e6b63e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 30 Aug 2022 14:43:20 GMT
server: nginx
x-ac: 2.hhn _atomic_ams HIT
etag: W/"630e2208-102b"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
expires: Tue, 27 Dec 2022 20:26:34 GMT

GET
H2 200 vendors~widget-ui.js Show response
static.arc.io/widget/js/ 94 KB
34 KB 55ms
54ms Script
text/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?13acafc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: 84f8061a68058b0dd35d1c7c2bd4b475e6ab38d4374dc9f8394257be457570cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: 2WCDCC4B68TX2GFK
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/11/2023 19:24:50
cdn-pullzone: 786569
x-amz-id-2: G90E9JxePCtuVhyhDu3ZJfr9GyzHXAO9BiQchoFaWbZSkhKNch0D8gNMEZEe9h9DRXSiTwGXzE0=
last-modified: Thu, 01 Dec 2022 19:23:02 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"5f5181a44cab6b9ccdc03f0d9f46e177"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: efb6fcff23c439056e6cca79bd9e2f84
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget.css
static.arc.io/widget/css/ 85 KB
9 KB 103ms
103ms Stylesheet
text/css 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?13acafc
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?13acafc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: 2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: 2WC4N2HN1MM4X057
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/11/2023 19:24:50
cdn-pullzone: 786569
x-amz-id-2: bBgPLjluDpEezNkUMa2PNQmRpevLq9DZqAPtYD/RLWdzebJvEvymLPUytQ9gfRGV/45aQTVB8Bo=
last-modified: Thu, 01 Dec 2022 19:23:02 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"ce66dd39d9339eebd65264a9ecc334be"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: e5952ff24595ada4dce751663b1a6e74
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget-ui.js Show response
static.arc.io/widget/js/ 40 KB
14 KB 105ms
104ms Script
text/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-ui.js?7a51e653
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?13acafc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: 14016a27eca88d4b5b320dcb1f367a04ea01430620f391b627c6ae0f950cfdb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: 2WC62WXEQA6CH67R
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/11/2023 19:24:50
cdn-pullzone: 786569
x-amz-id-2: gelslLC8xQLnjLYw595qndScWnVVJRjJM/dXzGHMtlXCfPNgF67DXEpomVFamfoXa6K8lR0KxuQ=
last-modified: Thu, 01 Dec 2022 19:23:02 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"7b9dc001ae1d02594045f630c0c9760a"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 98d4b4a02660bef550db39c5e1a78e62
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 lazy-modules.a169b1ec.js Show response
static.arc.io/broker/js/ Frame E7A9 45 KB
16 KB 94ms
94ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.b281d075.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: 45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: EPGEBNVJ6WDERDHX
cdn-cachedat: 02/11/2023 19:24:50
cdn-pullzone: 786569
x-amz-id-2: qiojBTKFERJJqa5OXWdfYMMU/GCNtiKJidfHz4wdv7nskkl2FjmNQVEEiIjRQsOvOFPfd2sM1DE=
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 6c6144758eaba116e7916bc47d00c011
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pubads_impl_2023021601.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 16:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132097
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 09:35:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 24 Feb 2024 16:05:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 34 B
62 B 158ms
77ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hubdrive.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

06706ec8e308c99ab1bad24724e943392c6d3dde64739b72525ef8dd11bd007a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38
x-xss-protection: 0
expires: Fri, 24 Feb 2023 18:51:38 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
206 B 73ms
73ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1963156750&t=pageview&_s=1&dl=https%3A%2F%2Fhubdrive.top%2F&ul=en-us&de=UTF-8&dt=HubDrive%20%7C%20G-Drive%20File%20Sharing%20Site%20!%20Shorten%20your%20Google%20Drive%20Links.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1528249554&gjid=2068884394&cid=970710960.1677264699&tid=UA-89947843-11&_gid=1262903268.1677264699&_r=1&_slc=1&z=237416557

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:51:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hubdrive.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 361 KB
121 KB 213ms
89ms Script
text/javascript 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8dc4d387c4e74a24ffeacb473c5cec08143808458cc0dd8efa153608af4f66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123572
x-xss-protection: 0
expires: Fri, 24 Feb 2023 18:51:38 GMT

GET
H3 200 23054.json Show response
services.brid.tv/services/unit/ 2 KB
1 KB 265ms
221ms XHR
application/json 143.204.89.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.brid.tv/services/unit/23054.json
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 143.204.89.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-65.fra50.r.cloudfront.net
Software: Apache /
Resource Hash: 4c462292adc4a0ab7b7915a3e85c2de4915150ba94d8ce8ceef3938af1009fc7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: vQQzW37zpob22EDZkDRkPXOg9PPTO4l3clw4ySkz1Fmn41XBlgb-1Q==
access-control-allow-headers: origin, x-requested-with, content-type, accept
x-served-by: i-0f06ac4b0f60bc9f8

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame AB42 85 KB
9 KB 45ms
44ms Stylesheet
text/css 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?13acafc
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?7a51e653
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: 2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: 2WC4N2HN1MM4X057
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/11/2023 19:24:50
cdn-pullzone: 786569
x-amz-id-2: bBgPLjluDpEezNkUMa2PNQmRpevLq9DZqAPtYD/RLWdzebJvEvymLPUytQ9gfRGV/45aQTVB8Bo=
last-modified: Thu, 01 Dec 2022 19:23:02 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"ce66dd39d9339eebd65264a9ecc334be"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 664feb3a2e2e7046d87e2cd822e58f20
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame AB42 2 KB
930 B 135ms
53ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?7a51e653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2493885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 631
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jZpghItmRl1tSAB27R%2BdHiYD6WP61Lw1Q%2BequBrzqF8uRDbD%2FdKePiZT2Um91eRCu%2BBrS%2FpLHSqt0zu30KFxP%2BjLoSwnlBv8ZpEOi5wjVzKMhvPxTncA0doLw6JXbOJaDkdAkNDV0v3n%2FKxU7ABfREer"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79ea64cf9e402be8-FRA
expires: Wed, 14 Feb 2024 18:51:38 GMT

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame 4E94 85 KB
9 KB 45ms
44ms Stylesheet
text/css 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?13acafc
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?7a51e653
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: 2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: 2WC4N2HN1MM4X057
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/11/2023 19:24:50
cdn-pullzone: 786569
x-amz-id-2: bBgPLjluDpEezNkUMa2PNQmRpevLq9DZqAPtYD/RLWdzebJvEvymLPUytQ9gfRGV/45aQTVB8Bo=
last-modified: Thu, 01 Dec 2022 19:23:02 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"ce66dd39d9339eebd65264a9ecc334be"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: a6e9fd7d8f8c9ea730a551a97ce87586
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 4E94 2 KB
1 KB 123ms
49ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?7a51e653

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2493885
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 631
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPpIT17Mwk39ff0aYsqL4s6z6tlU%2B4CwsS3vxAcu%2BVYA5ZNRTO27EN8DoiCHgrRs1YpXOhyV3PnZ4baXtISYs74%2BznExbzPxZNYURMO5VZua8Dg0Txrlv6ZUEyFbJ%2FNAtXIXfjkZTdaVPpkBNou5fdbA"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79ea64cf9e422be8-FRA
expires: Wed, 14 Feb 2024 18:51:38 GMT

GET
DATA 200
OK truncated
/ Frame AB42 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4E94 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4E94 277 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4E94 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4E94 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4E94 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4E94 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4E94 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 221ms
74ms Script
application/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hubdrive.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 241ms
78ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hubdrive.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 101 KB
31 KB 658ms
658ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1448012080106382&correlator=4005214023425030&eid=31071362%2C31072563%2C31068367%2C21065724&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fifs&iu_parts=211182487%3A22682615507%2Cwww.hubdrive.cc_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3363960766&sfv=1-0-40&ists=1&fas=8&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.top&abxe=1&dt=1677264698750&dlt=1677264697713&idt=959&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fhubdrive.cc%2F&loc=https%3A%2F%2Fhubdrive.top%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=970710960.1677264699&ga_sid=1677264699&ga_hid=1963156750&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f9a80d3854b816aac35297f46d9df4573787ed1b3118903376aee41b616b89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31363
x-xss-protection: 0
google-lineitem-id: 5786376946
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138398424404
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 332ms
331ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1448012080106382&correlator=4005214023425030&eid=31071362%2C31072563%2C31068367%2C21065724&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fifs&iu_parts=211182487%3A22682615507%2Cwww.hubdrive.cc_Display300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=2&adks=3006782981&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.top&abxe=1&dt=1677264698755&dlt=1677264697713&idt=959&adxs=702&adys=864&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fhubdrive.cc%2F&loc=https%3A%2F%2Fhubdrive.top%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=4&ohw=1496&ga_vid=970710960.1677264699&ga_sid=1677264699&ga_hid=1963156750&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6ef0931a6ba9321f7c669d873d874d7d59fa96439c2efb43aa495fe78e46259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7730
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 51 KB
20 KB 521ms
520ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1448012080106382&correlator=4005214023425030&eid=31071362%2C31072563%2C31068367%2C21065724&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fifs&iu_parts=211182487%3A22682615507%2Cwww.hubdrive.cc_Footer_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=776293167&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&cdm=hubdrive.top&abxe=1&dt=1677264698759&dlt=1677264697713&idt=959&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fhubdrive.cc%2F&loc=https%3A%2F%2Fhubdrive.top%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1496&ga_vid=970710960.1677264699&ga_sid=1677264699&ga_hid=1963156750&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e197dab0246803326666304195c7b55603a2112f5d19a355cd7f98ca01fb0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20346
x-xss-protection: 0
google-lineitem-id: 5786376946
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138397935384
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hubdrive.top
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 243ms
97ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

688b457b3eeb502791cfc50b739323fe89aae3699ab56fabbf6ad2490deee338

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11286
x-xss-protection: 0

GET
H2 200 container.html Show response
ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 46CF 6 KB
3 KB 291ms
85ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 18:51:39 GMT
expires: Sat, 24 Feb 2024 18:51:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2023021601.js Show response
securepubads.g.doubleclick.net/gpt/ 37 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023021601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcbdc607d96d0e270c95c1d24daf1fb64fb62a5e5f45ecb0972b2b68645e594c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 11:55:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13785
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 09:35:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Feb 2024 11:55:05 GMT

GET /
tracker.arc.io/ 0
0

POST
H2 204 LWyvF4YEPH73rAngyMLQby
warden.arc.io/mailbox/nodes/ 0
0 427ms
128ms Fetch 18.223.141.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://warden.arc.io/mailbox/nodes/LWyvF4YEPH73rAngyMLQby

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?13acafc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.223.141.84 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-223-141-84.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 24 Feb 2023 18:51:39 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"

GET
H2 200 brid.oscontrols.min.js Show response
p.brid.tv/player/build/plugins/oscontrols/1.0.6/ 27 KB
8 KB 161ms
43ms Script
application/javascript 13.225.78.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/oscontrols/1.0.6/brid.oscontrols.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-15.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd426bc6bb6ea8bd48d050e688920f0702efa630e4828aff860dcfb9cd06fdb8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 20:06:16 GMT
content-encoding: gzip
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 07 Feb 2023 18:11:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 81924
x-amz-server-side-encryption: AES256
etag: W/"0dccae6429d937397497d0f2e1e83b29"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public, immutable
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: iRHELsfbKpXs4RJi3dk2CPIFEitHQCs0uX_PuRWBTAVpDX8XTD7H7A==

GET
H2 200 brid.gima.min.js Show response
p.brid.tv/player/build/plugins/gima/1.1.80/ 101 KB
26 KB 166ms
49ms Script
application/javascript 13.225.78.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/gima/1.1.80/brid.gima.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-15.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 966f25f3d475693e6b8f5dc579c9533d66fa139aec7301ae73b15cd13a36346b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 08:50:06 GMT
content-encoding: br
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 08:50:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 36094
x-amz-server-side-encryption: AES256
etag: W/"710270b572488a242b79e42791204b81"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public, immutable
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -qSBglkvYVV4XZfvQ_QGQJqjaYbhxLrdN8QjqJ6uSWEVpCblNQo9eQ==

GET
H2 200 brid.googleanalytics.min.js Show response
p.brid.tv/player/build/plugins/googleanalytics/2.0.2/ 18 KB
3 KB 194ms
78ms Script
application/javascript 13.225.78.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/googleanalytics/2.0.2/brid.googleanalytics.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-15.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c13379cb86fcf8bd8d913c0be2c98a7fd5ea7a6c110ca1a44f4595876112830

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:31:44 GMT
content-encoding: br
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 07 Feb 2023 18:11:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 1198
x-amz-server-side-encryption: AES256
etag: W/"6d297a8ed446d5968a9403f27cf70995"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public, immutable
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Ne-WJj6C0CCyOJ6Tn2fx6oHg5besnl2KB45FyG95icitpV5II_Y_ww==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 244ms
105ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 18:51:39 GMT

GET
H2 200 container.html Show response
ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4D97 6 KB
3 KB 54ms
53ms Document
text/html 2a00:1450:400d:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 18:51:39 GMT
expires: Sat, 24 Feb 2024 18:51:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E3BB 624 B
825 B 217ms
88ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNV2DWrcUxaemNpdpAFmxYJSEgNa5-xhZp1Esy_TJe0j0LNk1huZ5joyxk2iSr3Pdcp7XgqIL33XyEKRd0So0HCBnMwNbTreIAkhLHHgpM5bj0vZWM7thAGaFYLuQ5xQS-YAO_PN5sMKjvoswy45WVthsM-OYXVk4wbnXP1TOL_BHivsi2zcQHMVgrKUtMIoTJjdZ2EC

Requested by

Host: ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
URL: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 18:51:39 GMT
expires: Fri, 24 Feb 2023 18:51:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4D97 78 KB
27 KB 206ms
97ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
URL: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 18:51:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D97 42 B
63 B 193ms
84ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5mes6jEpjrEJ3A6k4dNWSkFE1LZOvVsnK6LtsvuexeSve_xplcEdFXakMg03Y9_xzLelmhOuk6hnQkKAyltf_-GoOdTMQS1A9_-2Jf5tKrQi0Qgw

Requested by

Host: ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
URL: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:51:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D97 0
20 B 194ms
85ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14624480727850708441&x=1&ct=77

Requested by

Host: ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
URL: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:51:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 4D97 3 KB
1 KB 60ms
59ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
URL: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:28:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 11:28:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 4D97 20 KB
8 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
URL: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:28:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 11:28:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4D97 158 KB
49 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
URL: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 18:51:39 GMT

GET
H2 200 brid.parser.min.js Show response
p.brid.tv/player/build/plugins/parser/1.1.64/ 83 KB
23 KB 46ms
45ms Script
application/javascript 13.225.78.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.brid.tv/player/build/plugins/parser/1.1.64/brid.parser.min.js
Requested by: Host: services.brid.tv
URL: https://services.brid.tv/player/build/brid.outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-15.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1cb27401b4d6a2d21f3bd3304f9855c43e3467887d2d8e89aacf5e9aeb386f7c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:07:19 GMT
content-encoding: br
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified: Tue, 07 Feb 2023 18:11:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 45861
x-amz-server-side-encryption: AES256
etag: W/"24c1e97967fbbadcf4830114d05be120"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public, immutable
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: cd4pe-Ojbay2ipgGUtA37XklgecSuXkLTM8zP1vwRxzOZJjhYgnqHg==

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
53ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: p.brid.tv
URL: https://p.brid.tv/player/build/plugins/googleanalytics/2.0.2/brid.googleanalytics.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 17:12:19 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5960
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 24 Feb 2023 19:12:19 GMT

GET bridge3.557.0_en.html
imasdk.googleapis.com/js/core/ Frame C9AC 0
0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 230ms
86ms Script
text/javascript 2a00:1450:400d:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Feb 2023 18:51:39 GMT

GET
H2 200 ping.gif
stats-dev.brid.tv/ 0
364 B 156ms
40ms Image
image/gif 18.66.122.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats-dev.brid.tv/ping.gif?p=17595&pr=o&dp=d&b=c&pid=23054&s=100|50&apa=1&df=0&os=w&m=0&ow=18643&e=l&v=o.1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-44.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 06:31:06 GMT
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 09:25:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 44434
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 0
x-amz-cf-id: k_AEu8EE4KifuEVP9gMjrFcewnE2VfSVZxwC_mDHRjzoFelJNV8_kQ==

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B0A5 13 KB
5 KB 57ms
52ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 11:28:47 GMT
expires: Sat, 24 Feb 2024 11:28:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D010 783 B
1 KB 205ms
75ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6c6c42440fabb852780124ba82a424e98cdac178d484a4591bf0a3291fe732b7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tte1PG7uK2SGtnijd15N3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Tte1PG7uK2SGtnijd15N3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 18:51:39 GMT
expires: Fri, 24 Feb 2023 18:51:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B51 0
0 85ms
85ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsta7SGjcV1WLAqv21rvT6qUpdh2DZsuOihwjRZMgn9LcOW94cDwF5zLIcFUdLjNiX5sEN-J8JgWkR_sHDgefYh6uDv144WwxxBAR-17hF_dLlomo4S5f8a1gln1F9ba0Kxle4CGFjV7Uaqhbf0Ki5xeOAhW2QgQHy6uuAOwo6OgKCKYWaznCEQwedxX1GpsbVkSVHlf9czG0J7f8XgKIGuJaIwgSgiLDoiHa_IXnSrl675ejC0KGHCUHU_g37SahjyUWf-UXbKVTGnYWzTx2wFuN8413wuUGscHW6tRtEDZzQZ1_-kwDpvX_8NhNH-VHEUwerCysa3fJLzDGxqhoA&sai=AMfl-YSsrIPRNALVhJsRIexSbprlSRVxuiB_Vs6jUSsGVobb7qwI7_ytPlf1HR2eNoWX8HZ3qjrk0wmHVkGzYTiO68Y1CLPXbaOFoDz5vBjxlWZvcmtNzzhhhvBk5OHnYSBBeKPMFYtBeBExMRA_LVA&sig=Cg0ArKJSzEc76J8UlpfGEAE&uach_m=[UACH]&adurl=

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Feb 2023 18:51:39 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 6B51 22 KB
9 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 11:28:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 6B51 3 KB
1 KB 60ms
60ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:28:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 11:28:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B51 158 KB
48 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 18:51:39 GMT

GET
H2 200 12829637917739295535
tpc.googlesyndication.com/simgad/ Frame 6B51 39 KB
39 KB 63ms
63ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12829637917739295535

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

75363d54b1434a5abbf87b78cee311878c7403ad76d1b9d9a3d13f6c8885c916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:07:57 GMT
x-content-type-options: nosniff
age: 42222
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40075
x-xss-protection: 0
last-modified: Sat, 09 Jul 2022 07:21:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 07:07:57 GMT

GET
DATA 200
OK truncated
/ Frame 6B51 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a73800d6cb3d28463f0db1b79217449ad10c2779be3168a7c070f4082817d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame B0A5 36 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 06:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 217775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 06:22:04 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E3BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO180CYDWeHVlrLXyXMg8K4&google_cver=1

43 B
766 B

41ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO180CYDWeHVlrLXyXMg8K4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNV2DWrcUxaemNpdpAFmxYJSEgNa5-xhZp1Esy_TJe0j0LNk1huZ5joyxk2iSr3Pdcp7XgqIL33XyEKRd0So0HCBnMwNbTreIAkhLHHgpM5bj0vZWM7thAGaFYLuQ5xQS-YAO_PN5sMKjvoswy45WVthsM-OYXVk4wbnXP1TOL_BHivsi2zcQHMVgrKUtMIoTJjdZ2EC
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:51:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:51:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO180CYDWeHVlrLXyXMg8K4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E3BB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-kHO879QH3RKVO1inaGOgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO180CYDWeHVlrLXyXMg8K4&google_cver=1

43 B
766 B

82ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO180CYDWeHVlrLXyXMg8K4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNV2DWrcUxaemNpdpAFmxYJSEgNa5-xhZp1Esy_TJe0j0LNk1huZ5joyxk2iSr3Pdcp7XgqIL33XyEKRd0So0HCBnMwNbTreIAkhLHHgpM5bj0vZWM7thAGaFYLuQ5xQS-YAO_PN5sMKjvoswy45WVthsM-OYXVk4wbnXP1TOL_BHivsi2zcQHMVgrKUtMIoTJjdZ2EC
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:51:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:51:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO180CYDWeHVlrLXyXMg8K4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E3BB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBWctfrSocXMIZS91X6i9co&google_cver=1

43 B
1 KB

57ms
45ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBWctfrSocXMIZS91X6i9co&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNV2DWrcUxaemNpdpAFmxYJSEgNa5-xhZp1Esy_TJe0j0LNk1huZ5joyxk2iSr3Pdcp7XgqIL33XyEKRd0So0HCBnMwNbTreIAkhLHHgpM5bj0vZWM7thAGaFYLuQ5xQS-YAO_PN5sMKjvoswy45WVthsM-OYXVk4wbnXP1TOL_BHivsi2zcQHMVgrKUtMIoTJjdZ2EC

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:51:39 GMT
AN-X-Request-Uuid: b2775402-25e9-4175-a0e7-9c3b63202588
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 80.255.7.100; 80.255.7.100; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:51:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBWctfrSocXMIZS91X6i9co&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E3BB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIzNzgxNTEwMzQ0NTU0MzM5MQ%3D%3D

170 B
243 B

77ms
77ms

Image
image/png

172.217.19.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIzNzgxNTEwMzQ0NTU0MzM5MQ%3D%3D

Requested by

Protocol

Server

172.217.19.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s27-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:51:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 24 Feb 2023 18:51:39 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.7.100; 80.255.7.100; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 104109e6-2e16-492e-a72d-1103e51333b6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTIzNzgxNTEwMzQ0NTU0MzM5MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B51 0
0 76ms
75ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlru_nOOvvM_D8V3IvU8g9foAMIHC16yL_Ny-NVywBotfMaOwMaXm62DNoE7X0Dg0e3Q7WIgmDY77YeyjrrRXpFrPzUdnSHCgSd3nPM3872t0rx3UqtEgFGicGmrt8-kMl_k3bIAB3K1gf-WhGg9Edtx2Wi3tQc8ei1UxCosvTUhctxsfnEf3dC2jDD1n8AoG4mK685kmjpuwrawLq4RvNSoPpG70gQZfCGgB81R3d8QWW9Kp80WnHOwDCWvKVu7953D8En3y8oNNBtpRoxbNzVXhFBGvJhW3iqxKPVYay3q88BN-xdWi2zI_kC1iDoCBEgkpEXbBh1bWlw8vJFHwP&sai=AMfl-YThlbopJWWxgccoDcGSRChSuLDpNX4824ibPRryANxWLVIiw5j0kSRQyuDIs_ZnRvkXFI5OMke-Yir07hz9sRybTuxW5PuC7CyTNGmJrWgEDYcRnkX7gcdKGZRCKdPsLisbTZ2UMYStnua0zXE&sig=Cg0ArKJSzBAsykxduFUEEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Feb 2023 18:51:39 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D97 0
20 B 84ms
84ms Ping
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3673154446481&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:51:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D97 0
20 B 84ms
84ms Ping
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3673154446481&version=m202301230201&ct=77&x=1&cor=14624480727850710000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:51:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4D97 15 KB
11 KB 117ms
116ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdBJjQ4xXgrIDAt7PJ-rG-DqoUCG4d5f0_wHPEG1ac9gq4PQoaG02xSmmPWUlpKEZom0JeF3jOUdUZ4rjn82Gp08fDI3SsYNQeBjnpLo6qi3EBlmBNTFFPkl-CeoX8FCdAv3QxkkMaNOn2Bj5yE5xWgJ_UDTi0_ADxLo_P0JFxrpUm9Es&cry=1&dbm_d=AKAmf-DhV4yuMpZ1mVqWTfs1MD6HkYA5gey2hCAweSQWIKxHgrxOFw3Wwx8kOJ5yxlypVtDTEHlYu6VgXM5XkRhnoqBNSjBt0_sG1RpZB3h-fIkv-sQT8l68sZ4Xnv1vXNOihs9lXvj8Hf3TBR9L4MMlBNNJarFjaVoccWLo9ZMipLdxZIpxvjvQzMBFQ_l8YApLn_ipcHh23GwgN-dP2HXBCPUyGoWqxI4IdnXJDVTqYJOmKZLJ7rilqpxEobzpFK7ojVK_qytkgYgrITh8E7tyjBtvMbVK9OGxxR56H2zuyOhJ7XSVGnGRVeztS2gthmtBfWKHsJ6IIjlKFstpMoE6ZXpPL_UWJcJicG8sjtzxj8ZuCO40o3uo1EBdLomKc-yds141opqKeIAfuUoskcT-LVrAZ0a59kNeXljnlOS28bHsbwW1Mx1D9ookhgIj2GA9LflRde_vBTy45QwF1EdOdLjmGesqxrv9gE0C013Fh0TSsKILvuWjTL472FrKSFM3DDi3mi9EIhAhrC8nS86Iin4mKV-I2Y91_fZZPINdgw9Bho9edLxdITD4FryEACBgyf1qttIU3eKzLRuGYxekHm9wgLpElzKNZ6Fq4lgisiilFdQ6ur4IuUEx8rHbbRIroeMetsEwk1sueFUFEhBuTLFzWrNccXTbI6Rs0oBVNNoGhrIP2oT9i9fmSgM2hF8mEAM3QPxc-x6ABQF2_psctWrsyu5c6TYUqEgNYPmbxL5YwV4yMPGGXB6ayjHA8rJ9WuSZOnfcqJEm22DQRm2M_D8XOVDXT8lHC-SgHT_xoaDu9h8ZUt2yPClOvLsQhH4rG8BmNviKEdNbN5GH4l_ITYTl_52cVsKNLsVzizfxMRRWsFeSpqzGh7nP41hx7v3wiQko2NHIGU5TyMXs_BOfidYb8BoxoXn3tM5HnOIFUmzBBr5f1-qrSZRMsbD3Gj0N6amD1OtiyreId-m5ZpG-dgzI618xcCxAMiQNlphlP80l9cli6xVTV2EJWFGuYWpiWKXdlMywAUjSMI4XyhIA9Kw-r1UMnpO03c4OK4fuP9LSfKWHD2uXWF74RS-gyYEqLzjGtWCgksGAZqUtlrfxWCCf4DIqAEzBYwV7rvOd3BkAcT55brqA0Qun3xvWQQWPIOhNdU8FuA6Zc9IBLsBK3h6nc1r685PMkt8wPG6OODp6a_bjO67pnzKVSHF3FuO1K-PB7V2oBzlwphQLBum2ZQShida4CI1kw0bQyJcQp0YWhejjuxK2AQKOorDOWYxFAW7f_22zXjF4ZPnSVTFmxe3e0wOzItJgl81zOlnK7L3xSl7u0JdM9RpbGSyMxnQhx8H6HtpnDytviZemySd4j_21Qvko_VSQS1RPBnSCP1GhQk-qx38lAbDz3g5l0xkANnNxPXYfVWbk33gvm01ej4xRav4uLw14grzW7gmg3gF_v8MScDevXarwYwVfEA1CUcs8fGFAqn4V1BJWtDjuUAeUV3gUuuvbCQsAxTsloDHQtiW8J02vjrfoNs3x6HFZDTjd1A4WKmDAWYOdDSe7GOMPG17tZaI3IWqdPp2zIXSUdYQ5Ooi9waT8lELKD3CXp48OSrGSgXIU7zMkze2WQAh6PvoOYp4SBjWdR3R0rHhp19wC0WN2z5wwgqshTygMEwCUTV_2gU-e56jxAhWs85b5l3lEBj4MX9-pbdrh49pqlTSEv-CcKaoFLOiFRu7Serr3A4REj2xRzuYRRbYKTeStoRyCCRpkoDA99BqiUBvswrZvUm0iLvUjM2LXecuxJjbEht7C9bsqfhV5defyUl1u4k8UbxV16M5Dro5CJ3ImNZOf8K3G8Iy4TgV6PWyHsxc2Ee7FpNsDk4mNhrZUE9QEJ_FTWMZDf9m2YUwPN6Wb9s5o7hMBBIrPOFXJStLh5YDLE5fgHW3P72kSobf1JUXeJZ_Dl2YQ4mc1E8zhUg_fDCrtQvIdo3n001gDt44rVg4QuBcht47K8ZlnKGUEyXe51Xl5nlp0Sr8f-kewW_4kSfSCEq9I59smZVcSc0KH1tkV0ya4DVTBwIG4JWhcEQrdY5uqf9XV6xv_dGd6yl17ZO1Z325IUGoopZkjBg8jiF9zcXg747L2IKDbY9iAp4qwcHs20B9lzaLqXrcJ1uvRyB4VPVAzInwW3FxanaOJzPavh0BIEPKMRP63F26kCjYSoIc0lSktLL1TSonYRiMV9Lof1Vw1bfmkCvm3n0AcpfXjbJ4wARn45FcRk2H_DqAFTYp4MU44YMI6OoKqDDXHQFAtinsl4VAySBkj3hC5YZtCZ7Gq6nnU-cvmevN41jtYC7voTuSOfqqI1WyZOxyt3XewmOuZL3Q9KGVUVOwb2MpNxGGtxBr_6rtSfa38q0mxEmGVWJd4cWmSoikn_1gABccgjtYtDKhwIEVqhmqJQDBb_XZncwQHyVViqAcVgPd60tmO11OKezgsaKdppmtIX2YcgAOiS4eiqDqAOj_h4kPYFUTvJIVO7Fn6WeQ--riGbj26M47-N5SkHqqUYbF_l-aiSxcJx5rKgAh5UjSLfkphNl5OhW3UVAfH2QZPqf8VoQd0lBGahZxefPa9NsTN0t03Eb7JWwO6PV127V652FbqA_IDPKtT3Ej9hQq2w_pMCfkEzG7t6-3akaJF8hiM5IxdgMXo4TArcy1eWxvXLWxPzn3yi_ufXofLkil7mkcGXCHNRowyUceJNLqSBuRTliQKM__srSpGfYCrSROCKCo2Jc_duUZQf8vTI0654jm5D6TLYapYVuNEe5gelhXkY1N1Nd-7qrPdPuuu44Rh5MLNC6NzGS2SYmyOWATfL72S_S6mhRfO5OkyEgQYUoG6tu8W7sgT3o9Z3PEQzBFrc_H74UUiE1lN_it38_3jMgolQNbXFTzNVq-nH3FDRH1E1IIUgPv11trGVr-K499jV2Z5w1FtOYKlPH6HGz4uzxzmqywCytNB9FxmbondB3lp-sBt5SXoT-Fu6Z4BH02Kfljscy4KinkTGkfycVOHRptfSLoYzaazTu1pJOgYWVWUhpeMFEPQa4-N0hrRYVsjTw9CTDDkjqFV1-RGL43JnqEPrqoeAeUbYjlmb9gC4JWIgupjFRqoJfnroC-BNlbqoPmPWvI4WrlhXMV8zg3EpNw4tGqYhDSR3uGmJFGJjRc6fSgZiY8G5VdKmeFNySbkcPyPyMf2ovhQOojlwrxkOzpCVojEAs3yuEN_Dogi85KaaFlN_QwGTBcERa1DbjP40k-FH8k0uQhTmIGU1-vgVE7ms5LkI0a4t8gHLpTI1PZBAK2RuUIRjHGy5tmOi1A2oDDvmtphakG5mSdiAOV8bX_QplCIlgRnBr5UFjvo5PlQ7yT2XiQMTHrs4g7h6r0t5C9GeOIZ2i2AgDSsTB0qRCcytFkW-EnNCDvxp_JoP5SoZq6J7OBoEot1KDWM7RUc4RzgIXR7Cd1UO8vU1MpTykyAezXNoD19Mn3Y3vk7f4XaeeAsudjUJmLqBmZFf9H70zNM1rmN&cid=CAQSSwDUE5ymRy0e9oaZrDYfXex5CVbkP_3e9nNy4z3erP3VS1ucuTYHZ-ela01L3KelrpTxCeZVxBZKh4PwPen_hinoTLn4bmzSTd7ZBxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhubdrive.top&ds=l&xdt=1&iif=1&cor=14624480727850710000&adk=1964084972&idt=239&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a35c3a0b6f19456dfa6f943786e7d56a0fd8a7aef92629278c4afe96b3c091

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11267
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 9ABA 4 KB
732 B 74ms
74ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Feb 2023 18:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 18:36:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Feb 2023 18:51:39 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9ABA 205 B
649 B 224ms
53ms Image
image/png 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 16:35:11 GMT
x-content-type-options: nosniff
age: 8188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 24 Feb 2024 16:35:11 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9ABA 604 B
694 B 224ms
53ms Image
image/png 2a00:1450:400d:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:52:29 GMT
x-content-type-options: nosniff
age: 3550
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 24 Feb 2024 17:52:29 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/elements/html/ Frame 9ABA 19 KB
8 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 20:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8251
x-xss-protection: 0
server: cafe
etag: 12882883664474914621
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 20:51:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D010 0
0 84ms
83ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021601&jk=1448012080106382&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame BED8 22 KB
9 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 11:28:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame BED8 3 KB
1 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:28:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 11:28:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BED8 158 KB
48 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 18:51:39 GMT

GET
H3 200 16765385845210740643
tpc.googlesyndication.com/simgad/ Frame BED8 86 KB
86 KB 53ms
53ms Image
image/jpeg 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16765385845210740643

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc6d654cad2a4df7ff1aad315d66e78df3aff0a1ffcb0e217c2cc5184f688103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 01:07:18 GMT
x-content-type-options: nosniff
age: 63861
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87810
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 19:57:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 01:07:18 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B0A5 0
10 B 73ms
73ms Image
text/plain 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?52mhLg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4D97 41 KB
15 KB 58ms
57ms Script
text/javascript 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdBJjQ4xXgrIDAt7PJ-rG-DqoUCG4d5f0_wHPEG1ac9gq4PQoaG02xSmmPWUlpKEZom0JeF3jOUdUZ4rjn82Gp08fDI3SsYNQeBjnpLo6qi3EBlmBNTFFPkl-CeoX8FCdAv3QxkkMaNOn2Bj5yE5xWgJ_UDTi0_ADxLo_P0JFxrpUm9Es&cry=1&dbm_d=AKAmf-DhV4yuMpZ1mVqWTfs1MD6HkYA5gey2hCAweSQWIKxHgrxOFw3Wwx8kOJ5yxlypVtDTEHlYu6VgXM5XkRhnoqBNSjBt0_sG1RpZB3h-fIkv-sQT8l68sZ4Xnv1vXNOihs9lXvj8Hf3TBR9L4MMlBNNJarFjaVoccWLo9ZMipLdxZIpxvjvQzMBFQ_l8YApLn_ipcHh23GwgN-dP2HXBCPUyGoWqxI4IdnXJDVTqYJOmKZLJ7rilqpxEobzpFK7ojVK_qytkgYgrITh8E7tyjBtvMbVK9OGxxR56H2zuyOhJ7XSVGnGRVeztS2gthmtBfWKHsJ6IIjlKFstpMoE6ZXpPL_UWJcJicG8sjtzxj8ZuCO40o3uo1EBdLomKc-yds141opqKeIAfuUoskcT-LVrAZ0a59kNeXljnlOS28bHsbwW1Mx1D9ookhgIj2GA9LflRde_vBTy45QwF1EdOdLjmGesqxrv9gE0C013Fh0TSsKILvuWjTL472FrKSFM3DDi3mi9EIhAhrC8nS86Iin4mKV-I2Y91_fZZPINdgw9Bho9edLxdITD4FryEACBgyf1qttIU3eKzLRuGYxekHm9wgLpElzKNZ6Fq4lgisiilFdQ6ur4IuUEx8rHbbRIroeMetsEwk1sueFUFEhBuTLFzWrNccXTbI6Rs0oBVNNoGhrIP2oT9i9fmSgM2hF8mEAM3QPxc-x6ABQF2_psctWrsyu5c6TYUqEgNYPmbxL5YwV4yMPGGXB6ayjHA8rJ9WuSZOnfcqJEm22DQRm2M_D8XOVDXT8lHC-SgHT_xoaDu9h8ZUt2yPClOvLsQhH4rG8BmNviKEdNbN5GH4l_ITYTl_52cVsKNLsVzizfxMRRWsFeSpqzGh7nP41hx7v3wiQko2NHIGU5TyMXs_BOfidYb8BoxoXn3tM5HnOIFUmzBBr5f1-qrSZRMsbD3Gj0N6amD1OtiyreId-m5ZpG-dgzI618xcCxAMiQNlphlP80l9cli6xVTV2EJWFGuYWpiWKXdlMywAUjSMI4XyhIA9Kw-r1UMnpO03c4OK4fuP9LSfKWHD2uXWF74RS-gyYEqLzjGtWCgksGAZqUtlrfxWCCf4DIqAEzBYwV7rvOd3BkAcT55brqA0Qun3xvWQQWPIOhNdU8FuA6Zc9IBLsBK3h6nc1r685PMkt8wPG6OODp6a_bjO67pnzKVSHF3FuO1K-PB7V2oBzlwphQLBum2ZQShida4CI1kw0bQyJcQp0YWhejjuxK2AQKOorDOWYxFAW7f_22zXjF4ZPnSVTFmxe3e0wOzItJgl81zOlnK7L3xSl7u0JdM9RpbGSyMxnQhx8H6HtpnDytviZemySd4j_21Qvko_VSQS1RPBnSCP1GhQk-qx38lAbDz3g5l0xkANnNxPXYfVWbk33gvm01ej4xRav4uLw14grzW7gmg3gF_v8MScDevXarwYwVfEA1CUcs8fGFAqn4V1BJWtDjuUAeUV3gUuuvbCQsAxTsloDHQtiW8J02vjrfoNs3x6HFZDTjd1A4WKmDAWYOdDSe7GOMPG17tZaI3IWqdPp2zIXSUdYQ5Ooi9waT8lELKD3CXp48OSrGSgXIU7zMkze2WQAh6PvoOYp4SBjWdR3R0rHhp19wC0WN2z5wwgqshTygMEwCUTV_2gU-e56jxAhWs85b5l3lEBj4MX9-pbdrh49pqlTSEv-CcKaoFLOiFRu7Serr3A4REj2xRzuYRRbYKTeStoRyCCRpkoDA99BqiUBvswrZvUm0iLvUjM2LXecuxJjbEht7C9bsqfhV5defyUl1u4k8UbxV16M5Dro5CJ3ImNZOf8K3G8Iy4TgV6PWyHsxc2Ee7FpNsDk4mNhrZUE9QEJ_FTWMZDf9m2YUwPN6Wb9s5o7hMBBIrPOFXJStLh5YDLE5fgHW3P72kSobf1JUXeJZ_Dl2YQ4mc1E8zhUg_fDCrtQvIdo3n001gDt44rVg4QuBcht47K8ZlnKGUEyXe51Xl5nlp0Sr8f-kewW_4kSfSCEq9I59smZVcSc0KH1tkV0ya4DVTBwIG4JWhcEQrdY5uqf9XV6xv_dGd6yl17ZO1Z325IUGoopZkjBg8jiF9zcXg747L2IKDbY9iAp4qwcHs20B9lzaLqXrcJ1uvRyB4VPVAzInwW3FxanaOJzPavh0BIEPKMRP63F26kCjYSoIc0lSktLL1TSonYRiMV9Lof1Vw1bfmkCvm3n0AcpfXjbJ4wARn45FcRk2H_DqAFTYp4MU44YMI6OoKqDDXHQFAtinsl4VAySBkj3hC5YZtCZ7Gq6nnU-cvmevN41jtYC7voTuSOfqqI1WyZOxyt3XewmOuZL3Q9KGVUVOwb2MpNxGGtxBr_6rtSfa38q0mxEmGVWJd4cWmSoikn_1gABccgjtYtDKhwIEVqhmqJQDBb_XZncwQHyVViqAcVgPd60tmO11OKezgsaKdppmtIX2YcgAOiS4eiqDqAOj_h4kPYFUTvJIVO7Fn6WeQ--riGbj26M47-N5SkHqqUYbF_l-aiSxcJx5rKgAh5UjSLfkphNl5OhW3UVAfH2QZPqf8VoQd0lBGahZxefPa9NsTN0t03Eb7JWwO6PV127V652FbqA_IDPKtT3Ej9hQq2w_pMCfkEzG7t6-3akaJF8hiM5IxdgMXo4TArcy1eWxvXLWxPzn3yi_ufXofLkil7mkcGXCHNRowyUceJNLqSBuRTliQKM__srSpGfYCrSROCKCo2Jc_duUZQf8vTI0654jm5D6TLYapYVuNEe5gelhXkY1N1Nd-7qrPdPuuu44Rh5MLNC6NzGS2SYmyOWATfL72S_S6mhRfO5OkyEgQYUoG6tu8W7sgT3o9Z3PEQzBFrc_H74UUiE1lN_it38_3jMgolQNbXFTzNVq-nH3FDRH1E1IIUgPv11trGVr-K499jV2Z5w1FtOYKlPH6HGz4uzxzmqywCytNB9FxmbondB3lp-sBt5SXoT-Fu6Z4BH02Kfljscy4KinkTGkfycVOHRptfSLoYzaazTu1pJOgYWVWUhpeMFEPQa4-N0hrRYVsjTw9CTDDkjqFV1-RGL43JnqEPrqoeAeUbYjlmb9gC4JWIgupjFRqoJfnroC-BNlbqoPmPWvI4WrlhXMV8zg3EpNw4tGqYhDSR3uGmJFGJjRc6fSgZiY8G5VdKmeFNySbkcPyPyMf2ovhQOojlwrxkOzpCVojEAs3yuEN_Dogi85KaaFlN_QwGTBcERa1DbjP40k-FH8k0uQhTmIGU1-vgVE7ms5LkI0a4t8gHLpTI1PZBAK2RuUIRjHGy5tmOi1A2oDDvmtphakG5mSdiAOV8bX_QplCIlgRnBr5UFjvo5PlQ7yT2XiQMTHrs4g7h6r0t5C9GeOIZ2i2AgDSsTB0qRCcytFkW-EnNCDvxp_JoP5SoZq6J7OBoEot1KDWM7RUc4RzgIXR7Cd1UO8vU1MpTykyAezXNoD19Mn3Y3vk7f4XaeeAsudjUJmLqBmZFf9H70zNM1rmN&cid=CAQSSwDUE5ymRy0e9oaZrDYfXex5CVbkP_3e9nNy4z3erP3VS1ucuTYHZ-ela01L3KelrpTxCeZVxBZKh4PwPen_hinoTLn4bmzSTd7ZBxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fhubdrive.top&ds=l&xdt=1&iif=1&cor=14624480727850710000&adk=1964084972&idt=239&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26573
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Feb 2024 11:28:46 GMT

GET
H/1.1 200
OK jf2y0amzcvu0 Show response
hal9000.redintelligence.net/zone/ Frame 4D97 11 KB
4 KB 166ms
40ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZnQUOgf5Y_vgMayF9u8P_LqduAim5b2gab2YnKfJD_AuEAEgp461SGCVgoCAtAfIAQmpAqZezyGDs7E-qAMBqgT_AU_Q5nMOeZBIqA8pThKf4aSPlQr9QCUnarfxBI1NkO8XcYpIID8ecXCUFZ5VOzpT48nntPlWm23uIsr2tWLapT_bAUEk5Ip3rbGkDPP8AY4rDLSBdvkR3_P-aFZ2BZv9e4mv9A9LRHJl4YDjFzyesEyBXxKqnvBP6Euc_hdMZhz-MY5IuRAQyWqR-JiN_zk7UFVE8wd7tiq4c2mG6ByvI5F124TL4c8XjLy9-Ek3laqFboM-S4MtKCPNn99XN9buHVIjtSEvg--EGk2w7MjVvl1scGezis7-0Mmbyi4iVhq06dT4ILgYy_SV4vAb-D3jZKBla5RLSVvGoj_KsyWJOMAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymRy0e9oaZrDYfXex5CVbkP_3e9nNy4z3erP3VS1ucuTYHZ-ela01L3KelrpTxCeZVxBZKh4PwPen_hinoTLn4bmzSTd7ZBxgB%26sig%3DAOD64_3OgQ3l0wYH2JbQNo8k2qc5oW_NBQ%26client%3Dca-pub-2726428685015992%26dbm_c%3DAKAmf-A4CdjrgkogNAdu15ni9hi_h1oEwpnJ3mBy_sb2XifaGPUmXrPXzHgPy1L3Ygae1MwGt-9E5L_YfXNLL9mF6iQjZhJ0od-2rTgznjo2YEI_UAxSQoV_4DIMcAQF9O9ndh_9uNA-QqE3i6UpMdj01G97t6yTNPGdmneAlUMHw0jTUK3TdMg%26cry%3D1%26dbm_d%3DAKAmf-D8jvH7FFKhkmAsvuyuTXT6jwxXBW5kO7RjWVpwPc1zLIbftHBbRi7H4nLZzweKwsXmwFcC6nkiWe1nFEOQlRuAL-P_yo-QmHEv9CIhjwbaqvsyASf8akf7BpDcFpElayoKcId5fxSnv1UFn4xqTHa4w44dIgAhOXvbCw5u7plSGYBdGNxmmgAtdm_YpJCZTTf6wCx1aQgxLFkkMoMIGtObDr4HtjwN2ngiWL7a6jfOkyeYo2hER4Yq-lrKFu6DedtqSefNkp71zJCVBOyYo7ERKESQFwPPLRp9hdnR6cVqfkrkO7b21X6z93aj9NCZq-u07K4adL5UCbEiig98dKm2EJslf7czjFBac11GVgWPW8eWAdAxwxa3iulIqgMbCFmFnlSwBm38jZjf2T6G09vmw_QcGeMhxg8DWTbdzShZ0_YBle5M0qmEM0BOTxo6WxTwqYlTBEFj2o9mQxzBKvUuYItGI566E5x5QdKbm32MINsFewo%26adurl%3D
Requested by: Host: ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
URL: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: f20e4ea8823e05c7fd9045d5d41ab7c3158a863e7b38fbacd7c5f7dd9e5b1e0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 18:51:39 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4051
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame DA1C 22 KB
8 KB 52ms
52ms Document
text/html 2a00:1450:400d:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26573
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 11:28:46 GMT
expires: Sat, 24 Feb 2024 11:28:46 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame DA1C 36 KB
14 KB 53ms
52ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 06:22:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 217775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 06:22:04 GMT

GET
H/1.1

200
OK

request.php Show response
hal900028.redintelligence.net/ Frame 4D97
Redirect Chain

https://hal900028.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=a69f516428&subid=&uid=fe583909a4036fea&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900028.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=a69f516428&subid=&uid=fe583909a4036fea&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

187ms
108ms

Script
application/x-javascript

88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=a69f516428&subid=&uid=fe583909a4036fea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZnQUOgf5Y_vgMayF9u8P_LqduAim5b2gab2YnKfJD_AuEAEgp461SGCVgoCAtAfIAQmpAqZezyGDs7E-qAMBqgT_AU_Q5nMOeZBIqA8pThKf4aSPlQr9QCUnarfxBI1NkO8XcYpIID8ecXCUFZ5VOzpT48nntPlWm23uIsr2tWLapT_bAUEk5Ip3rbGkDPP8AY4rDLSBdvkR3_P-aFZ2BZv9e4mv9A9LRHJl4YDjFzyesEyBXxKqnvBP6Euc_hdMZhz-MY5IuRAQyWqR-JiN_zk7UFVE8wd7tiq4c2mG6ByvI5F124TL4c8XjLy9-Ek3laqFboM-S4MtKCPNn99XN9buHVIjtSEvg--EGk2w7MjVvl1scGezis7-0Mmbyi4iVhq06dT4ILgYy_SV4vAb-D3jZKBla5RLSVvGoj_KsyWJOMAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymRy0e9oaZrDYfXex5CVbkP_3e9nNy4z3erP3VS1ucuTYHZ-ela01L3KelrpTxCeZVxBZKh4PwPen_hinoTLn4bmzSTd7ZBxgB%26sig%3DAOD64_3OgQ3l0wYH2JbQNo8k2qc5oW_NBQ%26client%3Dca-pub-2726428685015992%26dbm_c%3DAKAmf-A4CdjrgkogNAdu15ni9hi_h1oEwpnJ3mBy_sb2XifaGPUmXrPXzHgPy1L3Ygae1MwGt-9E5L_YfXNLL9mF6iQjZhJ0od-2rTgznjo2YEI_UAxSQoV_4DIMcAQF9O9ndh_9uNA-QqE3i6UpMdj01G97t6yTNPGdmneAlUMHw0jTUK3TdMg%26cry%3D1%26dbm_d%3DAKAmf-D8jvH7FFKhkmAsvuyuTXT6jwxXBW5kO7RjWVpwPc1zLIbftHBbRi7H4nLZzweKwsXmwFcC6nkiWe1nFEOQlRuAL-P_yo-QmHEv9CIhjwbaqvsyASf8akf7BpDcFpElayoKcId5fxSnv1UFn4xqTHa4w44dIgAhOXvbCw5u7plSGYBdGNxmmgAtdm_YpJCZTTf6wCx1aQgxLFkkMoMIGtObDr4HtjwN2ngiWL7a6jfOkyeYo2hER4Yq-lrKFu6DedtqSefNkp71zJCVBOyYo7ERKESQFwPPLRp9hdnR6cVqfkrkO7b21X6z93aj9NCZq-u07K4adL5UCbEiig98dKm2EJslf7czjFBac11GVgWPW8eWAdAxwxa3iulIqgMbCFmFnlSwBm38jZjf2T6G09vmw_QcGeMhxg8DWTbdzShZ0_YBle5M0qmEM0BOTxo6WxTwqYlTBEFj2o9mQxzBKvUuYItGI566E5x5QdKbm32MINsFewo%26adurl%3D&documentReferer=https%3A%2F%2Fed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fhubdrive.top&random=3669561233902&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
URL: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 6a31b7a7fbb8516f9ff58db9b2d569a1e737c2c6eaffa9cce3766145b5755ebb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:51:40 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 48864800162527104444978012245028
Connection: close
Content-Length: 1307
Expires: Fri, 24 Feb 2023 18:51:40 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 24 Feb 2023 18:51:39 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=a69f516428&subid=&uid=fe583909a4036fea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZnQUOgf5Y_vgMayF9u8P_LqduAim5b2gab2YnKfJD_AuEAEgp461SGCVgoCAtAfIAQmpAqZezyGDs7E-qAMBqgT_AU_Q5nMOeZBIqA8pThKf4aSPlQr9QCUnarfxBI1NkO8XcYpIID8ecXCUFZ5VOzpT48nntPlWm23uIsr2tWLapT_bAUEk5Ip3rbGkDPP8AY4rDLSBdvkR3_P-aFZ2BZv9e4mv9A9LRHJl4YDjFzyesEyBXxKqnvBP6Euc_hdMZhz-MY5IuRAQyWqR-JiN_zk7UFVE8wd7tiq4c2mG6ByvI5F124TL4c8XjLy9-Ek3laqFboM-S4MtKCPNn99XN9buHVIjtSEvg--EGk2w7MjVvl1scGezis7-0Mmbyi4iVhq06dT4ILgYy_SV4vAb-D3jZKBla5RLSVvGoj_KsyWJOMAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymRy0e9oaZrDYfXex5CVbkP_3e9nNy4z3erP3VS1ucuTYHZ-ela01L3KelrpTxCeZVxBZKh4PwPen_hinoTLn4bmzSTd7ZBxgB%26sig%3DAOD64_3OgQ3l0wYH2JbQNo8k2qc5oW_NBQ%26client%3Dca-pub-2726428685015992%26dbm_c%3DAKAmf-A4CdjrgkogNAdu15ni9hi_h1oEwpnJ3mBy_sb2XifaGPUmXrPXzHgPy1L3Ygae1MwGt-9E5L_YfXNLL9mF6iQjZhJ0od-2rTgznjo2YEI_UAxSQoV_4DIMcAQF9O9ndh_9uNA-QqE3i6UpMdj01G97t6yTNPGdmneAlUMHw0jTUK3TdMg%26cry%3D1%26dbm_d%3DAKAmf-D8jvH7FFKhkmAsvuyuTXT6jwxXBW5kO7RjWVpwPc1zLIbftHBbRi7H4nLZzweKwsXmwFcC6nkiWe1nFEOQlRuAL-P_yo-QmHEv9CIhjwbaqvsyASf8akf7BpDcFpElayoKcId5fxSnv1UFn4xqTHa4w44dIgAhOXvbCw5u7plSGYBdGNxmmgAtdm_YpJCZTTf6wCx1aQgxLFkkMoMIGtObDr4HtjwN2ngiWL7a6jfOkyeYo2hER4Yq-lrKFu6DedtqSefNkp71zJCVBOyYo7ERKESQFwPPLRp9hdnR6cVqfkrkO7b21X6z93aj9NCZq-u07K4adL5UCbEiig98dKm2EJslf7czjFBac11GVgWPW8eWAdAxwxa3iulIqgMbCFmFnlSwBm38jZjf2T6G09vmw_QcGeMhxg8DWTbdzShZ0_YBle5M0qmEM0BOTxo6WxTwqYlTBEFj2o9mQxzBKvUuYItGI566E5x5QdKbm32MINsFewo%26adurl%3D&documentReferer=https%3A%2F%2Fed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fhubdrive.top&random=3669561233902&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 24 Feb 2023 18:51:39 +0100

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA1C 0
20 B 147ms
146ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Byh1jOwf5Y_rQHsvl-gab4LaQCQAAAAA4AeAEAg&bg=!xsWlxZHNAAZYlHKzeJQ7ADkAdvg8WmRV9LwEPvcdD16KsNBcXrmrFpqHbdDa8pipYbKPCF4AFTfzrgKTLJF_ELQZcTmMV_icBbQCAAAARFIAAAACaAEHmQLjnjSPWBXF4zqfTRakCBh-v1GGRQtpvo1-dlAXkbaiOicBBNzOr8QJJVlcbTAdj247mkX_4PZW0D4KbkduNTBW6BcBWtp3aWK9RxMfKzIOA6xfP_fKGSWR-sUFPt-KJuqn7fjnI5D10o_HtImfaev79Gh2BM2_2Z-9bGBOtSAuVHINmk7ij9IgCSh379V81zw6wBWXYjGG4G99wNmARg9nm1ncl2cwzJ1a9QfkwqKIRmnP0tOXlXXydkVFAPC2j7Sy3jY3tlWwmBEljwNNc61tV-fYHPyVF3AQYUSoS5rK6VOk1X57FlpSH6FmqEERnTt_uBqLMtN7Ues4Zs7vm7wy3LBOYTVy0U-KJQ6PmzzY6i70oFiHS3MtsTAjZ0jVKujNZoUBpWcrEryYN4XKilgfnhj2lURrCwfRB7CcxSu0mq5EEwS7U-qoZPYkiQIf1TVsBmmxX9TXoKcQKmlYfgEShsTUACK3V2IMsbJJeCg3lK-F_ljzNdDngxZFxDxKGe_v6lYAHR7lLQwu5Kg1_FOrR8i855zf6HW7srL3bwfQqikb447Xr0WzqdDX2Ccb0f3IByo5V2OSWTdeGvU2NyG4snM9zE1mwDJ5hDDZUd3N0ikWyMY5fzgwI9_1YkMag2busBTAFeO0m8Tur-QMewYA4-mIMY9fmOg9bgMEOA3KGTmOk5i8k00XhGTMpLV3rdMk79wohFJb29NPRIl8vbpOLHuqGzkt9UnyNcDPTuYFaw2YOaalq25NLZN3JpEIbUiqEada6Dhn7pO19_OiqBnrLa2990iU6PR8kIJY5Z9Sc1lK7u6wdCOpYnmEKgCKjcF8MoN6u_UvtMh1wAQZvegpYboIobv6OqgUide28_7-hEveX3hy4aRWVAwbsRmbo0-dMEotJq5S3qUQncWRbFkT4pXSHtVonvTGHoYleIQZPGZWfJcp-eLBQV8135cEa2-5_J2Oig_n6grVQ0XqTvFohDTI5Q

Requested by

Host: ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
URL: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:51:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 89ms
87ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021601&jk=1448012080106382&bg=!AwClAFTNAAZYlHKzeJQ7ADkAdvg8WmTTTsiL3-FS5864TsSvktViwzNelBVcrAu6FF23ETiNHh-MFwFAVen-ai8JTbzfdUlUtg4CAAAAXVIAAAAJaAEHmQKiIOHnTi6gMQuk25BCqOhflryerGnZHO0zJyqbB3ZBFYGccrG857udazwEDr6dL37QPW2DZPXchtIxvyunVhvjep_LSShNi7izjGPmN8dXe_IzLN-q08I5aB3Geor0-mmQ0c5Ljq9Z535UY-E_6JKfwzwXhcGFWEVZOMpCmxVy8Rw6qe_ryndQnyUTHQ-HXruIXefnVJsktvd5oJDZW9fBYf60a5KCjq9TV1tjOnpdH4ug9T1yUItLu4_ISV1nlAeylJBwRgLjSmmM6T40YFyTrqhhi-FCoyRfM2LcezRtbxMBLJuADLxk6oCNPoWAIU1PbeMEeWS2S7aPNjbYikXk0IvWqBlSfue50T-gQRuogqiVbxAYlN_s5G_K-ugKZKMrvB-fH6iYSGOW3rcLV3rQ1JO26l-hMELkHHKmHvYloaxugQjnoSkXx9Iw4mTBltXMAD16PDEzs0Kf2cmNehOKXdTrx-56F32-zEAKfw2FxJLCg6kXYVQWyFHwSVNaVhfP1qQkFjURH6BBEJkk6bq1lZlq2_SlavjazXXesUlcPlMH2NkKoRlVS1H1SF4nGxiUtxj2H0MrLPwl__-CrjC5FekyH878Vo_cRqxzDr7zSOz9bozj3jTtRy0F9ETZMLSwh3HPP5kZ9iFTcYdDth3_pJj7usIQ7KbNmfAGJNoUuuUs57O9UiEFBxr53IYZ4P-b9T9w60bL2jN6wP4p-EzamlKY9hFyxdtHOpzh3oJ72rA9dGVuQBBHkHPnD_6ToXA7xz9DsTqXF1DcPZkrhT3Py4Vg4VgeRdj9tSxd6nZ_itjH1hzbXrL-nUGG2-Px-zczTfsXQ07Z9Mzy-Bg2l8nWSoohS8fVxz76sc9CYnxDaulmbQmGtWnwdOxaznLE69Jr9wM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 / Show response
adv.office-partner.de/ Frame 65E0 930 B
931 B 294ms
60ms Document
text/html 2a0b:4d07:401::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=a69f516428&subid=&uid=fe583909a4036fea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZnQUOgf5Y_vgMayF9u8P_LqduAim5b2gab2YnKfJD_AuEAEgp461SGCVgoCAtAfIAQmpAqZezyGDs7E-qAMBqgT_AU_Q5nMOeZBIqA8pThKf4aSPlQr9QCUnarfxBI1NkO8XcYpIID8ecXCUFZ5VOzpT48nntPlWm23uIsr2tWLapT_bAUEk5Ip3rbGkDPP8AY4rDLSBdvkR3_P-aFZ2BZv9e4mv9A9LRHJl4YDjFzyesEyBXxKqnvBP6Euc_hdMZhz-MY5IuRAQyWqR-JiN_zk7UFVE8wd7tiq4c2mG6ByvI5F124TL4c8XjLy9-Ek3laqFboM-S4MtKCPNn99XN9buHVIjtSEvg--EGk2w7MjVvl1scGezis7-0Mmbyi4iVhq06dT4ILgYy_SV4vAb-D3jZKBla5RLSVvGoj_KsyWJOMAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymRy0e9oaZrDYfXex5CVbkP_3e9nNy4z3erP3VS1ucuTYHZ-ela01L3KelrpTxCeZVxBZKh4PwPen_hinoTLn4bmzSTd7ZBxgB%26sig%3DAOD64_3OgQ3l0wYH2JbQNo8k2qc5oW_NBQ%26client%3Dca-pub-2726428685015992%26dbm_c%3DAKAmf-A4CdjrgkogNAdu15ni9hi_h1oEwpnJ3mBy_sb2XifaGPUmXrPXzHgPy1L3Ygae1MwGt-9E5L_YfXNLL9mF6iQjZhJ0od-2rTgznjo2YEI_UAxSQoV_4DIMcAQF9O9ndh_9uNA-QqE3i6UpMdj01G97t6yTNPGdmneAlUMHw0jTUK3TdMg%26cry%3D1%26dbm_d%3DAKAmf-D8jvH7FFKhkmAsvuyuTXT6jwxXBW5kO7RjWVpwPc1zLIbftHBbRi7H4nLZzweKwsXmwFcC6nkiWe1nFEOQlRuAL-P_yo-QmHEv9CIhjwbaqvsyASf8akf7BpDcFpElayoKcId5fxSnv1UFn4xqTHa4w44dIgAhOXvbCw5u7plSGYBdGNxmmgAtdm_YpJCZTTf6wCx1aQgxLFkkMoMIGtObDr4HtjwN2ngiWL7a6jfOkyeYo2hER4Yq-lrKFu6DedtqSefNkp71zJCVBOyYo7ERKESQFwPPLRp9hdnR6cVqfkrkO7b21X6z93aj9NCZq-u07K4adL5UCbEiig98dKm2EJslf7czjFBac11GVgWPW8eWAdAxwxa3iulIqgMbCFmFnlSwBm38jZjf2T6G09vmw_QcGeMhxg8DWTbdzShZ0_YBle5M0qmEM0BOTxo6WxTwqYlTBEFj2o9mQxzBKvUuYItGI566E5x5QdKbm32MINsFewo%26adurl%3D&documentReferer=https%3A%2F%2Fed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fhubdrive.top&random=3669561233902&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 24 Feb 2023 18:51:40 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 03 Mar 2023 18:51:40 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: atvi

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 4506
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=48864800162527104444978012245028&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48864800162527104444978012245028&actionid=981741&produktid=&dt_url=

0
629 B

187ms
50ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48864800162527104444978012245028&actionid=981741&produktid=&dt_url=

Requested by

Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=a69f516428&subid=&uid=fe583909a4036fea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZnQUOgf5Y_vgMayF9u8P_LqduAim5b2gab2YnKfJD_AuEAEgp461SGCVgoCAtAfIAQmpAqZezyGDs7E-qAMBqgT_AU_Q5nMOeZBIqA8pThKf4aSPlQr9QCUnarfxBI1NkO8XcYpIID8ecXCUFZ5VOzpT48nntPlWm23uIsr2tWLapT_bAUEk5Ip3rbGkDPP8AY4rDLSBdvkR3_P-aFZ2BZv9e4mv9A9LRHJl4YDjFzyesEyBXxKqnvBP6Euc_hdMZhz-MY5IuRAQyWqR-JiN_zk7UFVE8wd7tiq4c2mG6ByvI5F124TL4c8XjLy9-Ek3laqFboM-S4MtKCPNn99XN9buHVIjtSEvg--EGk2w7MjVvl1scGezis7-0Mmbyi4iVhq06dT4ILgYy_SV4vAb-D3jZKBla5RLSVvGoj_KsyWJOMAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymRy0e9oaZrDYfXex5CVbkP_3e9nNy4z3erP3VS1ucuTYHZ-ela01L3KelrpTxCeZVxBZKh4PwPen_hinoTLn4bmzSTd7ZBxgB%26sig%3DAOD64_3OgQ3l0wYH2JbQNo8k2qc5oW_NBQ%26client%3Dca-pub-2726428685015992%26dbm_c%3DAKAmf-A4CdjrgkogNAdu15ni9hi_h1oEwpnJ3mBy_sb2XifaGPUmXrPXzHgPy1L3Ygae1MwGt-9E5L_YfXNLL9mF6iQjZhJ0od-2rTgznjo2YEI_UAxSQoV_4DIMcAQF9O9ndh_9uNA-QqE3i6UpMdj01G97t6yTNPGdmneAlUMHw0jTUK3TdMg%26cry%3D1%26dbm_d%3DAKAmf-D8jvH7FFKhkmAsvuyuTXT6jwxXBW5kO7RjWVpwPc1zLIbftHBbRi7H4nLZzweKwsXmwFcC6nkiWe1nFEOQlRuAL-P_yo-QmHEv9CIhjwbaqvsyASf8akf7BpDcFpElayoKcId5fxSnv1UFn4xqTHa4w44dIgAhOXvbCw5u7plSGYBdGNxmmgAtdm_YpJCZTTf6wCx1aQgxLFkkMoMIGtObDr4HtjwN2ngiWL7a6jfOkyeYo2hER4Yq-lrKFu6DedtqSefNkp71zJCVBOyYo7ERKESQFwPPLRp9hdnR6cVqfkrkO7b21X6z93aj9NCZq-u07K4adL5UCbEiig98dKm2EJslf7czjFBac11GVgWPW8eWAdAxwxa3iulIqgMbCFmFnlSwBm38jZjf2T6G09vmw_QcGeMhxg8DWTbdzShZ0_YBle5M0qmEM0BOTxo6WxTwqYlTBEFj2o9mQxzBKvUuYItGI566E5x5QdKbm32MINsFewo%26adurl%3D&documentReferer=https%3A%2F%2Fed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fhubdrive.top&random=3669561233902&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 18:51:40 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 24 Feb 2023 07:51:40 GMT
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma: no-cache
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 0
Content-Type: application/javascript
Date: Fri, 24 Feb 2023 18:51:40 GMT
Host: pv.medialead.de
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=48864800162527104444978012245028&actionid=981741&produktid=&dt_url=
Proxy-Host: pv.medialead.de
Server: nginx/1.17.5
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027
X-IPLB-Request-ID: 50FF0764:939A_91EFC182:01BB_63F9073C_4EC4FDB:2FD2B

GET
H2

200

htlp Show response
futalis.de/ Frame 8105
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=48864800162527104444978012245028&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2309070247

350 B
401 B

268ms
40ms

Document
text/html

49.12.22.42
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2309070247
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=a69f516428&subid=&uid=fe583909a4036fea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZnQUOgf5Y_vgMayF9u8P_LqduAim5b2gab2YnKfJD_AuEAEgp461SGCVgoCAtAfIAQmpAqZezyGDs7E-qAMBqgT_AU_Q5nMOeZBIqA8pThKf4aSPlQr9QCUnarfxBI1NkO8XcYpIID8ecXCUFZ5VOzpT48nntPlWm23uIsr2tWLapT_bAUEk5Ip3rbGkDPP8AY4rDLSBdvkR3_P-aFZ2BZv9e4mv9A9LRHJl4YDjFzyesEyBXxKqnvBP6Euc_hdMZhz-MY5IuRAQyWqR-JiN_zk7UFVE8wd7tiq4c2mG6ByvI5F124TL4c8XjLy9-Ek3laqFboM-S4MtKCPNn99XN9buHVIjtSEvg--EGk2w7MjVvl1scGezis7-0Mmbyi4iVhq06dT4ILgYy_SV4vAb-D3jZKBla5RLSVvGoj_KsyWJOMAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymRy0e9oaZrDYfXex5CVbkP_3e9nNy4z3erP3VS1ucuTYHZ-ela01L3KelrpTxCeZVxBZKh4PwPen_hinoTLn4bmzSTd7ZBxgB%26sig%3DAOD64_3OgQ3l0wYH2JbQNo8k2qc5oW_NBQ%26client%3Dca-pub-2726428685015992%26dbm_c%3DAKAmf-A4CdjrgkogNAdu15ni9hi_h1oEwpnJ3mBy_sb2XifaGPUmXrPXzHgPy1L3Ygae1MwGt-9E5L_YfXNLL9mF6iQjZhJ0od-2rTgznjo2YEI_UAxSQoV_4DIMcAQF9O9ndh_9uNA-QqE3i6UpMdj01G97t6yTNPGdmneAlUMHw0jTUK3TdMg%26cry%3D1%26dbm_d%3DAKAmf-D8jvH7FFKhkmAsvuyuTXT6jwxXBW5kO7RjWVpwPc1zLIbftHBbRi7H4nLZzweKwsXmwFcC6nkiWe1nFEOQlRuAL-P_yo-QmHEv9CIhjwbaqvsyASf8akf7BpDcFpElayoKcId5fxSnv1UFn4xqTHa4w44dIgAhOXvbCw5u7plSGYBdGNxmmgAtdm_YpJCZTTf6wCx1aQgxLFkkMoMIGtObDr4HtjwN2ngiWL7a6jfOkyeYo2hER4Yq-lrKFu6DedtqSefNkp71zJCVBOyYo7ERKESQFwPPLRp9hdnR6cVqfkrkO7b21X6z93aj9NCZq-u07K4adL5UCbEiig98dKm2EJslf7czjFBac11GVgWPW8eWAdAxwxa3iulIqgMbCFmFnlSwBm38jZjf2T6G09vmw_QcGeMhxg8DWTbdzShZ0_YBle5M0qmEM0BOTxo6WxTwqYlTBEFj2o9mQxzBKvUuYItGI566E5x5QdKbm32MINsFewo%26adurl%3D&documentReferer=https%3A%2F%2Fed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fhubdrive.top&random=3669561233902&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-3.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 24 Feb 2023 18:51:40 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2309070247
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 link.html Show response
track.webgains.com/ Frame 4D97 2 KB
2 KB 293ms
109ms Script
text/html 18.169.231.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=48864800162527104444978012245028&nw=1
Requested by: Host: hubdrive.top
URL: https://hubdrive.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.231.46 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-231-46.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 6b46782a348e81f930601a9cceda752dce4169feb7dd52bc4bdc11ac6db541e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:40 GMT
last-modified: Fri, 24 Feb 2023 18:51:40 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 24 Feb 2023 18:52:40 GMT

GET
H2

200

activityi;dc_pre=CMSkqfXprv0CFSkCogMdOvINDg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313829397526.6113 Show response
8019191.fls.doubleclick.net/ Frame E736
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313829397526.6113?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMSkqfXprv0CFSkCogMdOvINDg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313829397526.6113?

392 B
329 B

95ms
93ms

Document
text/html

142.250.180.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CMSkqfXprv0CFSkCogMdOvINDg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313829397526.6113?

Requested by

Host: hubdrive.top
URL: https://hubdrive.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s34-in-f6.1e100.net

Software

cafe /

Resource Hash

ca5c833a2ff46c47f3953d13504bac21b764e56e05801e3eec1f880eb0dfb18b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 18:51:40 GMT
expires: Fri, 24 Feb 2023 18:51:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 18:51:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMSkqfXprv0CFSkCogMdOvINDg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313829397526.6113?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900028.redintelligence.net/ Frame 775C 7 KB
2 KB 120ms
40ms Document
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/request_content.php?s=48864800162527104444978012245028&a=80bc7d69
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=a69f516428&subid=&uid=fe583909a4036fea&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCZnQUOgf5Y_vgMayF9u8P_LqduAim5b2gab2YnKfJD_AuEAEgp461SGCVgoCAtAfIAQmpAqZezyGDs7E-qAMBqgT_AU_Q5nMOeZBIqA8pThKf4aSPlQr9QCUnarfxBI1NkO8XcYpIID8ecXCUFZ5VOzpT48nntPlWm23uIsr2tWLapT_bAUEk5Ip3rbGkDPP8AY4rDLSBdvkR3_P-aFZ2BZv9e4mv9A9LRHJl4YDjFzyesEyBXxKqnvBP6Euc_hdMZhz-MY5IuRAQyWqR-JiN_zk7UFVE8wd7tiq4c2mG6ByvI5F124TL4c8XjLy9-Ek3laqFboM-S4MtKCPNn99XN9buHVIjtSEvg--EGk2w7MjVvl1scGezis7-0Mmbyi4iVhq06dT4ILgYy_SV4vAb-D3jZKBla5RLSVvGoj_KsyWJOMAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATj7XRDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDUE5ymRy0e9oaZrDYfXex5CVbkP_3e9nNy4z3erP3VS1ucuTYHZ-ela01L3KelrpTxCeZVxBZKh4PwPen_hinoTLn4bmzSTd7ZBxgB%26sig%3DAOD64_3OgQ3l0wYH2JbQNo8k2qc5oW_NBQ%26client%3Dca-pub-2726428685015992%26dbm_c%3DAKAmf-A4CdjrgkogNAdu15ni9hi_h1oEwpnJ3mBy_sb2XifaGPUmXrPXzHgPy1L3Ygae1MwGt-9E5L_YfXNLL9mF6iQjZhJ0od-2rTgznjo2YEI_UAxSQoV_4DIMcAQF9O9ndh_9uNA-QqE3i6UpMdj01G97t6yTNPGdmneAlUMHw0jTUK3TdMg%26cry%3D1%26dbm_d%3DAKAmf-D8jvH7FFKhkmAsvuyuTXT6jwxXBW5kO7RjWVpwPc1zLIbftHBbRi7H4nLZzweKwsXmwFcC6nkiWe1nFEOQlRuAL-P_yo-QmHEv9CIhjwbaqvsyASf8akf7BpDcFpElayoKcId5fxSnv1UFn4xqTHa4w44dIgAhOXvbCw5u7plSGYBdGNxmmgAtdm_YpJCZTTf6wCx1aQgxLFkkMoMIGtObDr4HtjwN2ngiWL7a6jfOkyeYo2hER4Yq-lrKFu6DedtqSefNkp71zJCVBOyYo7ERKESQFwPPLRp9hdnR6cVqfkrkO7b21X6z93aj9NCZq-u07K4adL5UCbEiig98dKm2EJslf7czjFBac11GVgWPW8eWAdAxwxa3iulIqgMbCFmFnlSwBm38jZjf2T6G09vmw_QcGeMhxg8DWTbdzShZ0_YBle5M0qmEM0BOTxo6WxTwqYlTBEFj2o9mQxzBKvUuYItGI566E5x5QdKbm32MINsFewo%26adurl%3D&documentReferer=https%3A%2F%2Fed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fhubdrive.top&random=3669561233902&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: da5505240e38faf541100f6229da8022c23ee6ca49fffcf6fe1261b85decf801

Request headers

Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2021
Content-Type: text/html; charset=utf-8
Date: Fri, 24 Feb 2023 18:51:40 GMT
Expires: Fri, 24 Feb 2023 18:51:40 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET e99aace94e6e5873881d3400993e1e7e
medialead.de/trck/eview/ Frame 4D97 0
0

GET
DATA 200
OK truncated
/ Frame 4D97 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 160355e459fdc7a49dea9da7ff9e1f79342d6c36f5628e89d3262a3057299a71

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 775C 4 KB
651 B 76ms
75ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=48864800162527104444978012245028&a=80bc7d69

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 Feb 2023 18:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 18:41:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 Feb 2023 18:51:40 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 775C 81 KB
81 KB 132ms
48ms Image
image/png 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=48864800162527104444978012245028&a=80bc7d69
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0f541527d735e36c089c40d20578f5080d3eded86cb5ce7cc582879aeb0de38c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 18:51:40 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 775C 100 KB
100 KB 132ms
48ms Image
image/png 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=48864800162527104444978012245028&a=80bc7d69
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: aa53509f2cac011ab404c2b7a37e19c98fb985c78dcbe7f6198bca45e23c58f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 18:51:40 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 775C 69 KB
69 KB 218ms
132ms Image
image/png 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=200&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=48864800162527104444978012245028&a=80bc7d69
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 Böblingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6e5a752be741fd8812b562b31b643fdd109dcd55945c63a7239d8ea9eeec19e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 18:51:40 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B51 42 B
174 B 91ms
85ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKMiVdR5ZE0zF7FLCq1Gn0vOx9HB9Qg4GtcSAX3pBE0q6hsaEnQi_JV0zvDcxvUZdOh1iKbL5CszrlvDMWVzsV9Fne1nzwjICLIlFmg8ZHVyMyYAgK&sig=Cg0ArKJSzMUYZJSYbQ2HEAE&id=lidar2&mcvt=1000&p=1124,436,1214,1164&mtos=578,1000,1000,1000,1000&tos=578,422,0,0,0&v=20230222&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=776293167&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677264699290&rpt=146&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:51:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame 775C 0
150 B 120ms
40ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=48864800162527104444978012245028&a=32287502&vb=m
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=48864800162527104444978012245028&a=80bc7d69
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=48864800162527104444978012245028&a=80bc7d69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 18:51:40 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 775C 13 KB
13 KB 57ms
53ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900028.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 09:03:55 GMT
x-content-type-options: nosniff
age: 208065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 09:03:55 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 775C 13 KB
13 KB 63ms
61ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900028.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 00:02:13 GMT
x-content-type-options: nosniff
age: 326967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Feb 2024 00:02:13 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 4D97 85 KB
31 KB 192ms
48ms Script
application/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=48864800162527104444978012245028&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 07:03:06 GMT
content-encoding: gzip
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
last-modified: Fri, 09 Dec 2022 10:53:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 42515
etag: W/"0d5045593d14c9612a5d5576928a5209"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: PVsCKMINKs0PUzq6iu0Ro7i-PdANQf-k5fDR15pXqwDnIh5NYWTiVA==

GET
H2 200 1x1.png
cdn.track.production.webgains.team/7121/ Frame 4D97 3 KB
3 KB 171ms
46ms Image
image/png 18.66.15.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1677265000&Signature=X7LH2G3edpbcoejRdK-a9fr0SCuhUAeM7uM2ESG7~kO~Ga3fwOeO1gBzcnt~wgRO2oyhRMFY2n-9UbURDIGyiTxDH064snHJaiuMLP2n85MLX15tiUW3hFTORxks2x3YSk3MhcvKIsCy-gmB~7iBmWV4x8jUlEHE67cyQLdYi9fMhW2lKrkneHujueoc8941kpQbzYNRXepfOp4lE-E1zG2HM4QZXsxx2ATJSY3TLu1eS~1UnwIkOQ9J-Kto847wXg6lZnvuhW2aYZBnFsXi2Niv2G7oxrLaI7n3kilxjveW9vztyoHFcajb7n0agC8D5wJtoMi4XwwDRuEGWddp2g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
URL: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-50.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 24 Feb 2023 02:34:23 GMT
via: 1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 58662
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: V_-2-z6Wbx5KBqlTkvCIViIkqg0ERvnjdnGT8SGm8qxZUhtPjtDq3w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 65E0 104 KB
41 KB 201ms
75ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

78c5fbd8493931d626b894fc1c59a2e5177c80bc1f1f36f787e8d1f24f56eaeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41240
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Feb 2023 18:51:40 GMT

GET
H2 200 dc_pre=CMSkqfXprv0CFSkCogMdOvINDg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313829397526.6113
adservice.google.com/ddm/fls/z/ Frame E736 42 B
262 B 87ms
86ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMSkqfXprv0CFSkCogMdOvINDg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313829397526.6113

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMSkqfXprv0CFSkCogMdOvINDg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1313829397526.6113?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:51:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 8105 5 KB
5 KB 38ms
37ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=2309070247
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:40 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
etag: "14aa-5d6188919baaa"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5290

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4D97 42 B
64 B 89ms
88ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssYLew7OMHJJqBAhw60bxT_eGrO9purYUlL1yH6e5rf7UhF7UifzusfGr4NayBw37VWKltcNuLMTS-4OySDtJjmMY0iZV5aO8vt6SrYrZp2YUGXAVJk-T90-Yk6&sai=AMfl-YTqJpVFjUib1rkM_yp6546shJAYGmvjhj07JmW__Vw_quB9EvEwE89CslSuxsVumP5gOzHbTTi880874HfY1uXiPh3TActkzqn8wJSAlp3QaEKRtimYgGYS3wJpxOdfgOWYc8GAYJt8pvQ-&sig=Cg0ArKJSzDMLd75ifDnhEAE&cid=CAQSSwDUE5ymRy0e9oaZrDYfXex5CVbkP_3e9nNy4z3erP3VS1ucuTYHZ-ela01L3KelrpTxCeZVxBZKh4PwPen_hinoTLn4bmzSTd7ZBxgB&id=lidar2&mcvt=1048&p=864,702,1464,1002&mtos=0,0,1048,1048,1048&tos=0,0,1048,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=0.56&if=1&app=0&itpl=20&adk=3006782981&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677264699115&rpt=1187&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 18:51:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 4D97 16 B
232 B 89ms
89ms Fetch
application/json 18.133.166.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.166.146 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-166-146.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 24 Feb 2023 18:51:41 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 285ms
46ms Preflight 18.133.166.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.133.166.146 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-133-166-146.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 24 Feb 2023 18:51:41 GMT
server: nginx

GET
H/1.1 200
OK viewability Show response
hal900028.redintelligence.net/ Frame 775C 0
150 B 119ms
40ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900028.redintelligence.net/viewability?s=48864800162527104444978012245028&a=32287502&vb=v
Requested by: Host: hal900028.redintelligence.net
URL: https://hal900028.redintelligence.net/request_content.php?s=48864800162527104444978012245028&a=80bc7d69
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900028.redintelligence.net/request_content.php?s=48864800162527104444978012245028&a=80bc7d69
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 18:51:41 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 lazy-iwc.9b430e25.js Show response
static.arc.io/broker/js/ Frame E7A9 14 KB
5 KB 45ms
45ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.b281d075.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: f2a7e5ade77d712f4303757e9c0c3185f72f24cfa5f5da33bcabc63abd376a1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:42 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: EPGEW37JJYQ662KA
cdn-cachedat: 02/11/2023 19:24:49
cdn-pullzone: 786569
x-amz-id-2: uDgJxcLXzr4jtY3y5m9nXqmZ5+eYo/eU48aCHQ7lGPyT40D7Jn40t00bRhrmizkRRM4vlSR/5fk=
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"7fd8734437dbdc553c3513d10d0c0a97"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
access-control-max-age: 86400
cdn-requestid: 136687aa35ee1aab6558b25cb4b26022
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 vendors~widget-sc-client.js Show response
static.arc.io/widget/js/ 60 KB
17 KB 45ms
45ms Script
text/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-sc-client.js?35fccb86
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?13acafc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: c7659ffb0d3df377c1234d14b4070c72e387079e938702120b7c4dd2be608f8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:42 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: QXYRKQ19KVNP6TBZ
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/11/2023 19:24:51
cdn-pullzone: 786569
x-amz-id-2: VvHM7B78UhEbE9uVBEKRcxtOx/7eaJKBRHMRwXVMfBwuMvWxaxgAOtoQIx5eL3v0RPUv3LzU9aU=
last-modified: Thu, 01 Dec 2022 19:23:02 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"fa12476f8ee3c92b8369e0c9d3b915f9"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 36d1dcd7d6e478019e0886531425868a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 widget-sc-client.js Show response
static.arc.io/widget/js/ 3 KB
2 KB 50ms
50ms Script
text/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-sc-client.js?197dbd2e
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?13acafc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: f9daa48a3c618bb638706d320e646320b4123ffdd3c5a4a8a9a8df505de6fac7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:42 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: QXYK0VNMNNAKYE4Q
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/11/2023 19:24:51
cdn-pullzone: 786569
x-amz-id-2: l2A+WalZt8zzTi4V4jmC4zEmamweCO8Tu6KggdrwX/CIw9TcKZxUlMJyjGd3nf2LugjP4iTTsP0=
last-modified: Thu, 01 Dec 2022 19:23:02 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"14884d9e881791d580471ec30f89f22a"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: 51235e9fd1fcc421112087449ce7a856
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 chunk-2d2088b3.js Show response
static.arc.io/widget/js/ 5 KB
3 KB 45ms
44ms Script
text/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/chunk-2d2088b3.js?6ba30592
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?13acafc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: f5ffff1bbfb2d10ddac211f5281c9f5dcbcfba2b2c4a0f94e9716ae56acc8535

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:43 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: S0QAQGDANJCWWRDQ
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/11/2023 19:24:52
cdn-pullzone: 786569
x-amz-id-2: q3zZxsfJ8baop6jQsH9ZzDJr+GcUBnfsF7+odFvc6ye+4/SuNA1AhbUJatZ2ParbqY6m0vr5mbg=
last-modified: Thu, 01 Dec 2022 19:23:02 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"66c2d6afe554437209eba6414c0b4a31"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: a6a7a92eb712d3c9eff4575432ffcfd2
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 chunk-2d0cf2b3.js Show response
static.arc.io/widget/js/ 3 MB
691 KB 45ms
44ms Script
text/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/chunk-2d0cf2b3.js?d98d2542
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?13acafc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: 0107ae6c1312e89ab7f63be4f7ff12a90485ec1616afd76203b5492247a63fbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:43 GMT
content-encoding: br
cdn-edgestorageid: 731
x-amz-request-id: TZJNZDF848ZTR7FR
x-amz-server-side-encryption: AES256
cdn-cachedat: 02/11/2023 19:24:48
cdn-pullzone: 786569
x-amz-id-2: jBIit6CklYq5KPNxn3DokbPY+OyFjDtQoIPdfDgacpIRVtN/y3lZO6dHWhm/Gk0pMCZE0Wje4Ok=
last-modified: Thu, 01 Dec 2022 19:23:02 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"9cbcec63463acd553403ca8c8a1463d7"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
access-control-max-age: 86400
cdn-requestid: af01897d26440326a326e9f332a31f7d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 QmbPKKd5C4WVQUt12wgjgmpStLqRbrAbv4EJdmaVKxVxrg Show response
strn.pl/ipfs/ 306 B
1 KB 204ms
75ms Fetch
application/vnd.ipld.car 89.58.19.99

General

Check archive.org

Show headers Download Go to

Full URL

https://strn.pl/ipfs/QmbPKKd5C4WVQUt12wgjgmpStLqRbrAbv4EJdmaVKxVxrg?format=car&clientId=c1dd7073-a112-43ff-b9ac-1f5d6ed5e0f5

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/chunk-2d2088b3.js?6ba30592

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.58.19.99 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8f0f25b48809c0c10a3c8801b4dc1105195b191b63868e91212a3d7be5915aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:51:43 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-ipfs-datasize: 306
saturn-cache-status: HIT
content-disposition: attachment; filename="QmbPKKd5C4WVQUt12wgjgmpStLqRbrAbv4EJdmaVKxVxrg.car"; filename*=UTF-8''QmbPKKd5C4WVQUt12wgjgmpStLqRbrAbv4EJdmaVKxVxrg.car
saturn-node-id: ac76a6db-f1d8-4d09-a130-736783ed1619
content-length: 306
server: nginx
x-ipfs-roots: QmbPKKd5C4WVQUt12wgjgmpStLqRbrAbv4EJdmaVKxVxrg
saturn-node-version: 629_8637a6b25ff3516e21890964ac8d6568cd023e8b
etag: W/"QmbPKKd5C4WVQUt12wgjgmpStLqRbrAbv4EJdmaVKxVxrg.car"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/vnd.ipld.car; version=1
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=29030400, immutable
x-ipfs-path: /ipfs/QmbPKKd5C4WVQUt12wgjgmpStLqRbrAbv4EJdmaVKxVxrg
saturn-transfer-id: eaac4d468374bbcb06e114fed00354d5
timing-allow-origin: *
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tracker.arc.io
URL: https://tracker.arc.io/

Domain: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html

Domain: medialead.de
URL: https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=48864800162527104444978012245028

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hubdrive.top/	1969-12-31 23:59:59	Name: PHPSESSID Value: 79d81cfd71d3280cf78199b0c5965272
core.arc.io/	1970-01-20 18:40:00	Name: _immortal\|Arc_nodeId Value: LWyvF4YEPH73rAngyMLQby
.hubdrive.top/	1970-01-20 19:30:24	Name: _ga Value: GA1.2.970710960.1677264699
.hubdrive.top/	1970-01-20 09:55:51	Name: _gid Value: GA1.2.1262903268.1677264699
.hubdrive.top/	1970-01-20 09:54:24	Name: _gat Value: 1
.arc.io/	1970-01-20 19:30:24	Name: widgetOptState Value: {%22state%22:%22UNDECIDED%22%2C%22date%22:%222023-02-24T18:51:38.351Z%22%2C%22dismissedAt%22:null}
.doubleclick.net/	1970-01-20 19:16:00	Name: IDE Value: AHWqTUnamWPpQRVyLVLSZfmOQWjPnIUeebooetdksBVrAbK4_HmJo6VD0Zua4906
.doubleclick.net/	1970-01-20 09:54:25	Name: test_cookie Value: CheckForPermission
.hubdrive.top/	1970-01-20 19:16:00	Name: __gads Value: ID=411695166e71ba67:T=1677264698:S=ALNI_MbfEXAgNk3U9OWJm0pNhcloZS99og
.hubdrive.top/	1970-01-20 19:16:00	Name: __gpi Value: UID=00000bbbddac1de7:T=1677264698:RT=1677264698:S=ALNI_MbIArLCuD_Gz3GljcCd__GHRm1CTA
.casalemedia.com/	1970-01-20 18:40:00	Name: CMID Value: Y-kHO879QH3RKVO1inaGOgAA
.casalemedia.com/	1970-01-20 12:04:00	Name: CMPS Value: 3224
.casalemedia.com/	1970-01-20 12:04:00	Name: CMPRO Value: 3224
.adnxs.com/	1970-01-20 12:04:00	Name: uuid2 Value: 5237815103445543391
.adnxs.com/	1970-01-20 12:04:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IljhEHOc!]tbPl1M>e)ZlrFUfJ+tGXxo@KbLE_?2lz+O[k$k^gghbAk/gRc?33R0mL#>bpRzqF1`b`XR9EPw
.redintelligence.net/	1970-01-20 12:04:00	Name: 8lcfmzhxc8d6_uid Value: c8b98a88ffaca6b8
.retailads.net/	1970-01-20 10:37:36	Name: ppb2172 Value: 2309070247
.futalis.de/	1970-01-20 11:20:48	Name: raSIDb Value: 2309070247
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: p4zkqacz3k2c24ayrx1um0wy
pb.media01.eu/	1970-01-20 19:30:24	Name: DTU Value: 22C5D7697AE247A3E8E206F4C50BD5A9
.office-partner.de/	1970-01-20 19:30:24	Name: source Value: {"webgains_webgains":{"timestamp":1677264700926,"clickCookie":false}}

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://tags.orquideassp.com/tag/14001 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://services.brid.tv/player/build/brid.outstream.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://tags.orquideassp.com/tag/14001 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://services.brid.tv/player/build/brid.outstream.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 467) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
adservice.google.com
adservice.google.de
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
arc.io
cdn.jsdelivr.net
cdn.retailads.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
core.arc.io
dsum-sec.casalemedia.com
ed2daaaadfd7fb75e3d08d740c74e31e.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900028.redintelligence.net
hubdrive.in
hubdrive.mx
hubdrive.top
hubdrive.tv
ib.adnxs.com
imasdk.googleapis.com
medialead.de
p.brid.tv
pagead2.googlesyndication.com
pb.media01.eu
pv.medialead.de
s0.2mdn.net
securepubads.g.doubleclick.net
services.brid.tv
static.arc.io
stats-dev.brid.tv
strn.pl
supertruco.com
tags.orquideassp.com
tpc.googlesyndication.com
track.webgains.com
tracker.arc.io
unpkg.com
use.fontawesome.com
warden.arc.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
imasdk.googleapis.com
medialead.de
tracker.arc.io
13.225.78.15
138.201.63.117
142.250.180.230
143.204.89.65
145.239.193.130
172.217.19.98
18.133.166.146
18.169.231.46
18.223.141.84
18.66.122.44
18.66.147.52
18.66.15.50
185.180.12.68
185.80.39.216
185.89.210.244
192.0.78.218
2600:9000:234e:3e00:2:e529:700:93a1
2606:4700:3030::ac43:8325
2606:4700:3033::6815:f13
2606:4700::6810:5514
2606:4700::6810:7eaf
2606:4700::6811:190e
2606:4700:e2::ac40:850f
2a00:1450:4001:82f::2002
2a00:1450:400d:802::2001
2a00:1450:400d:802::200a
2a00:1450:400d:803::2001
2a00:1450:400d:803::2003
2a00:1450:400d:806::2002
2a00:1450:400d:806::2003
2a00:1450:400d:806::2008
2a00:1450:400d:806::200e
2a00:1450:400d:807::2002
2a00:1450:400d:807::2004
2a00:1450:400d:807::200a
2a00:1450:400d:808::2006
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80e::2002
2a01:4f8:d0a:2321::2
2a06:98c1:3120::c
2a06:98c1:3121::c
2a0b:4d07:401::1
49.12.22.42
88.198.250.30
88.99.165.19
89.58.19.99
99.86.4.32
00e7751397a60c6912a7a3715cf3bd6ede60fc1ed95ee0c90c5d5e0e37eec1dc
0107ae6c1312e89ab7f63be4f7ff12a90485ec1616afd76203b5492247a63fbc
06706ec8e308c99ab1bad24724e943392c6d3dde64739b72525ef8dd11bd007a
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a73800d6cb3d28463f0db1b79217449ad10c2779be3168a7c070f4082817d0e
0b0ccab5c33b6a68fdde04836a4c4ea787c32a69915bfe75e906f15cb67f7b39
0b8514c85c13a143e983c709b2f011704416baf80c4afc94e687438143852ce5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0caa7bfd2e4c73c0b4eaaf29dedf315bfad12fd29f5d82c06ac2e6f4f634b7f1
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0f541527d735e36c089c40d20578f5080d3eded86cb5ce7cc582879aeb0de38c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14016a27eca88d4b5b320dcb1f367a04ea01430620f391b627c6ae0f950cfdb1
160355e459fdc7a49dea9da7ff9e1f79342d6c36f5628e89d3262a3057299a71
1664d91ecac81370ecbbe5f5ae6297a1a5e6c80e8cc5b51ff934ee2bf47f51f3
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
187a5e0bc9badf1f52db4ac8a96a470b7abfc7a57b06b2037039137b281fcf00
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e
1cb27401b4d6a2d21f3bd3304f9855c43e3467887d2d8e89aacf5e9aeb386f7c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2a0d5016c9be45fd2d7534bf47f3b2c67d3d1d47e64e31572c28a94b984e7014
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c13379cb86fcf8bd8d913c0be2c98a7fd5ea7a6c110ca1a44f4595876112830
3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35876455baa5aee4bfb708042ab2a3c663020c92d4df5b2c1439fd540123fd09
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3f9a80d3854b816aac35297f46d9df4573787ed1b3118903376aee41b616b89d
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf
49d9c74f1817bab13f3b6a9964facbd2a3db21c28efdb1044e6d10509b0b38dc
4aed2b077fb16b8450e7247d0bd9bace9d177bbc01058a2e8973b4169ea31c2a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c462292adc4a0ab7b7915a3e85c2de4915150ba94d8ce8ceef3938af1009fc7
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e39e1784c4964af570a91d05c26ba56fdfda270588db4fcc284d6acb720760
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60fc4511f1c0ccb8fd9f64fed945c028634245420d93405ec69a6e8e2561447d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6500f7835a2323775cb4c894af2f8c7506ab6266809823cd23c1de35e6b63e77
688b457b3eeb502791cfc50b739323fe89aae3699ab56fabbf6ad2490deee338
6a31b7a7fbb8516f9ff58db9b2d569a1e737c2c6eaffa9cce3766145b5755ebb
6b46782a348e81f930601a9cceda752dce4169feb7dd52bc4bdc11ac6db541e4
6c6c42440fabb852780124ba82a424e98cdac178d484a4591bf0a3291fe732b7
6e5a752be741fd8812b562b31b643fdd109dcd55945c63a7239d8ea9eeec19e3
70f14c160387f33d521daeeeab26a64b5cf71b78efa10406600042471620a895
75363d54b1434a5abbf87b78cee311878c7403ad76d1b9d9a3d13f6c8885c916
757b9768e0c48924a1cdf690463a65d4f48b864f131da4a6e67cafc15bd66430
78c5fbd8493931d626b894fc1c59a2e5177c80bc1f1f36f787e8d1f24f56eaeb
7e197dab0246803326666304195c7b55603a2112f5d19a355cd7f98ca01fb0c5
7e6c1daf6282bfed80fd596538602f5acb173a18c5e10284d13fce2a3db05b53
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
808f8735b3d41a8f14c1a2f6ff7186ef83238aedb40c703ebe5f96c546e04c18
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
84f8061a68058b0dd35d1c7c2bd4b475e6ab38d4374dc9f8394257be457570cb
8e3737c1cbde4b54f6c8b42fcb3448200d1321b3b514684fcff6411f7e93c63d
8f0f25b48809c0c10a3c8801b4dc1105195b191b63868e91212a3d7be5915aba
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
966f25f3d475693e6b8f5dc579c9533d66fa139aec7301ae73b15cd13a36346b
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa53509f2cac011ab404c2b7a37e19c98fb985c78dcbe7f6198bca45e23c58f0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b349674b658ecfa432c71981f4fb39325d943b1a3470c2811ea0b838cb899d4c
b427d8f35f62c5248275f275507fcff1f57dfcf743d9a95d12083a4ded0768e5
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
b6ef0931a6ba9321f7c669d873d874d7d59fa96439c2efb43aa495fe78e46259
b853b541d9f3a9de9bf1ecb3fad3dcea55d567b1f59222a27221e1ce347dd430
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bcbdc607d96d0e270c95c1d24daf1fb64fb62a5e5f45ecb0972b2b68645e594c
bd426bc6bb6ea8bd48d050e688920f0702efa630e4828aff860dcfb9cd06fdb8
bf2abd4f78e157af7edeba86bb54eb73d623347b8eb2d643e63bb3c430f8a907
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2a35c3a0b6f19456dfa6f943786e7d56a0fd8a7aef92629278c4afe96b3c091
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c7659ffb0d3df377c1234d14b4070c72e387079e938702120b7c4dd2be608f8d
c8dc4d387c4e74a24ffeacb473c5cec08143808458cc0dd8efa153608af4f66f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca5c833a2ff46c47f3953d13504bac21b764e56e05801e3eec1f880eb0dfb18b
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
da5505240e38faf541100f6229da8022c23ee6ca49fffcf6fe1261b85decf801
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e14ff3e75a1030bfcc4f49ce62a2036c3f239b81339024d1745b581ca4e76b35
e31cc671675cb43aed360a6f90c66fd21bcbf634d96864dc1ee65a1e7abac232
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f20e4ea8823e05c7fd9045d5d41ab7c3158a863e7b38fbacd7c5f7dd9e5b1e0f
f2a7e5ade77d712f4303757e9c0c3185f72f24cfa5f5da33bcabc63abd376a1b
f5ffff1bbfb2d10ddac211f5281c9f5dcbcfba2b2c4a0f94e9716ae56acc8535
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443
f9daa48a3c618bb638706d320e646320b4123ffdd3c5a4a8a9a8df505de6fac7
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b
fc6d654cad2a4df7ff1aad315d66e78df3aff0a1ffcb0e217c2cc5184f688103

hubdrive.top Open in urlscan Pro 2a06:98c1:3120::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

93 %HTTPS

56 %IPv6

34 Domains

52 Subdomains

45 IPs

8 Countries

2723 kBTransfer

7819 kBSize

21 Cookies

1 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hubdrive.top Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

93 %
HTTPS

56 %
IPv6

34
Domains

52
Subdomains

45
IPs

8
Countries

2723 kB
Transfer

7819 kB
Size

21
Cookies

139 HTTP transactions
10 data transactions