ineslebuhan.com Open in urlscan Pro
2606:4700:3034::6815:3070 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ineslebuhan.com/
Effective URL:
https://ineslebuhan.com/
Submission: On November 23 via api (November 23rd 2023, 3:50:37 pm UTC) from US — Scanned from DE

Summary HTTP 82 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 20 domains to perform 82 HTTP transactions. The main IP is 2606:4700:3034::6815:3070, located in United States and belongs to CLOUDFLARENET, US. The main domain is ineslebuhan.com.
TLS certificate: Issued by GTS CA 1P5 on November 21st 2023. Valid for: 3 months.

This is the only time ineslebuhan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	2606:4700:303... 2606:4700:3034::6815:3070	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:6ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:0:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	176.34.182.11 176.34.182.11	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
82	26

24 2606:4700:3034::6815:3070 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ineslebuhan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6ad (United States)

ASN13335 (CLOUDFLARENET, US)

code.ionicframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:0:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d4201c5af00061f4da322f982afa9c1f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.182.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-182-11.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	ineslebuhan.com 1 redirects ineslebuhan.com	1 MB
20	googlesyndication.com d4201c5af00061f4da322f982afa9c1f.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149 pagead2.googlesyndication.com — Cisco Umbrella Rank: 97	244 KB
14	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196	269 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	223 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665	668 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	35 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 16137	183 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 668	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139	1 KB
1	waust.at waust.at — Cisco Umbrella Rank: 39728	7 KB
1	ionicframework.com code.ionicframework.com — Cisco Umbrella Rank: 17330	9 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	5 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	24 KB
82	20

	Domain	Requested by
24	ineslebuhan.com	1 redirects ineslebuhan.com
14	securepubads.g.doubleclick.net	ineslebuhan.com securepubads.g.doubleclick.net www.googletagservices.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
4	www.googletagservices.com	ineslebuhan.com securepubads.g.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects ineslebuhan.com
1	www.google.com	tpc.googlesyndication.com
1	mug.criteo.com	ineslebuhan.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	whos.amung.us	waust.at
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	d4201c5af00061f4da322f982afa9c1f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	waust.at	ineslebuhan.com
1	code.ionicframework.com	ineslebuhan.com
1	ajax.googleapis.com	ineslebuhan.com
1	cdnjs.cloudflare.com	ineslebuhan.com
1	code.jquery.com	ineslebuhan.com
82	26

This site contains links to these domains. Also see Links.

Domain
whos.amung.us

Subject Issuer	Validity	Valid
ineslebuhan.com GTS CA 1P5	`2023-11-21` - `2024-02-19`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
ionicframework.com Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://ineslebuhan.com/
Frame ID: 1E507494027A36886ADA5BCEA58183EC
Requests: 53 HTTP requests in this frame

Frame: https://d4201c5af00061f4da322f982afa9c1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D3D99EE7B64204A897C3EF0680732B22
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZHsVf-gW0R96EEO9KOYmt5bXXq9AipzTmtf1dP0uU5eCeLYqsVmeF5kE2nQp4eK9bppShr6pkx6ciOqEZCaDJ3gyDgBzS-7-Z-4xaRRcvwHCDctMkh-awpRz051rEQdtozpVNerOh9Pvq_XkIrus-kfUbElrtz-zoE8ArhXjUjFZJYFXZb4Q_WHBoFWOIaTc6dcJqVrz8RlVTYgNHhxLiAGSOP7S-enbLrZ4i-66NYG3wlm5-G0z6oIDe381LJDFb1O-3m63Y0X7wrUqxoSnfXfRbkycFQtL-7Ix6ISdfBl2KgynvmK3LlE7DB2u6JXt74XOKB1aleoAPB5FVTHmt5ePJeedJFsk52ZEyRnQHtcKqgWWQLA&sai=AMfl-YSzLGpRvapn9SkUgfCS7n_HZvhPQA9FCIXbb3VvxO0v-B6bEQH5oJLx4N9BhB2XGNgOWd5JpOajjoTmOmgBr8Zp-RCDOfJNxsZMDKwhKZ9ujcKhet_vSMzkNJeKZVfVB6AdSgg1iZQ7-1DZn6erT1kO&sig=Cg0ArKJSzLjr5RuxQJ74EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: A5A818A8BC76DD057290E027DB2EA476
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ineslebuhan.com
Frame ID: 053CD69EABDBC0BE25859BD7A35CC569
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 78D6DD7EC7EBA77B0443B693757D04E6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTuSLdEwu3cIxx-Yx23eQ3l5YS-XhZ4t11ZMjUKScKcgxKHGv853s2jyI-78hFb4Y69aBtZT7FZ9u5miiOKTsKzzuuc0OFF2-W26tgSGBGOpdKWiQ0vOqFGfw3tkAqwzjZrSNn2C7Dr4y9t_vjIvTSYUJL-25znpZ6jEH7CpdVkBz0ublusskYarRTS0h6SV5GqLz-q6iVy_nNxQUY_esSh5ZKB4pHusifuJHIOIoqD5KqWc-swdrYosuYsFbm8tNqAA8VFk-UtdmV1-98wYl-cdmlYdfiWBMeHWtP9mziFuon816UYfxB_rhlr2N1M4eWU9v9MCXBcqWeiwsJzxiLIAj5DoarjE7BcSdv871MflkWILroLA&sai=AMfl-YRHe4ieU3N-QP_56FmE7ZhgKuGANJ-3d5TTS6G1yL9-xXF6cARvcs8CT32f2h9eyIKQBNd7Lpbln3k7CaOi8T-qQbW5Q5xxhAQXiYq0s3I0Y-4tP2yfRoiTNkmASUAgpI_VBI2wN8kPjFM9XOgMeJg&sig=Cg0ArKJSzB1flMC_RpQHEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 0F94B6B98A024432384621843830F2F8
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukULSwx55DGEMlK4V3rDK0Ajdrszti1UOh00QQKNugh5rThfa6TI6Ikczg_B71rPCv6bIyk_BQeeChuNCUaNnJds3p_RLWEWdsc8sC-AT30_jZcwsCBSNz-o4zoCrLb1YDsGZ-70a9zg8fn-76V9rF4nPLe9_bZtJ4I8AVUM_-QSdB_jD0qU_fND10NHNV_puToC-Zd77i3cki-O6lJPgCx9bO_DFB41g3b8FvnJHHRD6KC1Eb1aTYVPr0QTfYqf4iS-Sd3bEfcwzbcu3PKQL_BvKKTLlJCujOUpmpYLuDVg0-0btOGFTL6KJKjr8yKeVhBxEt2uYQjQ6ojbRwONRRNjnsXFDOG2OV0qIwc-U7OLM6snSuZA&sai=AMfl-YQPJNeZYAaATryMSOZOfnAD2GXTaaSbIu8Qa70TNYeLXJZJIm01k_mx7AhUA6ixX7HR4KNQlQvovY7lkGqU6VRmrUO5HPQgVk-7XbE6XTuv3Yb1DumbEGBGiB0Hfns6GP3Zh0V3brDLoBxbA9SyVO4I&sig=Cg0ArKJSzBzBeimARogpEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 76DD4198BF268BF9DF61867C33886821
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9D8E6E7D456B1BA16256DE04999BBCBD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 156FB8879E3B35EB373CE24E8C938A0B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

INESLEBUHAN – Viagens & Turismo

Page URL History Show full URLs

http://ineslebuhan.com/ HTTP 301
https://ineslebuhan.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

82
Requests

96 %
HTTPS

72 %
IPv6

20
Domains

26
Subdomains

26
IPs

4
Countries

2336 kB
Transfer

4098 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://whos.amung.us/stats/llf1hoh5bf/
Title: 28

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ineslebuhan.com/ HTTP 301
https://ineslebuhan.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://oajs.openx.net/esp?url=https%3A%2F%2Fineslebuhan.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fineslebuhan.com%2F&rid=esp&cc=1

Request Chain 59

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ineslebuhan.com&sn=ChromeSyncframe&so=0&topUrl=ineslebuhan.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=IZB7WXwxdUZndUlGbzJ5SjI1bkI4cnVYQkRNV2IvK0pqMHR0NlpkSXQ1blBuSWpvMTFnR3JmaHdQUjRXVEtId09HMTJhVkNMN283bjBuZklHeHh1N2dkOW4rLzhSZXFmSXBJaUJ2eXZEUXUvYWpKY25nK09yb1lVa2FvYy9kckxWdUlFMjBSZW5hZlJLUmtrblN5QTNCcktmd1dBeW96YllMRFp3WjlUMkg1elV3Z0R3aUxzZytOenNad2ZxOGtzK0JpVWVZVkFQd05wQ0FGQjc5RDNIS3NQdVJkaFRKVVdyc3N1aXJQKzV4bldFWWd3QnBFUk5XUlNUc3BQTkNGU215MmJyQ2FpQmdjaUFqdTBlODN6RFpsakc5Zz09fA&cppv=2

82 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ineslebuhan.com/
Redirect Chain

http://ineslebuhan.com/
https://ineslebuhan.com/

42 KB
10 KB

2294ms
2234ms

Document
text/html

2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e5d3cdde63dbe2b372b3cfc6c9ecb7400e772f4ba2e47157ab6a5ae4b63efef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 82aa91347b369bc2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 15:50:21 GMT
link: <https://ineslebuhan.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BSgthp7cly50dqyxxKPVt1KooZVnSJwlybiU7r%2BC%2F%2Fhp22GyNJGExlHrOAzYZVkdiGOE%2FKGeRvkvjhjpEUF9Fb45aDDfYH2oMmiG9Z033G2aGJbSazepPA5u%2BK%2BlosdZeViWnE9ZPYwFnCi9zQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
version: MS23102701
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 82aa91336e1f361f-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 23 Nov 2023 15:50:19 GMT
Expires: Thu, 23 Nov 2023 16:50:19 GMT
Location: https://ineslebuhan.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3wl929jabY0vF%2BN3k4xnYcBXFklWTafUsfnovVSmEfW9NGdprLTufCV3zy0g%2Bu1Yr4KbRhl512GbHfxPEVKXocSearwSg%2B9MOZA%2BieaJNLIFvHwq4%2FpNuO4V1eNJaIRI6oCAG4H0C0rrCK6plA%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 87ms
22ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: ineslebuhan.com
URL: https://ineslebuhan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://ineslebuhan.com/
Origin: https://ineslebuhan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5952417
x-cache: HIT, HIT
content-length: 24038
x-served-by: cache-lga21982-LGA, cache-fra-eddf8230116-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1700754622.905839,VS0,VE0
etag: W/"28feccc0-1111d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 116, 303270

GET
H2 200 aes.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/ 13 KB
5 KB 92ms
31ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 906785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4256
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-3430"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hx0fp3t%2BQHBy%2Fe%2BXAnd4dMeFWBqimPNHTvrfhistgerDPQtu1ri%2F4%2BHAkzfWvwA78YSqbjErCfWT3CAF59D4DpU7yKL0qzGlMNhJy18ehdGO18SA1DG6Sxpij928WtF%2BtCJSCDBSoKI7g2WASfb9OXA2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82aa9142eb99996f-FRA
expires: Tue, 12 Nov 2024 15:50:21 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 86ms
22ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:54:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82567
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Nov 2024 16:54:14 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
30 KB 339ms
79ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2b05132848b6f8fce53d1d7e13467abeda4da68613821ea774f9839f9b3a826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30632
x-xss-protection: 0
server: cafe
etag: 691 / 19684 / 31079745 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:50:23 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 101 KB
31 KB 375ms
115ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec889ecd723b5dde5e8d63a1b6cf336834a2c8a674fa1a46d7a08ee7a5427df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31631
x-xss-protection: 0
server: cafe
etag: 974 / 19684 / m202311090101 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:50:23 GMT

GET
H2 200 900d036e51e43f1ca91474469f6ca828.css
ineslebuhan.com/wp-content/fonts/ 7 KB
1 KB 33ms
30ms Stylesheet
text/css 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-content/fonts/900d036e51e43f1ca91474469f6ca828.css?ver=20201110

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a126fce9f6de67a48df3478b9a6c69ac8c3468dcd9e1b3b6ccc670b31aebaa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:21 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 414184
cf-polished: origSize=8695
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Sun, 09 Oct 2022 23:25:55 GMT
server: cloudflare
etag: W/"63435883-21f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8QhbD2qaTMeDwBydx9pAlkpyWeTT2yU3RlsjMk06hNFwQ1SbRsCniBD9X6mzdy81iQAF9W9y4IVX4dkn5HjiBJPVjGMsgZNScQXMBEk4mvwI8PWE9C%2FlEiLInE%2BLLefwO3tvVkOgPmpUMH5NJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 82aa914289dd9bc2-FRA
version: MS23102701

GET
H2 200 style.min.css
ineslebuhan.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 35ms
33ms Stylesheet
text/css 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:21 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 414184
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 Nov 2023 23:34:36 GMT
server: cloudflare
etag: W/"654ac98c-1add3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cf%2BOpKmwBAFaASQTSNFcuXExeVAJdHVlH7fo9rVXKMiKdSGSmecwpj%2ByjsXySagb9uPr76KRLKGexE9mjkoNAjuBw2SQGaeDcuhMqgiuE0JzujkvXQlsXyyHpqrauz4d%2FTUwoUY0RZY35FFg378%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 82aa914289e09bc2-FRA
version: MS23102701

GET
H2 200 style.css
ineslebuhan.com/wp-content/themes/dynamico-mod-1/ 71 KB
12 KB 36ms
34ms Stylesheet
text/css 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-content/themes/dynamico-mod-1/style.css?ver=1.1.3

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c89e9728307bda1b23629de0166e8acc08538298d30cf71cc2b857efbf4915e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:21 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 414184
cf-polished: origSize=91167
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
last-modified: Wed, 15 Nov 2023 01:37:28 GMT
server: cloudflare
etag: W/"655420d8-1641f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgKX64%2FzSmWHvOzdvS2LO%2FNOGIYF5KrBcNhnzCjxJ9Z2jTY5XMPA1UpLZOMnHKjGAbRQtPFgfNgUY6gDXMa2Sx%2FocF0adMV3tOnyWTZnWiw0pH25myLl5E1X61fY7LAIwX7A%2FjxDfXAHNJl3Fyw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 82aa914289e19bc2-FRA
version: MS23102701

GET
H2 200 jquery.min.js Show response
ineslebuhan.com/wp-includes/js/jquery/ 86 KB
31 KB 902ms
900ms Script
application/javascript 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:22 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 07 Nov 2023 23:34:38 GMT
server: cloudflare
etag: W/"654ac98e-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jAqvjEG6KTS%2BgKZky4yk7PFh89gTeWD4aqk6QqFHMD4vrHpp2BgicJqZaCqXlyXrwMDXm93ZI6utyjxRiiyF0K%2B6ZWvugDlRSta4EuEIp6e%2B4DZAA8jCV9iHINw65kMXNBGXPTvYF7iATSSUTwE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 82aa914289e29bc2-FRA
version: MS23102701

GET
H2 200 jquery-migrate.min.js Show response
ineslebuhan.com/wp-includes/js/jquery/ 13 KB
5 KB 630ms
628ms Script
application/javascript 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:22 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 08 Aug 2023 23:34:36 GMT
server: cloudflare
etag: W/"64d2d10c-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpiM7mKeOVHPcXCIirlaKIFJHuI%2BUfMwZkRh3zmgq8oeqwTYsCexkKzrrBcEZHdTVcGg5c2qjuFCowlS5t%2Bx3s9Ae9f%2FTHOPDBZQMhmdGmeHw1zNx6pV1So2gqiVrZPci2S2djBTrdRcUbF2LWc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 82aa914289e39bc2-FRA
version: MS23102701

GET
H2 200 svgxuse.min.js Show response
ineslebuhan.com/wp-content/themes/dynamico-mod-1/assets/js/ 3 KB
2 KB 622ms
620ms Script
application/javascript 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-content/themes/dynamico-mod-1/assets/js/svgxuse.min.js?ver=1.2.6

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:22 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Nov 2023 01:37:28 GMT
server: cloudflare
etag: W/"655420d8-b6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7i%2BzyjN01mOICaWqiPTa%2FD2kLsAgfkbss5eNx%2BUZGDnFcNjloWwUMvsAtzzhw3bXpcAiW9eeKVCEXLKJinRzyv8OEs9UkfcDTmcezkk3PLkA%2BctgOr08OBhdhFLQ92Z1%2B%2BbSSpAXUcG6%2Fm4iI28%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 82aa914289e49bc2-FRA
version: MS23102701

GET
H2 200 ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 50 KB
9 KB 127ms
56ms Stylesheet
text/css 2606:4700:20::681a:6ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by: Host: ineslebuhan.com
URL: https://ineslebuhan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-fastly-request-id: 63f06b6716b82212c244f02caed18b657509efd4
date: Thu, 23 Nov 2023 15:50:21 GMT
via: 1.1 varnish
content-encoding: br
expires: Wed, 25 Oct 2023 03:57:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32030
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230044-FRA
last-modified: Thu, 13 Apr 2023 16:20:19 GMT
server: cloudflare
x-github-request-id: 4B1A:113C:F2DFC:F895D:65388FD4
x-timer: S1700722591.045081,VS0,VE1
etag: W/"64382bc3-c854"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2JLCNaHBI18vk7amVFALc%2BvgHhNpYdprSbx4QMnPdGv99KK3V7hID%2BmCcipw4JiMpE6eTYd0pzziwDTpQyF8YzUhkVIf3MJuXVC5voD0GoHvCLp0ysG76f86yB%2Fm8RkhaeQ0nKTf4tam1cqwSzvLNWr1WwpF"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 82aa9142fb405d7b-FRA
x-cache-hits: 1

GET
H2 200 fc-main.js Show response
ineslebuhan.com/wp-content/plugins/forca-clique-jp/ 2 KB
1 KB 622ms
621ms Script
application/javascript 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-content/plugins/forca-clique-jp/fc-main.js

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b511a24b50ccc7516e02e7fa88f4de0c60e9bd0d861662d407dbbf49187fd15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:22 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 24 Feb 2023 14:49:16 GMT
server: cloudflare
etag: W/"63f8ce6c-9be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hzwg5X7LwXpSbaRqHoka0jli5ff7C7Ua3MjWlMufU6kE6XhDi%2B%2FPebWk%2Bk9ToATU6WwLaPakWLyxH9K9VwzSNalKlQfaxzk1Q8IDOQ407F6BuT1jJVxVEFZ86dMt14wO8ukg6ayQooMiDmvVKZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 82aa914289e69bc2-FRA
version: MS23102701

GET
H2 200 Portugal-cria-bilhete-de-trem-com-viagens-ilimitadas-por-49-euros2-1600x600.jpg
ineslebuhan.com/wp-content/uploads/2023/11/ 233 KB
233 KB 1099ms
1098ms Image
image/jpeg 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ineslebuhan.com/wp-content/uploads/2023/11/Portugal-cria-bilhete-de-trem-com-viagens-ilimitadas-por-49-euros2-1600x600.jpg

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b7b9c80b14c4338fc09c80811c1cf5637b33c4221adafe382a6568099e53270

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:22 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 238248
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 23 Nov 2023 15:10:09 GMT
server: cloudflare
etag: "655f6b51-3a2a8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVnZG677aM5ZFSGm2EWODqPaGqi6ZdUULGG%2F8nzGlNJOevXPg%2B8%2FbKEJJBIdbfnIoahz%2FoA0M2PXrl%2BO7xsVDM4wndKTicJAG85WwFd1SxSWlZliPn5ACBjlL0O7DCLzf6b7QCp0dhMqBR0g0N8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82aa914289e79bc2-FRA
version: MS23102701

GET
H2 200 Quanto-custa-o-visto-americano-em-2024-turismo-estudos-e-trabalho-1280x600.jpg
ineslebuhan.com/wp-content/uploads/2023/11/ 90 KB
90 KB 1096ms
1095ms Image
image/jpeg 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ineslebuhan.com/wp-content/uploads/2023/11/Quanto-custa-o-visto-americano-em-2024-turismo-estudos-e-trabalho-1280x600.jpg

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bae27b7a700a8ddb6874cc6afc34de267e8fb4e953eba1b271e0ca7d15178454

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:22 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 91703
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 22 Nov 2023 19:14:16 GMT
server: cloudflare
etag: "655e5308-16637"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4J9JwmsDgt%2FaI2SHLlTKYycDdNraq9Bt3JA1W6P7Ec2tmB%2BIXSzdbxRpqINssv5VVh8o%2FQCQibFJ6lkHM1Bo922lG8lbAOQDinq9HIwdV4N8KJjHPa4j14yZrbQV4RuIw5LRAP5NcHzfXFo9KI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82aa914289e89bc2-FRA
version: MS23102701

GET
H2 200 Quanto-custa-remarcar-passagem-aerea.-Precos-na-LATAM-Azul-GOL-e-mais-1200x600.jpg
ineslebuhan.com/wp-content/uploads/2023/11/ 162 KB
162 KB 1088ms
1087ms Image
image/jpeg 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ineslebuhan.com/wp-content/uploads/2023/11/Quanto-custa-remarcar-passagem-aerea.-Precos-na-LATAM-Azul-GOL-e-mais-1200x600.jpg

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e08e0888612d864cdf87065ba7690e06d8ab7277c6ae2b538f3fd5caee636a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:22 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 165619
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 22 Nov 2023 20:46:13 GMT
server: cloudflare
etag: "655e6895-286f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2FJ2luo7yB9hhIU64Y7Ft2OBeGAF34bXN%2FjiuKCbL%2FVJdYb0oSVm4z2L7ji4QPVSHwabvPd8AJNxNvfKZH66xjmBmQDwxGMP%2Fccj0jLHk3FzxlZ5Qgt6Lfv4x6YN0QeWCg%2B4tFPFRE9GrvzNCf0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82aa914289ea9bc2-FRA
version: MS23102701

GET
H2 200 d.js Show response
waust.at/ 14 KB
7 KB 294ms
39ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: ineslebuhan.com
URL: https://ineslebuhan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 739
etag: W/"63c04119-3972"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8hc13qXIJMgzM484HibdoJq%2B2u9fGkKrrnYzE8Z%2FMwnkXqgYUZ4F0TNCRi7yOIqgaLBqH04IoOzfz3Lp0c0ctszzn%2BGt7ki7L8x3UTXZY31ykt7g08QainmF6sXpg8b04JRhs90"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 82aa9149dc8e9974-FRA
expires: Fri, 24 Nov 2023 15:38:04 GMT

GET
H3 200 close.png
ineslebuhan.com/wp-content/plugins/floating-ads-bottom/images/ 718 B
1 KB 635ms
634ms Image
image/png 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ineslebuhan.com/wp-content/plugins/floating-ads-bottom/images/close.png

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d50a82cbf1b41068353ddf2589695da59293e5e0d0081e432acc5a83df3428b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 718
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 01 Oct 2022 17:07:06 GMT
server: cloudflare
etag: "633873ba-2ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ehDHvx0FzpM47Ad5WOdaS%2FGUK1bk3cB8HLh4nwOHbn8JrF%2F3OV5uaOLl6Yt4OeyFrDlfSTn7P4%2FpYTMNVsenLVv3LAIU7vFCNSL4cUl1JVqHt2ExHLaEtx9oA5JUebJAGyW7mzkA%2Bch7vMIp8j8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82aa91484ee41cbb-FRA
version: MS23102701

GET
H3 200 navigation.min.js Show response
ineslebuhan.com/wp-content/themes/dynamico-mod-1/assets/js/ 2 KB
1 KB 669ms
667ms Script
application/javascript 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-content/themes/dynamico-mod-1/assets/js/navigation.min.js?ver=20220204

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78c1e9dc188fdd4ae7efcb58d9558b3c6a74907adc3493a9c26aaee5cca96302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Nov 2023 01:37:28 GMT
server: cloudflare
etag: W/"655420d8-81e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fNhWvq32NveJQnE%2ByMLWUIlt1RfL5CRvyo2cLFGEe3SVjnhmXulHOFyAX2VE8CBmtgYg%2BPYeQMXclzP97jwdXka3kfzOnPfU3%2Ffdz4ETTqmLl61PmBpDPAbiDNl%2FZHRcQ7C8UFhVtacM%2FebeBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 82aa91484ee91cbb-FRA
version: MS23102701

GET
H3 200 video.js Show response
ineslebuhan.com/ 2 KB
1 KB 633ms
632ms Script
application/javascript 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/video.js

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b363ce04cbe792aca75be004b831f76b6e00d8b08a0391640a708092b753ef20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Nov 2023 01:39:36 GMT
server: cloudflare
etag: W/"65542158-8e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cbq%2BPBRU3ksRUirYuCnfjFH8IrJDXlP6XYetMRW5L85zwyzPQTbXvLEolPP22qSQkFgDgMtpehg2bV94wFQ1iJPnB8DKOQffSaMbDbkYstBkaIKDm%2BepZyjv8%2F1hTXLWIdYZkmdCDByw%2F1XNXrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 82aa91484eec1cbb-FRA
version: MS23102701

GET
BLOB 200
OK 835d384e-fbe5-42a0-bd28-9c1d340a15d4
https://ineslebuhan.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ineslebuhan.com/835d384e-fbe5-42a0-bd28-9c1d340a15d4
Requested by: Host: ineslebuhan.com
URL: https://ineslebuhan.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 genericons-neue.svg
ineslebuhan.com/wp-content/themes/dynamico-mod-1/assets/icons/ 27 KB
9 KB 657ms
656ms Other
image/svg+xml 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-content/themes/dynamico-mod-1/assets/icons/genericons-neue.svg

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 15 Nov 2023 01:37:28 GMT
server: cloudflare
etag: W/"655420d8-6d66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0DrRGytLwWXBkMT9sSETxSy6wrl0oP%2B8s3Od%2B4ofb1DJtUXdt0SDeyVI4EQDENVoKmGpXs4knYn%2BgnQk24ePsMsOJ3AjQHU%2BcW3sItlbEfc01T7YthA0n1KL5ATwu7hyJ055IBuAJ%2FXwyc%2BJak%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 82aa91484eed1cbb-FRA
version: MS23102701

GET
H3 200 4iCs6KVjbNBYlgoKfw72.woff2
ineslebuhan.com/wp-content/fonts/ubuntu/ 34 KB
35 KB 888ms
887ms Font
font/woff2 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-content/fonts/ubuntu/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/wp-content/fonts/900d036e51e43f1ca91474469f6ca828.css?ver=20201110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ineslebuhan.com/wp-content/fonts/900d036e51e43f1ca91474469f6ca828.css?ver=20201110
Origin: https://ineslebuhan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 34852
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 09 Oct 2022 23:25:54 GMT
server: cloudflare
etag: "63435882-8824"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F09gKQS8LY4KZMHKXBjAVfJuGDZF8JhA00x0nEwXTtLDcawfL83oTcoMeiOpXQKdxd5Vdb4laLGBCZEGCe2y6I30cSC4N4%2F9ULY6QzvQYIr4ct8vTDV8GM4obnMxkzT659AL7yGDPYmicRzRwv0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82aa91485eff1cbb-FRA
version: MS23102701

GET
H3 200 _Xmr-H4zszafZw3A-KPSZut9wQiR.woff2
ineslebuhan.com/wp-content/fonts/francois-one/ 17 KB
17 KB 810ms
810ms Font
font/woff2 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-content/fonts/francois-one/_Xmr-H4zszafZw3A-KPSZut9wQiR.woff2

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/wp-content/fonts/900d036e51e43f1ca91474469f6ca828.css?ver=20201110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0bd96d397412285e6de03d4b9a8168c61b6f6968776382dc0e7c83d269b88dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ineslebuhan.com/wp-content/fonts/900d036e51e43f1ca91474469f6ca828.css?ver=20201110
Origin: https://ineslebuhan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 16912
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 09 Oct 2022 23:25:53 GMT
server: cloudflare
etag: "63435881-4210"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01zOtS6aQ4qvmC0mk7Jb6hSgoPKgwe05EqvizaxzVDexc8IGJALQJrbYRS8JpdgMf6h30xrBqTw0hYlmHZ1F5ZN3XD94L77aYbIQwRca0hT8qz6t2ojpo3LDEh0a0qZxM62bUORnntz83ZsTfgk%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82aa91485f021cbb-FRA
version: MS23102701

GET
H3 200 4iCu6KVjbNBYlgoKej70l0k.woff2
ineslebuhan.com/wp-content/fonts/ubuntu/ 36 KB
36 KB 916ms
916ms Font
font/woff2 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-content/fonts/ubuntu/4iCu6KVjbNBYlgoKej70l0k.woff2

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/wp-content/fonts/900d036e51e43f1ca91474469f6ca828.css?ver=20201110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af186659e415490e7eee1bd3c8d511771dbd3e03ddbebf6b6a5096ac8ba29449

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ineslebuhan.com/wp-content/fonts/900d036e51e43f1ca91474469f6ca828.css?ver=20201110
Origin: https://ineslebuhan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 36564
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 09 Oct 2022 23:25:54 GMT
server: cloudflare
etag: "63435882-8ed4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpNl%2FrSvQZoVAlWffZh77%2BqQ5ZHbrlqZLbyixH%2B6N6TwzGJryoR4aDHiC%2Bysh6sGwsK3e11EG1PwCP1BqHYj8UhyMMmAIKEnPQLm0Q2BOqy3C%2F0ZdJmTkT88%2F2XJ6NanPVZZvFAuNyHQrNguxC0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82aa91486f1e1cbb-FRA
version: MS23102701

GET
H3 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
ineslebuhan.com/wp-content/fonts/ubuntu/ 29 KB
30 KB 896ms
896ms Font
font/woff2 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-content/fonts/ubuntu/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/wp-content/fonts/900d036e51e43f1ca91474469f6ca828.css?ver=20201110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ineslebuhan.com/wp-content/fonts/900d036e51e43f1ca91474469f6ca828.css?ver=20201110
Origin: https://ineslebuhan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 29752
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 09 Oct 2022 23:25:55 GMT
server: cloudflare
etag: "63435883-7438"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2COskroN4JtLjcDBmK7st%2BudSqJ%2F0og0d53Oo21yE1MKFvWSCgEb8xxhWvzUdBF2Qj8hFwLCA3CtNKyDyFtDM9F9VQfOPedynWW1GSaoKuO%2B%2Bk0rbbHLW2XLWpTUGbnh5qA%2FgcZfaG0a4IXOeqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82aa91486f201cbb-FRA
version: MS23102701

GET
H3 200 Como-chegar-na-Chapada-Diamantina-saindo-de-Salvador.-Capa-1254x600.jpg
ineslebuhan.com/wp-content/uploads/2023/11/ 472 KB
473 KB 1084ms
1083ms Image
image/jpeg 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ineslebuhan.com/wp-content/uploads/2023/11/Como-chegar-na-Chapada-Diamantina-saindo-de-Salvador.-Capa-1254x600.jpg

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf3277171d232385d49523c16008867dedcfefa96bbadef851e049dd078f1d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 483213
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 21 Nov 2023 21:00:09 GMT
server: cloudflare
etag: "655d1a59-75f8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0r7qKirfuKLs9lFNJRvQicTN4J6atyGPBKZhoan4wdojH%2FsWVBX2IpRNBLXk7Gw3ycON%2FN4xOC0DrAR8Zdf2KoYaq8eacLp3iXKZInsqxt2mj9eab9Tbg4w%2FOueQj9m6umq6hxhD%2BvdATGWRCY8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82aa91488f521cbb-FRA
version: MS23102701

GET
H3 200 Quanto-custa-viajar-para-Buenos-Aires-media-de-valores.webp-1400x600.webp
ineslebuhan.com/wp-content/uploads/2023/11/ 158 KB
159 KB 1060ms
1060ms Image
image/webp 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ineslebuhan.com/wp-content/uploads/2023/11/Quanto-custa-viajar-para-Buenos-Aires-media-de-valores.webp-1400x600.webp

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7ffad29f97621fd51db0ba889e154f0ce29196d3bb0fbe0774742a076478e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 162280
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 08:54:10 GMT
server: cloudflare
etag: "65572a32-279e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6HrYfKi5hQhYr5PPzvcA7xC%2BibrpDTotCMthBg%2FMlwlq4Ajn9YcZnP4703IfIZnpgP2juNSF9%2FPoJkzQVhTLtwWXNIoMN0gyltW6e7DdDfZOP1k0OpftwAdbUOYQbCkeqjlVapFEmcLRgFXaHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82aa91488f541cbb-FRA
version: MS23102701

GET
H3 200 Lugares-para-passar-o-final-de-ano-em-SP.webp-984x600.webp
ineslebuhan.com/wp-content/uploads/2023/11/ 113 KB
114 KB 1100ms
1099ms Image
image/webp 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ineslebuhan.com/wp-content/uploads/2023/11/Lugares-para-passar-o-final-de-ano-em-SP.webp-984x600.webp

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2617e13fbf03fbd68d48d4f0cd2bd783396a0011b9da388c6074e43b0eb8649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 115670
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Nov 2023 10:26:11 GMT
server: cloudflare
etag: "65573fc3-1c3d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xXivbOzsWwMm0u1O2u8HP4hqpLIUQVNP%2FTRb7C9roQiZYGzTyyyyrU7%2FH%2B6MKMdYRbsbuc4rs9nKi6BJURL6LlOhvY%2FA2TzBdedzZCy0H%2BBwVrH5LcNNDibZ3HbZf1APPZ1Kj4pynsiJIjx%2FI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 82aa91488f591cbb-FRA
version: MS23102701

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 431 KB
135 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34466
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138149
x-xss-protection: 0
server: cafe
etag: 11558412289700915514
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 22 Nov 2024 06:15:57 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 118ms
39ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: b6a9a620cb5c4cf5836ec55bca6d1aa8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 121ms
24ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 03:26:36 GMT
content-encoding: gzip
age: 2550227
x-guploader-uploadid: ABPtcPomD9PwI-x1w_qV94tV1ozSRGR8ZeUKPfmAcHMXugM_rapxZCGwrYNwQRfVOUUs3oMWA37p8xfLMlvY-C9eeSMu
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 24 Oct 2024 03:26:36 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 419ms
332ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 24 Nov 2023 15:50:23 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 103ms
25ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 07:38:20 GMT
content-encoding: gzip
via: 1.1 f2fa38e6635ded6d22a69d089217bc90.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 29524
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: gjN6Fviah_76QYaJuU6zZWa9-xxeFxuBUms90C8YyMVPxK4vBWuFog==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 90ms
21ms Script
text/javascript 2600:9000:2250:0:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:0:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Thu, 23 Nov 2023 10:03:28 GMT
Via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 20816
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: E0lCYEz-LNstjGv8HxzVhPrMD3uIavlnJIjg3PBiP7aWunwKDv0saQ==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 115ms
38ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 34384
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230099-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIQsZFnkma95qmTHI%2BoeIb%2B5C%2Bm8hl27aZ6XPBlA6Scv%2BWnkhIkTjJBa9dsyeMHm1PZ6Kfup%2B2BkfxxSCvJiwsp2A2j6EnWGkxgZCqMwdY3P5kZhekZjcwMZpMPwknJ4o3uCqdUuQ%2BdsIG2qvXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 82aa914c3e722c46-FRA

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 156 KB
34 KB 88ms
38ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22a1257891d7523261ed7426751d43a5dfeb83e2211aed3b71f085b5a45149ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 22 Nov 2023 08:19:05 GMT
server: cloudflare
x-amz-request-id: JKG7GMDXVPEZ9Z6N
age: 221
etag: W/"6d1031a5affe091aafc4dbcf111418ee"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 82aa914c0c964d88-FRA
x-amz-id-2: RIzSPfnJhm/qmmHvFEYhsdzyNaMAcXkXZ3JhRqPQ0Xc67KRyf5HO97g2Qq9KVS1HSLG0L6tE4XQ=

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
688 B 67ms
66ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1585464199772821&correlator=1024240117108207&eid=31078987%2C31079674%2C31079240%2C31079745%2C31079525%2C31078659&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=22725045473%3A22649815236%2Czonatti.com%2Czonatti.com_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1700754623271&lmt=1700754623&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fineslebuhan.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=531735491.1700754623&ga_sid=1700754623&ga_hid=212442039&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYo5aA578xSABSAghkEhkKCnB1YmNpZC5vcmcYo5aA578xSABSAghkEhcKCHJ0YmhvdXNlGKKWgOe_MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRijloDnvzFIAFICCGQSFAoFb3BlbngYo5aA578xSABSAghkEhkKCnVpZGFwaS5jb20Yo5aA578xSABSAghkEhsKDGlkNS1zeW5jLmNvbRijloDnvzFIAFICCGQ.&dlt=1700754621829&idt=1374&adks=3528888696&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

862326129fb14c4063e163b74fa3b1d42e2ebf10641b11a38ace2065def4e342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 658
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ineslebuhan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
14 KB 429ms
428ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1585464199772821&correlator=1024240117108207&eid=31078987%2C31079674%2C31079240%2C31079745%2C31079525%2C31078659&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=22725045473%2Czonatti.com%2Czonatti.com_Anchor&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700754623282&lmt=1700754623&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fineslebuhan.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=531735491.1700754623&ga_sid=1700754623&ga_hid=212442039&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQYo5aA578xSABSAghkEhkKCnB1YmNpZC5vcmcYo5aA578xSABSAghkEhcKCHJ0YmhvdXNlGKKWgOe_MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRijloDnvzFIAFICCGQSFAoFb3BlbngYo5aA578xSABSAghkEhkKCnVpZGFwaS5jb20Yo5aA578xSABSAghkEhsKDGlkNS1zeW5jLmNvbRijloDnvzFIAFICCGQ.&dlt=1700754621829&idt=1374&prev_scp=position%3Dbottom&adks=3936038489&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fa8ad37115a8aac954296bc716840497feb5662588b7bcf8e11741158a6ed6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14696
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ineslebuhan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
25 KB 598ms
597ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1585464199772821&correlator=1024240117108207&eid=31078987%2C31079674%2C31079240%2C31079745%2C31079525%2C31078659&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=339263271%3A22646364107%2Cadex_ineslebuhan.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=400x333%7C451x375%7C360x390%7C412x318%7C280x250%7C300x250%7C324x250%7C412x446%7C320x266%7C375x280%7C320x250%7C360x280%7C393x425%7C432x360%7C393x327%7C360x300%7C424x280%7C377x280%7C360x504%7C377x314%7C412x280%7C414x345%7C393x280%7C375x312%7C335x250%7C320x346%7C412x343%7C361x300%7C424x353%7C424x459&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700754623289&lmt=1700754623&adxs=185&adys=843&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fineslebuhan.com%2F&vis=1&psz=400x674&msz=400x250&fws=4&ohw=1340&ga_vid=531735491.1700754623&ga_sid=1700754623&ga_hid=212442039&ga_fc=false&dlt=1700754621829&idt=1374&adks=1687144826&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

680aa74a003162193118d81b92b04e4fc281867a1c44ed7774542513531acb02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25228
x-xss-protection: 0
google-lineitem-id: 6282713890
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430325756
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ineslebuhan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
25 KB 289ms
288ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1585464199772821&correlator=1024240117108207&eid=31078987%2C31079674%2C31079240%2C31079745%2C31079525%2C31078659&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=339263271%3A22646364107%2Cadex_ineslebuhan.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x600%7C300x700%7C160x600%7C300x1050%7C120x240%7C300x600&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700754623298&lmt=1700754623&adxs=1103&adys=440&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fineslebuhan.com%2F&vis=1&psz=318x240&msz=318x240&fws=4&ohw=1340&ga_vid=531735491.1700754623&ga_sid=1700754623&ga_hid=212442039&ga_fc=false&dlt=1700754621829&idt=1374&adks=2788227243&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

24cf7de0bdc2233de63e042d3d2332fdbb58b349f7375fddbef7b83b9107c890

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25686
x-xss-protection: 0
google-lineitem-id: 6282713890
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138431529261
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ineslebuhan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
25 KB 824ms
824ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1585464199772821&correlator=1024240117108207&eid=31078987%2C31079674%2C31079240%2C31079745%2C31079525%2C31078659&output=ldjh&gdfp_req=1&vrg=202311150101&ptt=17&impl=fifs&iu_parts=339263271%3A22646364107%2Cadex_ineslebuhan.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700754623301&lmt=1700754623&adxs=770&adys=1089&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fineslebuhan.com%2F&vis=1&psz=320x-1&msz=320x-1&fws=516&ohw=1340&ga_vid=531735491.1700754623&ga_sid=1700754623&ga_hid=212442039&ga_fc=false&dlt=1700754621829&idt=1374&adks=128119015&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3e5416718e81f88a84dc0cb3b1b9b48d7ca428c434d425bd03d44d2c7e7cd57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25736
x-xss-protection: 0
google-lineitem-id: 6282713890
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138431529765
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ineslebuhan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d4201c5af00061f4da322f982afa9c1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D3D9 6 KB
3 KB 231ms
105ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d4201c5af00061f4da322f982afa9c1f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ineslebuhan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:50:23 GMT
expires: Fri, 22 Nov 2024 15:50:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/ 39 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl_page_level_ads.js?cb=31079745

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2428653048a13d41cc7aedcb47c0a8398d77a4d4a1cc3f999f9695d5e6d3d528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:16:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34462
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13736
x-xss-protection: 0
server: cafe
etag: 9658267497644244280
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 22 Nov 2024 06:16:01 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
231 B 87ms
24ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ineslebuhan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ineslebuhan.com
date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 169ms
48ms XHR
application/json 176.34.182.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.182.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5c5acfd25bc8a1f6bc55197788630d47cfc7337182483e870d6ce5c2faffa188

Request headers

Referer: https://ineslebuhan.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:50:23 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ineslebuhan.com
cache-control: no-cache
x-server: 10.45.1.248
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fineslebuhan.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fineslebuhan.com%2F&rid=esp&cc=1

85 B
194 B

135ms
134ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fineslebuhan.com%2F&rid=esp&cc=1
Requested by: Host: ineslebuhan.com
URL: https://ineslebuhan.com/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 8072028afe2f54c6be867d84931237e53778c117f21939c0b23cc9a7f807b300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-St/sJV6Ylh7CJMr+OUSG6G41M/s"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ineslebuhan.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 23 Nov 2023 15:50:23 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://ineslebuhan.com
location: /esp?url=https%3A%2F%2Fineslebuhan.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 wp-emoji-release.min.js Show response
ineslebuhan.com/wp-includes/js/ 18 KB
5 KB 637ms
636ms Script
application/javascript 2606:4700:3034::6815:3070
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ineslebuhan.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:3070 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:24 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 29 Mar 2023 23:34:22 GMT
server: cloudflare
etag: W/"6424cafe-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOrefomszxBPGyW%2Foio%2BJ7MErm0OyvRMhSpQiLPolMxvUiEUnh4JQ7wXlBur6mLeHjd2UoZkh4WH904eGEMyyZsecV0UGBjgwDS14Wg%2FgI3TPnyHF9IFYrMvQX%2FGdhptJwj7PcwMpgv%2FI5ko4Uk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 82aa914cad121cbb-FRA
version: MS23102701

GET
H2 200 / Show response
whos.amung.us/pingjs/ 29 B
183 B 200ms
143ms Script
text/javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=llf1hoh5bf&t=INESLEBUHAN%20%E2%80%93%20Viagens%20%26%20Turismo&c=d&x=https%3A%2F%2Fineslebuhan.com%2F&y=&a=0&v=27&r=90
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9641de1c5967c8d9c2e67142b82d402ad9f3602976b36e6f3681917720958d43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 82aa914cf8dd363d-FRA
content-type: text/javascript;charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A5A8 0
0 72ms
72ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZHsVf-gW0R96EEO9KOYmt5bXXq9AipzTmtf1dP0uU5eCeLYqsVmeF5kE2nQp4eK9bppShr6pkx6ciOqEZCaDJ3gyDgBzS-7-Z-4xaRRcvwHCDctMkh-awpRz051rEQdtozpVNerOh9Pvq_XkIrus-kfUbElrtz-zoE8ArhXjUjFZJYFXZb4Q_WHBoFWOIaTc6dcJqVrz8RlVTYgNHhxLiAGSOP7S-enbLrZ4i-66NYG3wlm5-G0z6oIDe381LJDFb1O-3m63Y0X7wrUqxoSnfXfRbkycFQtL-7Ix6ISdfBl2KgynvmK3LlE7DB2u6JXt74XOKB1aleoAPB5FVTHmt5ePJeedJFsk52ZEyRnQHtcKqgWWQLA&sai=AMfl-YSzLGpRvapn9SkUgfCS7n_HZvhPQA9FCIXbb3VvxO0v-B6bEQH5oJLx4N9BhB2XGNgOWd5JpOajjoTmOmgBr8Zp-RCDOfJNxsZMDKwhKZ9ujcKhet_vSMzkNJeKZVfVB6AdSgg1iZQ7-1DZn6erT1kO&sig=Cg0ArKJSzLjr5RuxQJ74EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Nov 2023 15:50:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame A5A8 23 KB
9 KB 98ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:26:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame A5A8 3 KB
2 KB 97ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 10:00:03 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5A8 202 KB
64 KB 45ms
37ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:50:23 GMT

GET
H2 200 10623347239191969753
tpc.googlesyndication.com/simgad/ Frame A5A8 86 KB
87 KB 97ms
24ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10623347239191969753

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1568517715a45794c7b6be1e06b6a9cc34fddd3367d450d53b01a0b23db88f08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 19:11:13 GMT
x-content-type-options: nosniff
age: 592750
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88502
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:47:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Nov 2024 19:11:13 GMT

GET
DATA 200
OK truncated
/ Frame A5A8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fda6b4b72103321c2dafec4f24baaec62cc38c3fa0fb2c5ed8b7791ed07eba6a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 053C 15 KB
6 KB 119ms
36ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ineslebuhan.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ineslebuhan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:50:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 280697
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A5A8 0
0 103ms
60ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2plSPcViIW34dWJLehxebt3nWS1goCRHbz33ox1mmp9KxYiKvDdEhm_FjFxwK1hbUEcBe0SK4v6s1VpsDrXsuaQVbv7Le-mpUBRAOs8aUv2C5QjTsUBEQCyh1ICxtnkj1Tmv83tX8hpzeGfJ8wGFbY88t037Zqy9m2Bs-xliHagzwahuXBPt8WtDhPkyzC_XO-VGhcYBZUxvYtRkvAev7YORlfvNN22r1LexmtLudLAp_QYAyKDsYOlrVWBOxHqv-x3GjZ83PB-V4e5F9m9UPBou7BnHKQbqCH8MsUzCVsq6xbrKU96fwA8npM9luHOS6NPvfyJ86wWSXyMt6vdJiT8vgTTAQNYUktXg6XWlTMX1aSQlv_5OR&sai=AMfl-YTXER4yYi78yL9kG1FL0brg9Mnl3J62VW64jMm33d2gfz2fenEzj_eqHTRnTPia39O5lO1qMeFAweLO6M0L1aw6HyQTdG_n0G4b9IaTtbFhC_OtRBlLeR49XQKm_0sTX4lXD9evgQaYh2hPhh95NeZX&sig=Cg0ArKJSzCAbST0PHt9fEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Nov 2023 15:50:23 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 78D6 0
176 B 101ms
35ms Document
text/html 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ineslebuhan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 23 Nov 2023 15:50:23 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2

200

sid Show response
mug.criteo.com/ Frame 053C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=ineslebuhan.com&sn=ChromeSyncframe&so=0&topUrl=ineslebuhan.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=IZB7WXwxdUZndUlGbzJ5SjI1bkI4cnVYQkRNV2IvK0pqMHR0NlpkSXQ1blBuSWpvMTFnR3JmaHdQUjRXVEtId09HMTJhVkNMN283bjBuZklHeHh1N2dkOW4rLzhSZXFmSXBJaUJ2eXZEUXUvYWpKY25nK09yb1lVa2FvYy...

422 B
651 B

60ms
39ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=IZB7WXwxdUZndUlGbzJ5SjI1bkI4cnVYQkRNV2IvK0pqMHR0NlpkSXQ1blBuSWpvMTFnR3JmaHdQUjRXVEtId09HMTJhVkNMN283bjBuZklHeHh1N2dkOW4rLzhSZXFmSXBJaUJ2eXZEUXUvYWpKY25nK09yb1lVa2FvYy9kckxWdUlFMjBSZW5hZlJLUmtrblN5QTNCcktmd1dBeW96YllMRFp3WjlUMkg1elV3Z0R3aUxzZytOenNad2ZxOGtzK0JpVWVZVkFQd05wQ0FGQjc5RDNIS3NQdVJkaFRKVVdyc3N1aXJQKzV4bldFWWd3QnBFUk5XUlNUc3BQTkNGU215MmJyQ2FpQmdjaUFqdTBlODN6RFpsakc5Zz09fA&cppv=2

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9208f93a6db525838f1cedac4c87d59c598f2862491caf4e85589beca74ea836

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2198517
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:50:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=IZB7WXwxdUZndUlGbzJ5SjI1bkI4cnVYQkRNV2IvK0pqMHR0NlpkSXQ1blBuSWpvMTFnR3JmaHdQUjRXVEtId09HMTJhVkNMN283bjBuZklHeHh1N2dkOW4rLzhSZXFmSXBJaUJ2eXZEUXUvYWpKY25nK09yb1lVa2FvYy9kckxWdUlFMjBSZW5hZlJLUmtrblN5QTNCcktmd1dBeW96YllMRFp3WjlUMkg1elV3Z0R3aUxzZytOenNad2ZxOGtzK0JpVWVZVkFQd05wQ0FGQjc5RDNIS3NQdVJkaFRKVVdyc3N1aXJQKzV4bldFWWd3QnBFUk5XUlNUc3BQTkNGU215MmJyQ2FpQmdjaUFqdTBlODN6RFpsakc5Zz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 266849
content-length: 0
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0F94 0
0 68ms
62ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTuSLdEwu3cIxx-Yx23eQ3l5YS-XhZ4t11ZMjUKScKcgxKHGv853s2jyI-78hFb4Y69aBtZT7FZ9u5miiOKTsKzzuuc0OFF2-W26tgSGBGOpdKWiQ0vOqFGfw3tkAqwzjZrSNn2C7Dr4y9t_vjIvTSYUJL-25znpZ6jEH7CpdVkBz0ublusskYarRTS0h6SV5GqLz-q6iVy_nNxQUY_esSh5ZKB4pHusifuJHIOIoqD5KqWc-swdrYosuYsFbm8tNqAA8VFk-UtdmV1-98wYl-cdmlYdfiWBMeHWtP9mziFuon816UYfxB_rhlr2N1M4eWU9v9MCXBcqWeiwsJzxiLIAj5DoarjE7BcSdv871MflkWILroLA&sai=AMfl-YRHe4ieU3N-QP_56FmE7ZhgKuGANJ-3d5TTS6G1yL9-xXF6cARvcs8CT32f2h9eyIKQBNd7Lpbln3k7CaOi8T-qQbW5Q5xxhAQXiYq0s3I0Y-4tP2yfRoiTNkmASUAgpI_VBI2wN8kPjFM9XOgMeJg&sig=Cg0ArKJSzB1flMC_RpQHEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 0F94 23 KB
9 KB 34ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:26:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0F94 3 KB
1 KB 35ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 10:00:03 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0F94 202 KB
64 KB 79ms
77ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:50:24 GMT

GET
H2 200 811511909485606589
tpc.googlesyndication.com/simgad/ Frame 0F94 54 KB
54 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/811511909485606589

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467d23dee5e3ba7f6eeac766fb074fe5e014fec821ce6b6c6cfac4426c8707c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 15:38:42 GMT
x-content-type-options: nosniff
age: 519101
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55229
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 19:45:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Nov 2024 15:38:42 GMT

GET
DATA 200
OK truncated
/ Frame 0F94 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4068244fe84ba46dc30bbd210680e8db5c944e47aa1e590332c131d93cec741a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0F94 0
0 68ms
67ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8CBfEeCWDnwYZB1g6cVvZhlodZO_KE6phU5xRDeyGKzSnxBYl1O0XpzWRaGshHoqfSkHI61Ap1Kl1touvEQDVFMEDLUWCGnVcBLEmLzOInxP-ottXNwV5AnrrD0u9bPAbBCooNu_kTuPHg9i7b8HuWtxhkywz5MUWH5pGQt6DIgZB53KuxfOnTOuQv8emhjEBnAaZNYvh-CKs9v8751eVLQ4258Y_3KIYlSqpCclN3b9e7inK4_LHHFgrP-XlGDEAE4_vc_eBjOGHEtAPiBOhtAfamIEGQobdGT-BNY_PT5rGX5neeVPrHI8jbnwagLjzyObcrEBx-SqwrT6UWPOKJqsGB5enExGwZ5faP0s7DeDrNl5Q0Emt&sai=AMfl-YRrf-K7rOW5zhbFr5ot9ZTNcov0QAd9dvuvc-kQcgWc7RKrvKyjDl2R_IwdhxoDCWTC6IMusHvmrxOhpQ_LfCMhqledefsotpyeeD4FdmO6O-EmBMMw_50C-x4PhxAPV9PXhbxirbmC4VzlWUj7T8c&sig=Cg0ArKJSzMUjLat0G_lZEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Nov 2023 15:50:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 76DD 0
0 65ms
60ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukULSwx55DGEMlK4V3rDK0Ajdrszti1UOh00QQKNugh5rThfa6TI6Ikczg_B71rPCv6bIyk_BQeeChuNCUaNnJds3p_RLWEWdsc8sC-AT30_jZcwsCBSNz-o4zoCrLb1YDsGZ-70a9zg8fn-76V9rF4nPLe9_bZtJ4I8AVUM_-QSdB_jD0qU_fND10NHNV_puToC-Zd77i3cki-O6lJPgCx9bO_DFB41g3b8FvnJHHRD6KC1Eb1aTYVPr0QTfYqf4iS-Sd3bEfcwzbcu3PKQL_BvKKTLlJCujOUpmpYLuDVg0-0btOGFTL6KJKjr8yKeVhBxEt2uYQjQ6ojbRwONRRNjnsXFDOG2OV0qIwc-U7OLM6snSuZA&sai=AMfl-YQPJNeZYAaATryMSOZOfnAD2GXTaaSbIu8Qa70TNYeLXJZJIm01k_mx7AhUA6ixX7HR4KNQlQvovY7lkGqU6VRmrUO5HPQgVk-7XbE6XTuv3Yb1DumbEGBGiB0Hfns6GP3Zh0V3brDLoBxbA9SyVO4I&sig=Cg0ArKJSzBzBeimARogpEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: ineslebuhan.com
URL: https://ineslebuhan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 76DD 23 KB
9 KB 31ms
27ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:26:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 09:26:48 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 76DD 3 KB
1 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21021
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 10:00:03 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76DD 202 KB
64 KB 65ms
62ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 15:50:24 GMT

GET
H3 200 14722042483834943060
tpc.googlesyndication.com/simgad/ Frame 76DD 30 KB
30 KB 32ms
29ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14722042483834943060

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a118c78b864ac9c1b1aa44672b9962cf0ce9129496a1d065fc3d8707b3d933ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:38:19 GMT
x-content-type-options: nosniff
age: 65525
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30595
x-xss-protection: 0
last-modified: Tue, 02 May 2023 14:52:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 21 Nov 2024 21:38:19 GMT

GET
DATA 200
OK truncated
/ Frame 76DD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 793fdb82bede116dbea15d03c26f1ca6ec0b16af5098cf72119bb623a850f751

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 76DD 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-xVN-JMPm-2Coy-ZmI9UYVl3O7eQkS2cs42ohTE3npjAZ5O2UARJIvANlaPxuChOwOzEHfPhqisYj692sJXcMTCAqmEyAZ_EzRkWj9wdSDO1Z2kR-gNt33gdJMLjtZ9o6FmrsJVTKKVJaN49QjmY2nSFCK1jujcbbYGvY2PRJO8NiPq6bvEFtEVQL07SzwtbZupDpZKbEHmg8ivcAw8-K5rZJc1XET7z2KSnuWmBBPLmOBGGxkh-HRYxU3RUH6mA_j8QwRNe5QUTHg5t-rBR4yZhiqI1o6OtWX24l1FqF9gaBykxUAkMFOt8Hzuk8n5gwPgAWL2HlGvthmYCzxRFUqNk2VNuWwcZpvPxWJ1T68SxH2Qefd6sb&sai=AMfl-YRiHEzDtI3Oxkia9rY7kdSjRSmS6Jq8uVHs7hCf33G3IssBHrGo2OEommu6OfFh4kKBSNEJQ6PZ5c0WcPlWlvZBR4wNWvDuy0RxorpsbadlJoaWhCCQisPyYFlT5RP1RYY6d6Qrao6nPHnzQzh6zHY0&sig=Cg0ArKJSzCijutCRsL4rEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Nov 2023 15:50:24 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 345ms
69ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58a986f60de582c9c46a2b4e7d570075da080ad02b4cca4f86aa5d0bf95ea087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12372
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311150101/pubads_impl.js?cb=31079745

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 15:50:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9D8E 13 KB
5 KB 29ms
28ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ineslebuhan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 14:37:25 GMT
expires: Fri, 22 Nov 2024 14:37:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 156F 829 B
1 KB 91ms
36ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22c85e35376ca6fe9d497eca5deea497c2b825be561446fa980386f29aee3ac7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gCm0QWhRoXXet-Dp2eD0DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ineslebuhan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-gCm0QWhRoXXet-Dp2eD0DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 15:50:24 GMT
expires: Thu, 23 Nov 2023 15:50:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A5A8 42 B
174 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqpSVJbJOjISs-DsfIXftRKZ8sIkJxK9k5n36gpy515ijvin5XhMaciGAYgjPLC7klRdtQgW6JU2iGfHTMJfyGHA0Uqjz0vVh_T7Y9HVo050lHKNTtFW0MChaUgA9GDpBkbNND_URBjw&sig=Cg0ArKJSzHxTOPGKS1brEAE&id=lidar2&mcvt=1000&p=441,1103,1041,1263&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2788227243&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700754623639&rpt=201&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:50:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D8E 39 KB
15 KB 71ms
20ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 14:37:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Nov 2024 14:37:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 156F 0
0 54ms
54ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311150101&jk=1585464199772821&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9D8E 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?rDQBhg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 15:50:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0F94 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssO0MQtBjSiwZ0rdFHHUGl8g2VpVLzHQ7pr-_X-VuaH_CuJb0endTjTnjgPt-SlbUYmfDTcQUVk_PIOO2zYlwKY2TF1r5a1pALGk-d6H_qFKOevJWgwDGKLehf4iWQn0MA5N8tbRXc1zQ&sig=Cg0ArKJSzPSqw2T4A8xwEAE&id=lidar2&mcvt=1005&p=843,235,1093,535&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231116&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1687144826&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700754623925&rpt=176&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:50:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 76DD 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulLulb0dOvodZ1TeyTE5bJoOjgHmBG7aWe-cXHvFQEUQHimX629gvapc5MtuIOIS6Tkg5H8R_WX7pAYZVhltVQiQmVEQ74yPeZ-HtqqMmL6YHpNZxZsiDuPCnq39Ix8DwM6EHY5roemg&sig=Cg0ArKJSzNm-PvBVtpeFEAE&id=lidar2&mcvt=1000&p=1098,770,1198,1090&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=128119015&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700754624146&rpt=124&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 15:50:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311150101&jk=1585464199772821&bg=!LyylLGPNAAZxrfrxUa07ADQBe5WfONxLEr15yXE-R6jjWDOj6e6M04OjTHXbqEYAwZmp_OFcRxrPpv_-8blRh74vltNvAgAAALRSAAAABmgBBwoALuDV2yRlNZeCfg3fxyhiHmuGiKjKI3wF9WOEG_XNSDa57fcqrXKzEUBpdLxaizaZAsaa2GBqC1vjUS-qzAAWLQxJM47vY_gm23xtC60lQEdclBJL58OBd0rpaNRyGA-RVA3Lr0JfxUQHP-LVCsy7oZ2kTo3JjfelbzH01_W9TbdeUgJoGPwlDVP1pmVdjZ3D6Lkf3t7xvjSo6BN2FNWqUjyEkNYYssCF2e60pd9clcs5EWpltDjH4IBb0lTL_dEDQwgJ5QmQDPXSQfHCZ83y_PS5lhy1Vdp3587RENEIcV3XcqpM3ND8xmCY1dAfL3RnGO9URjISo9FZwh26KIhFvZGhGcneiiCbbw5_KLXM1M7a7aDw3XjHGNvvDzZimAPJ6Zj7P4LvQAxDndg_HJCcVGvYT11NBEZhuAw-EngfMwPbt3s8vscrc5xvPMWwuESoOtfXgZl7TiHbKk3caWUjE-hWwALZi3Ipc5EI3OtJurB-lqo-sh_tHviWIX58OINuP1G24uFHNm4WOrqYtTB6_cMRHmARMSlbj07djkSnBMt2mVU_77sUq1iB7sEo_wcEPulzESbV-XHa11wdEcpuWvCQ1dIs7iix2o3fL_DBBJmDJfnjZUk8nbz28qwoXcJntb0ZWlRBqIJNCy1Kcs8ku5UkEg9U-hsWw95VYp166jV9iiCEaEf_OAjICJfZG-6Hgz0GLf_qpvvtMp5i2Jd5_L3rCw6L72RWxluL2PGmPYKFFnnDoab_0rIsi7u5-vOoREqUbpa3ffLsQqOcdgu_SIU_LPqx9C9zqAz9E1m77xRhFWJpCE4vbUk52oVU3xbbtloK155LzIZsCX5_wLJpAfFWyqstu2W2zuCH2BOYTOTblzrEogaCKR1qNtA97ANzKOKx7eKZHmJx9fXzDfqIUtvuAJ-YNyM2YKdTJh6t7FlquvkagBflM73ZaJjYG24ZfQjCAprCxPgrJCHj2ao9x7YtqEUDNkWlJS37GubR4d9QaAHCKq9lbg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ineslebuhan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ineslebuhan.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: uran2hotnlkco2clckuh2d4sa5
.openx.net/	1970-01-21 01:11:30	Name: i Value: beed49d5-5b42-4085-b006-49b981005655\|1700754623
.doubleclick.net/	1970-01-21 01:47:30	Name: IDE Value: AHWqTUnFaKuwEDnySpih6vQ_zyhMzmPj-QTTocW7Ez8ZtqrryZNCdCKhzH1TYOCJ8Ac
.doubleclick.net/	1970-01-20 16:25:55	Name: test_cookie Value: CheckForPermission
.criteo.com/	1970-01-21 01:47:30	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 01:47:30	Name: uid Value: 4714bad5-22ab-44e6-8d87-36eefb1d8fc2
.ineslebuhan.com/	1970-01-21 01:47:30	Name: cto_bundle Value: h1iMcF8zbCUyRjBMbFF1RlpUcVVGZVdoamFzVExwTDVPWGhIWUlvcm5adEJuazJMdkxLaTB2MDFDSGEzSDM4QVZ6dWh2V3hyJTJCYkxkc3NuR3FaTGlxeG1MRjBzUHpYSlI5WGZBaVJLb3dSb1NTaHk1MkslMkZhTGlCNnVjNFZoRk9ENDBrWGFNYTEyM1lMU1NuYUNUQmZkRkRTRThqSkElM0QlM0Q
.ineslebuhan.com/	1970-01-21 01:47:30	Name: __gads Value: ID=f73b456d69c4cf08:T=1700754623:RT=1700754623:S=ALNI_Mb9CgFIDQI9-g1VGh6HjU6d9mmByw
.ineslebuhan.com/	1970-01-21 01:47:30	Name: __gpi Value: UID=00000cd8c486ef93:T=1700754623:RT=1700754623:S=ALNI_MZs2jCSrS9kBUfpf2pi5GxpGEXhVw

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
code.ionicframework.com
code.jquery.com
d4201c5af00061f4da322f982afa9c1f.safeframe.googlesyndication.com
google-bidout-d.openx.net
gum.criteo.com
id5-sync.com
ineslebuhan.com
invstatic101.creativecdn.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
waust.at
whos.amung.us
www.google.com
www.googletagservices.com
162.19.138.120
176.34.182.11
2600:9000:2250:0:a:e047:753:a221
2606:4700:10::6816:3456
2606:4700:10::ac43:88d
2606:4700:20::681a:507
2606:4700:20::681a:6ad
2606:4700:3034::6815:3070
2606:4700::6810:5614
2606:4700::6811:190e
2a00:1450:4001:801::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:3::c
2a04:4e42:600::649
34.102.146.192
34.120.135.53
34.96.70.87
35.244.159.8
65.9.66.104
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
1568517715a45794c7b6be1e06b6a9cc34fddd3367d450d53b01a0b23db88f08
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d
22a1257891d7523261ed7426751d43a5dfeb83e2211aed3b71f085b5a45149ed
22c85e35376ca6fe9d497eca5deea497c2b825be561446fa980386f29aee3ac7
2428653048a13d41cc7aedcb47c0a8398d77a4d4a1cc3f999f9695d5e6d3d528
24cf7de0bdc2233de63e042d3d2332fdbb58b349f7375fddbef7b83b9107c890
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3e5d3cdde63dbe2b372b3cfc6c9ecb7400e772f4ba2e47157ab6a5ae4b63efef
4068244fe84ba46dc30bbd210680e8db5c944e47aa1e590332c131d93cec741a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
467d23dee5e3ba7f6eeac766fb074fe5e014fec821ce6b6c6cfac4426c8707c5
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b511a24b50ccc7516e02e7fa88f4de0c60e9bd0d861662d407dbbf49187fd15
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58a986f60de582c9c46a2b4e7d570075da080ad02b4cca4f86aa5d0bf95ea087
5c5acfd25bc8a1f6bc55197788630d47cfc7337182483e870d6ce5c2faffa188
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
680aa74a003162193118d81b92b04e4fc281867a1c44ed7774542513531acb02
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
6fa8ad37115a8aac954296bc716840497feb5662588b7bcf8e11741158a6ed6c
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
78c1e9dc188fdd4ae7efcb58d9558b3c6a74907adc3493a9c26aaee5cca96302
793fdb82bede116dbea15d03c26f1ca6ec0b16af5098cf72119bb623a850f751
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
8072028afe2f54c6be867d84931237e53778c117f21939c0b23cc9a7f807b300
862326129fb14c4063e163b74fa3b1d42e2ebf10641b11a38ace2065def4e342
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8a126fce9f6de67a48df3478b9a6c69ac8c3468dcd9e1b3b6ccc670b31aebaa6
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
9208f93a6db525838f1cedac4c87d59c598f2862491caf4e85589beca74ea836
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
951feaddb6ad45bcc58fee7033004366978150e8f2927692781c3e2755c7c15c
9641de1c5967c8d9c2e67142b82d402ad9f3602976b36e6f3681917720958d43
9b7b9c80b14c4338fc09c80811c1cf5637b33c4221adafe382a6568099e53270
a118c78b864ac9c1b1aa44672b9962cf0ce9129496a1d065fc3d8707b3d933ff
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
af186659e415490e7eee1bd3c8d511771dbd3e03ddbebf6b6a5096ac8ba29449
b033f59e4ffeaa6f3e4f2e839c035a14811d5469d3f772eda6056d7d5782c53f
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0bd96d397412285e6de03d4b9a8168c61b6f6968776382dc0e7c83d269b88dd
b2e08e0888612d864cdf87065ba7690e06d8ab7277c6ae2b538f3fd5caee636a
b363ce04cbe792aca75be004b831f76b6e00d8b08a0391640a708092b753ef20
bae27b7a700a8ddb6874cc6afc34de267e8fb4e953eba1b271e0ca7d15178454
bf3277171d232385d49523c16008867dedcfefa96bbadef851e049dd078f1d8d
c2617e13fbf03fbd68d48d4f0cd2bd783396a0011b9da388c6074e43b0eb8649
c2b05132848b6f8fce53d1d7e13467abeda4da68613821ea774f9839f9b3a826
c89e9728307bda1b23629de0166e8acc08538298d30cf71cc2b857efbf4915e5
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d3e5416718e81f88a84dc0cb3b1b9b48d7ca428c434d425bd03d44d2c7e7cd57
d50a82cbf1b41068353ddf2589695da59293e5e0d0081e432acc5a83df3428b9
d7ffad29f97621fd51db0ba889e154f0ce29196d3bb0fbe0774742a076478e85
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ec889ecd723b5dde5e8d63a1b6cf336834a2c8a674fa1a46d7a08ee7a5427df1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb16e51480f1812bba39f47a4dd2e154767356b870f1e5e2564f0f462f40098f
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a
fda6b4b72103321c2dafec4f24baaec62cc38c3fa0fb2c5ed8b7791ed07eba6a

ineslebuhan.com Open in urlscan Pro 2606:4700:3034::6815:3070 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

82 Requests

96 %HTTPS

72 %IPv6

20 Domains

26 Subdomains

26 IPs

4 Countries

2336 kBTransfer

4098 kBSize

9 Cookies

1 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ineslebuhan.com Open in urlscan Pro
2606:4700:3034::6815:3070 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

96 %
HTTPS

72 %
IPv6

20
Domains

26
Subdomains

26
IPs

4
Countries

2336 kB
Transfer

4098 kB
Size

9
Cookies

82 HTTP transactions
4 data transactions