urlscan.io logo urlscan.io
SecurityTrails logo

babilonshedge.com Open in urlscan Pro
195.225.173.48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://v.ht/omKIm
Effective URL: https://babilonshedge.com/0/0/0/ufbe62d2aca29675af39a1ee1dcb51918
Submission: On January 13 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 20 HTTP transactions. The main IP is 195.225.173.48, located in Ukraine and belongs to ASGARD-AS RadioEthernet provider, UA. The main domain is babilonshedge.com.
TLS certificate: Issued by R3 on November 16th 2021. Valid for: 3 months.
This is the only time babilonshedge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 69.61.26.123 141518 (SUBHOST-A...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 142.250.179.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 192.64.119.19 22612 (NAMECHEAP...)
1 195.225.173.48 31158 (ASGARD-AS...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
20 13
1    69.61.26.123 (United States)

ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN)
v.ht
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    142.250.179.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams17s10-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:400e:811::2001 (Ireland)

ASN15169 (GOOGLE, US)
b7a5f927dde81d7a87684fe0ff6f8934.safeframe.googlesyndication.com
1    192.64.119.19 (United States)

ASN22612 (NAMECHEAP-NET, US)
titanspinasjaksuuu.000-directory.com
1    195.225.173.48 (Ukraine)

ASN31158 (ASGARD-AS RadioEthernet provider, UA)
babilonshedge.com
4    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
7 googlesyndication.com
b7a5f927dde81d7a87684fe0ff6f8934.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 94
tpc.googlesyndication.com — Cisco Umbrella Rank: 127
37 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175
120 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 69
www.google.com — Cisco Umbrella Rank: 8
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
1 babilonshedge.com
babilonshedge.com
3 KB
1 000-directory.com
titanspinasjaksuuu.000-directory.com
271 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8579
792 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
36 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 151
27 KB
1 v.ht
v.ht — Cisco Umbrella Rank: 921462
2 KB
20 10
Domain Requested by
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 www.google.com tpc.googlesyndication.com
1 babilonshedge.com v.ht
1 titanspinasjaksuuu.000-directory.com 1 redirects
1 b7a5f927dde81d7a87684fe0ff6f8934.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.googletagmanager.com v.ht
1 www.googletagservices.com v.ht
1 v.ht
20 13

This site contains no links.

Subject Issuer Validity Valid
www.v.ht
R3		 2022-01-01 -
2022-04-01		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
babilonshedge.com
R3		 2021-11-16 -
2022-02-14		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://babilonshedge.com/0/0/0/ufbe62d2aca29675af39a1ee1dcb51918
Frame ID: AE911539D5944BC4C20F701C1DE7C6B8
Requests: 14 HTTP requests in this frame

Frame: https://b7a5f927dde81d7a87684fe0ff6f8934.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EA0FC80D776462591C71C20D50851FC8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 08C5B267D2D0905A2E6396A25D5AFAC8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AD58589FB506AB579F32398BA3F32374
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Unsubscribe

Page URL History Show full URLs

  1. https://v.ht/omKIm Page URL
  2. http://titanspinasjaksuuu.000-directory.com/ HTTP 302
    https://babilonshedge.com/0/0/0/ufbe62d2aca29675af39a1ee1dcb51918 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

20
Requests

95 %
HTTPS

69 %
IPv6

10
Domains

13
Subdomains

13
IPs

4
Countries

248 kB
Transfer

664 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://v.ht/omKIm Page URL
  2. http://titanspinasjaksuuu.000-directory.com/ HTTP 302
    https://babilonshedge.com/0/0/0/ufbe62d2aca29675af39a1ee1dcb51918 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
omKIm
v.ht/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v.ht/omKIm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.61.26.123 , United States, ASN141518 (SUBHOST-AS-IN Subhosting Innovations Pvt Ltd, IN),
Reverse DNS
Software
Hotcores.com /
Resource Hash
b72111798765608e8f8a92bb946c9ff3463f7a89a81288327d58efcda22f980f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
Hotcores.com
Date
Thu, 13 Jan 2022 08:07:43 GMT
Content-Type
text/html; Charset=UTF-8;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate, max-age=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
I-AM
Gamma
Strict-Transport-Security
max-age=31536000; includeSubdomains;
Content-Encoding
gzip
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: v.ht
URL: https://v.ht/omKIm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
867b5088e5d997dac4e7fceef39d1d392eddd602085207ad5db015d57c68efc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27129
x-xss-protection
0
server
sffe
etag
"1100 / 248 of 1000 / last-modified: 1641987223"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Jan 2022 08:07:44 GMT
js
www.googletagmanager.com/gtag/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-31510493-3
Requested by
Host: v.ht
URL: https://v.ht/omKIm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
80e0d5e7fffcaeb92771735e7fcc2f1e12205c9f8278d1ead94e71242d6349d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:07:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36634
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Jan 2022 08:07:44 GMT
pubads_impl_2022010407.js
securepubads.g.doubleclick.net/gpt/ 		352 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js?31064082
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s10-in-f2.1e100.net
Software
sffe /
Resource Hash
d4d964d6d34df7fde3554039d33b468b74afee14d6526a87b926688f0fc8d93c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120967
x-xss-protection
0
last-modified
Tue, 04 Jan 2022 16:13:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 13 Jan 2022 08:07:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		23 B
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=v.ht
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s10-in-f2.1e100.net
Software
cafe /
Resource Hash
dfe15bfae0625b08260e81acf8b8a6d710a2ebc6baf7f7c54880d3861e941397
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 13 Jan 2022 08:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39
x-xss-protection
0
expires
Thu, 13 Jan 2022 08:07:44 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-31510493-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1970
date
Thu, 13 Jan 2022 07:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 13 Jan 2022 09:34:54 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=v.ht
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js?31064082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 13 Jan 2022 08:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=v.ht
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js?31064082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 13 Jan 2022 08:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		410 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4492139727726981&correlator=1658219672219176&output=ldjh&impl=fif&eid=31063377%2C31064082&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220113&iu_parts=5837603%2CVht_360&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x360&cookie_enabled=1&bc=31&abxe=1&lmt=1642061264&dt=1642061264298&dlt=1642061263487&idt=788&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=495576698&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fv.ht%2FomKIm&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x63&msz=0x0&ga_vid=361871146.1642061264&ga_sid=1642061264&ga_hid=553122544&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js?31064082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.179.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams17s10-in-f2.1e100.net
Software
cafe /
Resource Hash
f1919f28d0c4506aeb53f56f0e85e4d1de3b51f9410b437c38d45a590cf3cb00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
218
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://v.ht
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
b7a5f927dde81d7a87684fe0ff6f8934.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EA0F 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b7a5f927dde81d7a87684fe0ff6f8934.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js?31064082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:811::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Thu, 13 Jan 2022 08:07:44 GMT
expires
Fri, 13 Jan 2023 08:07:44 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=553122544&t=pageview&_s=1&dl=https%3A%2F%2Fv.ht%2FomKIm&ul=en-us&de=UTF-8&dt=omKIm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1554012518&gjid=1903988849&cid=361871146.1642061264&tid=UA-31510493-3&_gid=534990084.1642061264&_r=1&gtm=2ou1a0&z=1486237713
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://v.ht/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 08:07:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://v.ht
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request ufbe62d2aca29675af39a1ee1dcb51918
babilonshedge.com/0/0/0/
Redirect Chain
  • http://titanspinasjaksuuu.000-directory.com/
  • https://babilonshedge.com/0/0/0/ufbe62d2aca29675af39a1ee1dcb51918
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://babilonshedge.com/0/0/0/ufbe62d2aca29675af39a1ee1dcb51918
Requested by
Host: v.ht
URL: https://v.ht/omKIm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.225.173.48 , Ukraine, ASN31158 (ASGARD-AS RadioEthernet provider, UA),
Reverse DNS
Software
Apache /
Resource Hash
e0fb519d4c44bb8920e2c2c7c9134a4661946601558fa42eeaf2909994965eeb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/omKIm

Response headers

date
Thu, 13 Jan 2022 08:07:45 GMT
content-type
text/html; charset=UTF-8
server
Apache
content-encoding
gzip
transfer-encoding
chunked
vary
Accept-Encoding

Redirect headers

Server
nginx
Date
Thu, 13 Jan 2022 08:07:44 GMT
Content-Type
text/html; charset=utf-8
Content-Length
88
Connection
keep-alive
Location
https://babilonshedge.com/0/0/0/ufbe62d2aca29675af39a1ee1dcb51918
X-Served-By
Namecheap URL Forward
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022010407&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js?31064082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 13 Jan 2022 08:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8699
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js?31064082
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 08:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Jan 2022 08:07:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 08C5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/

Response headers

cross-origin-resource-policy
cross-origin
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Thu, 13 Jan 2022 07:20:35 GMT
expires
Fri, 13 Jan 2023 07:20:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2829
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame AD58 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-y1nnClYsahd/fsKgLZbbGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 13 Jan 2022 08:07:44 GMT
date
Thu, 13 Jan 2022 08:07:44 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-y1nnClYsahd/fsKgLZbbGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
qOjxjXcXCvgvcs-4P0zsCT9Wg6D8_9jxJtnS_OGjMvI.js
pagead2.googlesyndication.com/bg/ Frame 08C5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qOjxjXcXCvgvcs-4P0zsCT9Wg6D8_9jxJtnS_OGjMvI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 00:35:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
27151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13349
x-xss-protection
0
last-modified
Thu, 06 Jan 2022 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Jan 2023 00:35:13 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AD58 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022010407&jk=4492139727726981&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 08C5 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022010407&jk=4492139727726981&bg=!RkWlRQHNAAaocxMpqHM7ACkAdvg8Wj1MRlJvwItIHE8O01B0p8GJ05JdBmx909FoJ2UPeNNudcjK9QIAAABNUgAAAANoAQcKAFgKG7eKnYhRT0CEHsV88BbSJjjIO2OXzTjIUZmgd5nGSQ4DJ30MxSl8BNdMzHmyeg1wwEFl-lIf6mWYqj2rwlMt19sWEcXWt0JDRaI9ftaFCDXlxYo0jHj1mQKoA-92UAwA5gXGOMEN2ZdfQgyw6mwjwJYcDvM2yNAb5iT0HjV_qVSGSVYNYYimq-ZJK6RnT0svLCz9ig-EtP9BSdyMhn7D831Kfd0aXTvOB-F3W0NAavJPOL8c0PU_fQN95jCPoMjMshbTwKaELi1QXXI1IVeVaBld_aoDWpKC8N4nq4ytG9kr8-revvf99Y6IeL9YhSn3ou3Yeom_RthxVtU2bLurpoFhMwxdWKPjbe5sqkivjuwWqryF_XvXO2sk2k5U71mMJut1JEuikR1LOgJvM_HoCtBi8BxLnAeSgeIo5VBDZ4_wbndRmDncMLwECsdLHcCRT0HcJD8FgSoGiu-XFUpTjst_fVWuioyowhYFXSHYOjUmHoRu2yhL1cUVuivO8sfTAQgllTMYedE5og3kqJta0W4aS04l0Cb9GBqQwpAhvkwY04LPnOOD2Ae1zC4e6nn1qfcIp7gIM22ebPygVH_jk1M4UaokSZqE2q3TNLaQAc_Kdij63kDuCE-XbFSRHrLCU28BhbAOiVCwa1bP9sTGEm9lBJM9fsI5Vo3-u-MzCDMo3i2OoZwIUTPapWwIyWtAOQpvwVC8vHg85ZMASU8UFEm53i68H8RqeEoDAIdKHD4lrvQfSBPiA_GXNdDyXHOSV3CnsE12WHJcZ2o2C8GVIBXP9Rv1cDcmbN0P-NWEWqSFjLREHkpXBocAFzAyRSCS1kOTeSr0eilC7bXFsCNctcRiHJCFrNjfHPkHkFcQY_-HmkV7Y-IeP4-h7FAF1fizFRYLWf_wjO0wW62A0xQPyLf19x3d_hfN9Iax-9Hqg-n61_UxX0G1ZTEYmpkE-OTjsE2ob1IHtWmRqY-79zyziUPndpycW9LSx42fOEPSHyCDgSCXrb3B-bB4rmFsDv_tHYg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://v.ht/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 08:07:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?-Elh1Q

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange

5 Cookies

Domain/Path Name / Value
.v.ht/ Name: _ga
Value: GA1.2.361871146.1642061264
.v.ht/ Name: _gid
Value: GA1.2.534990084.1642061264
.v.ht/ Name: _gat_gtag_UA_31510493_3
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.v.ht/ Name: __gads
Value: ID=c32bd99497e7d942-22f897ab1ecd001a:T=1642061264:S=ALNI_MYC-pSnoMkB1QN9jlAwOf75i2LabA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
b7a5f927dde81d7a87684fe0ff6f8934.safeframe.googlesyndication.com
babilonshedge.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
titanspinasjaksuuu.000-directory.com
tpc.googlesyndication.com
v.ht
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
tpc.googlesyndication.com
142.250.179.130
192.64.119.19
195.225.173.48
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:400e:811::2001
69.61.26.123
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
80e0d5e7fffcaeb92771735e7fcc2f1e12205c9f8278d1ead94e71242d6349d4
867b5088e5d997dac4e7fceef39d1d392eddd602085207ad5db015d57c68efc8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b72111798765608e8f8a92bb946c9ff3463f7a89a81288327d58efcda22f980f
d4d964d6d34df7fde3554039d33b468b74afee14d6526a87b926688f0fc8d93c
dfe15bfae0625b08260e81acf8b8a6d710a2ebc6baf7f7c54880d3861e941397
e0fb519d4c44bb8920e2c2c7c9134a4661946601558fa42eeaf2909994965eeb
f1919f28d0c4506aeb53f56f0e85e4d1de3b51f9410b437c38d45a590cf3cb00