bg.asayamind.com Open in urlscan Pro
2606:4700:3030::6815:e9e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bg.asayamind.com/sodium
Submission Tags: falconsandbox
Submission: On August 05 via api (August 5th 2022, 2:33:52 am UTC) from US — Scanned from DE

Summary HTTP 137 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 30 domains to perform 137 HTTP transactions. The main IP is 2606:4700:3030::6815:e9e, located in United States and belongs to CLOUDFLARENET, US. The main domain is bg.asayamind.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 5th 2022. Valid for: a year.

This is the only time bg.asayamind.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2606:4700:303... 2606:4700:3030::6815:e9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	185.177.94.108 185.177.94.108	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2600:9000:206... 2600:9000:206f:e400:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
4	45.133.44.25 45.133.44.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	2a03:2880:f21... 2a03:2880:f21c:81e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
7	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
3	45.133.44.24 45.133.44.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
7	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	23.88.85.6 23.88.85.6	24940 (HETZNER-AS) (HETZNER-AS)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
137	36

32 2606:4700:3030::6815:e9e (United States)

ASN13335 (CLOUDFLARENET, US)

bg.asayamind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
asayamind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.94.108 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-108.ah-server.com

op00.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:e400:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.133.44.25 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpshsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f21c:81e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8a69c39ad9.f451b7f622.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.88.85.6 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.6.85.88.23.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	asayamind.com bg.asayamind.com asayamind.com	940 KB
16	googlesyndication.com a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	127 KB
12	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 static.doubleclick.net — Cisco Umbrella Rank: 458	235 KB
11	gstatic.com fonts.gstatic.com	149 KB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 111	744 KB
7	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 2603 r.skimresources.com — Cisco Umbrella Rank: 2491 t.skimresources.com — Cisco Umbrella Rank: 2585 p.skimresources.com — Cisco Umbrella Rank: 3492	20 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 jnn-pa.googleapis.com — Cisco Umbrella Rank: 346	32 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 374	109 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 401 mug.criteo.com — Cisco Umbrella Rank: 2755	1 KB
4	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	80 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	671 B
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 674 syndication.twitter.com — Cisco Umbrella Rank: 864	133 KB
3	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 27223	32 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8117	914 B
2	adform.net adx.adform.net — Cisco Umbrella Rank: 3659	409 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2580	24 KB
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 31083	370 B
2	instagram.com 1 redirects www.instagram.com — Cisco Umbrella Rank: 975	5 KB
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 25239	558 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	43 KB
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5951	178 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1237	278 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 423	1 KB
1	wpushsdk.com js.wpushsdk.com — Cisco Umbrella Rank: 48759	13 KB
1	wpshsdk.com js.wpshsdk.com — Cisco Umbrella Rank: 13892	20 KB
1	f451b7f622.com 8a69c39ad9.f451b7f622.com	207 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 53081	809 B
1	op00.biz op00.biz — Cisco Umbrella Rank: 278185	15 KB
0	adnxs.com Failed ib.adnxs.com — Cisco Umbrella Rank: 238 Failed
0	casalemedia.com Failed dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530 Failed r.casalemedia.com Failed
137	30

	Domain	Requested by
31	asayamind.com	bg.asayamind.com
11	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com googleads.g.doubleclick.net bg.asayamind.com cdn.ampproject.org
7	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net bg.asayamind.com
7	www.youtube.com	bg.asayamind.com www.youtube.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	s0.2mdn.net	a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com
4	jnn-pa.googleapis.com	www.youtube.com
4	googleads.g.doubleclick.net	1 redirects www.youtube.com a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com bg.asayamind.com
3	js.wpadmngr.com	bg.asayamind.com js.wpadmngr.com
3	fonts.googleapis.com	bg.asayamind.com a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2	mug.criteo.com
2	gum.criteo.com	1 redirects
2	a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	adx.adform.net	get.optad360.io
2	script.4dex.io	get.optad360.io script.4dex.io
2	fp.metricswpsh.com	js.wpadmngr.com
2	p.skimresources.com	bg.asayamind.com
2	t.skimresources.com	bg.asayamind.com s.skimresources.com
2	r.skimresources.com	s.skimresources.com
2	platform.twitter.com	bg.asayamind.com platform.twitter.com
2	www.instagram.com	1 redirects bg.asayamind.com
2	get.optad360.io	bg.asayamind.com get.optad360.io
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com
1	prebid-eu.creativecdn.com	get.optad360.io
1	prebid.a-mo.net	get.optad360.io
1	cdn.jsdelivr.net	get.optad360.io
1	js.wpushsdk.com	js.wpadmngr.com
1	js.wpshsdk.com	js.wpadmngr.com
1	8a69c39ad9.f451b7f622.com	js.wpadmngr.com
1	static.doubleclick.net	www.youtube.com
1	na.nawpush.com	js.wpadmngr.com
1	syndication.twitter.com	platform.twitter.com
1	s.skimresources.com	bg.asayamind.com
1	op00.biz	bg.asayamind.com
1	bg.asayamind.com
0	ib.adnxs.com Failed	googleads.g.doubleclick.net
0	r.casalemedia.com Failed	googleads.g.doubleclick.net
0	dsum-sec.casalemedia.com Failed	googleads.g.doubleclick.net
137	43

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-05` - `2023-01-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
op04.biz R3	`2022-07-27` - `2022-10-25`	3 months	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
js.wpadmngr.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
na.nawpush.com R3	`2022-06-07` - `2022-09-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
notification.tubecup.net R3	`2022-06-20` - `2022-09-18`	3 months	crt.sh
8a69c39ad9.f451b7f622.com R3	`2022-08-02` - `2022-10-31`	3 months	crt.sh
js.wpshsdk.com R3	`2022-07-25` - `2022-10-23`	3 months	crt.sh
js.wpushsdk.com R3	`2022-07-19` - `2022-10-17`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
*.a-mo.net R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://bg.asayamind.com/sodium
Frame ID: B1675D40145E784520F5A44DB901757B
Requests: 95 HTTP requests in this frame

Frame: https://www.youtube.com/embed/fFuA8XC8tIM?modestbranding=1
Frame ID: 1DD949B8338BE604F1E017CB6BDBD113
Requests: 14 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9489400335003073
Frame ID: C2F17CA4504CDD9CA12C9F4AC3550F9D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fbg.asayamind.com
Frame ID: EEB92418E8CE349D331038BE4E5A5331
Requests: 2 HTTP requests in this frame

Frame: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 97D42F5A71B2545F9130EDC279AA8FD0
Requests: 1 HTTP requests in this frame

Frame: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 83554B917FB61E23618246E7BB4279E3
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuhcRDAk-sBGM_Cy9ABMAE&v=APEucNX5NlMntwhnzyZN526qFuk3gOjQmPGDweyqWwdlNVJ7MAkMpZcR9KmshNtbAxo1X1euFudZmnmZub5o8b0pDQxFWTYKUDuaXpNrT4TDINMiotljiBWMl65Yr7BCBXvUJWqyn12ipKWgANIDK-XJF07tPZlFS8V2ZnV2ZOcZytCVDm0t-boxrjXaLeDiIASpR3ZG34vTwOjikVFtHhXZkxmkM-WDIw
Frame ID: DD861033B1D25F38BCBD547D6FADE265
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bx__cXyXFMjNv4Tu5dBG2fshL1oWCZwOy_RQIgiL3mFPB0YCU9mvQWq-pSZumgo4DuercRowBq5EWkGTTfUhR79oy9tA&cry=1&dbm_d=AKAmf-DH6Yzep9bOm9cZjizkf6tDiyVvHxRe3aFpuubbKXQzN1u8MNNjqLLGqpffPoDKKf73CIhYgsKi0Sk6tNZtV5XW3ArWPkMDpiU09DaDK8Ebf6CMHh-880I1mi3ZR9WZOkRvY-lIVexojZo829ZrIeQa153VqefQkdsW-yb4aRaxIKWrDG2T3uxgBBP8o2jRi0w-Xvh5XihcNFcM3ZgsghkMY2Ebl8kC9kv-pCqbL9y_Lser0dPptVj1Po-TewaOCNnpqAuC7yg08GwW-L6m4jAg_fPQhcP9EEeI0KDv8H7qdp8t3JUMeFQGQPkbsuhsDg638fImV6o4tvI-HNl5CeQCwLhbx3su4hU5RgdOUOgcY0YxFHiKDXx6MESD2w8wZFlyJwyv8S1lv6tC0VlEfl_hAUhxw0EjGbNEyp5c4nImRn6n4rCxE3QCFryUkZSqHbl3RGg2dgwE-Mb6Gsm4iJbVjV5QNYwVNermU0mJG8SIiFOkPZIssH3rDJrTCgyVtAehuHfEiWkyWJ5b6LOrasuFrIsxoGqhm5IYozZaeC2ms-T_aKCdyKnlTkuMTit8laRz1pV7WiDwopFhx4c5DaSg0YfP63hdR1RuWLxmQQylRy5nZSIfUjku8hJBH0g-Nq6WtziJbVieny330ZTw6468bphVZ0MONg6OnMExjBiQzRxxJEZVMZy3wHpUzY4yLd6iRQvANe9Z5Ey6EU1QslrAcMHTzY9ckRJ5Z-OzF8LmfrvxZ4ycHzqAUXRW4G7O6_CkI1gtIpva7qnT3wFGviW7o2-TIp6pL7vTP1Dz7pE9VQVL85cSfVXxhWSnK_6gLlcczG9o_HAq-JIvfLjMl-MSJVZf0th3B1nIHW7nCNGuJ72J7UGy4bOj8jo-zRCbhW8qrz4Yy_ZTSZJGRYVnCLkoGgUtFDPr-DpgOX4U-oLWhX4e7RyxaNggM5GY6zlMqJIoUGyjsqBfR4YijjFD0u5TLrPWloFUp2d9onLYs6wfN8g_dhQNX1fXlm5e4ShJSiychxV2KobMQsGD10Hie63PtKxWB8uYsu-ovhJIKRwWDpx_SaRGq2SxkM4gfSEiiPoPTgElI1bWVwzCFMrwRMKZUaHRoLvtWLXOSjcj6vYo7OqgMuLLtfJI4cpZNfnGVuPBrdtJbLMNkwQk3zq5R87wHIJ_fpmYMx1lIUq-WLzpnrVmfvkSj4lZxtkEu7gHHp5OnHOsYaluz_xCHGzHz2S5McwNyY-eYx0sAetmSJurZX3sNbhigHRRV3fsDCv7LjNpgqHUfBC5XDNCNw3ryyPkmqKQfK07ppVc-xtMqNrmbyuTdGvTT_PTQesczELswQj94nwm06xdwFo20Q5CAWpo5ZfZ9NdOuwqOLEUfAyuM5XWfRzOgdhmUok6lSpft-kB42QpagbIuIhHbmK_4j9xNv9ldnYFlXJmGEFy4XWEh0A8emGiO4-ayO1YQ7VOUp1AdUMNtawflqewoEhMUE0UIRQcx-DquooQHaaeyplevIWINUC9SeGCWX5iygJwKEKElBF1KxYYOwsCtVw7XLcOOUD3pbRiYubpYJof5GaAoyYwvv70phRpjR9d3cLtb9nyHCshcP16x8ctvX-2X-HU7dK0s885Aacdi_yAuFyag2p0bNZCi0WjPMh40bXQiaJIIOm5FnPwSKf9sY9DLnQOuZkIWmq9CRRsZNgEvcNXih5sGD-jT1yoN7sljVlCWHq7kpl3lGmxXHAR7f6TtfklrYWFrSWpSGpy1qH_SpAe2ZHc8BeFwm4BkW2zfuDB2SMIKQKvQbhhJSe_YP8jj6z_wFiREjCCr39VyP4WNFhEL6dnLB66N8lVFVd7XtsXaAgWScpiOKp1xa92GSwwL-gBACrxAPXugXAjDRNDF3vDJfKsdQTMrqGQKF2ZURgclRrWdTqTrXShM1VXwne7jIvJ0TrWXhCW1eyFu0DZd08_5lsFGXSuQu8-7VYfPIFjMDNh6lDObBLLKXwTlIme77USYbNnLv3HV5xF4u-1ctFzQxptL3fspxZ52E9iGXZBOAYuV0tiAIFzpViStVXl0lygGlUycVvtaXx2ANAtCINZfQp0or2gx0Rn7R8Aj-22IJeygxWqXhriZzN-Zv9mMThZJu1KrRsOF7OJOCPnCYip1bBMHaxoeROgAlOV5cif5Pbr6RFPfCg5nZlydgjanLUZRyB6xp-Wm0wWwSkx3wWfSRzIXPeM9t7AbEJqgx4h1_BGWbfH2OmdmnPyNT1hDJais4NmezSyz-JxduptTNXeq4niHKREvxItrr_4-SgabDL85QrripDUoxLHc0OWSnLv4Wy48dJ73ycnpFXjqHZMVyvkK3j3O6TT2S_o2eiipf3IUmniICDcqosjuQE8AsWHtwMnrw68s10sME4thiYNdbgHhLw0SC9rURQRW_gb0HthOhr90nP5WYAMyYQMf_gGhIU3pAkXkIl9tXQbtLIp0XMBgHc9TCnnyCV6vYFRr8D7yvBcDHMGyR7I3Mb-5-S1rvqucXTp4GDONL6y1sDa0F_WEQcCJmsjUr5P-YFCTAmWr_FRrvrHNVTQs1Arqh2VMI8uVY2KtC8eRU7UEfHpIhhZ5kEWMyhMfVHorgPXYvOYU1_wmqprbdEKeWh3YXXfmB8sje0UXpFFvwgu19GU2Q4ZTLAp-bV295tsBt2CRDu3PcMb2kpnyjA7Pj37eCmrbEAeeeyagqwg7CDxMvXlzsaxc9frz_y42Ji3F_6o9lRcNcB9XXTuzoW0XN08qEfl8fSLxzPb6uO2PTDy7yhWVbY7RY8hcmN3DOdjz7NLI2HJw7hKrTwfyjazPpRD15TvxT4j08okJwm-uRBSY6liLyBKyiNE-Iem5ystsRfTsp95YZiqkuS2D6bPLZ3RoxuILmYCQAm5w8mjhBqHN5lttM_TM4_TBwEL1GLYtgxL9j5Xvl7gCMqJE5GkgnbxWuy6SRQud1Ruu9i_wPiYU1iBl88UPfik7ORf6mmMPBaevbxAhvg1X63Y631YawEKQK28hkwXRTZYEe4uWxC8CaY7E85yczIlLmGLkBc3CcySwto1QmpjMh5722bu9sAenLIBQwG3WdWB0fK3GdtC3EuI8dUP8a4ddtidgEkje13VpN2HVQOGz2Tm-z91T7fNZTH0r_d-1umNVlz4ad7d_Noxy75km5EqWk0KdXSGGw-jLL4f2L4-jAiBAI74Zyg_UtgSOHXiD5IOW4U-wx8NmkJD_D_s9nb9ZW9xHCn0W84eXIrG-Y2k6nkd3aUQqTtFBCzToELWS7QsqejNF2cjSPJJ9Pnkk1lWi1wNJ155fmqpG7wlm0MaxPAwW7lqWeUhHm6h8TEd795JNKoyetDhiIYhZg0VmQFKor-Lvko4vlYvxyqXv9d4238HNqUbYthdH5yJxi1O5F3tmuXo0GfzfLET8b7WJXQ4StlmvRgLTWECRCbm5xjLx-uuHOsnKtxxYmJ7Dk8Yg5esNoDzNrd9gug46yy-f7YPgYU7iecqb7W_APmbVllUPeNFDwfHUgmc73EQhrnzg7njATogu5zn6fuxOQqNndrR8UUJHtzEXZbQNu-gP7w3HsHOWfCEJdNpkWKquU85XgHW89Vy7WGrtKr82_n89QZTclPXam_2Rl9UMte6uaw8LxF0jWE90TUJL-_GeLFx6YY5o4-l61YFWj6PHoo-iltGdO6np3wtZQJuSbfJtIzETJ187Z2pzhCBX188GvDjA0FoXQpbilwiAic3Nxkg41O-45MIryAMlzIGC9DERYhO65PtKgTcCPCYX8We4bqtdit62-NLFz8I4BVydxjN7y0EyojRMB-OJAVvlPl3R6oMzJsm4RGqDn7bx1DSdrTmq2CkkNxXmwJJL2UWNA8Kj8DiuAmg_Kd4t3emiAjSTmBhT7xI0ukbwYCLp1L8dcIQdb4CjUiiLug53Maz6-fUQ8pQHMy8bL5NzKBuV5qtu0cfOLH37fval_8OPlNFGxTq7oK7OSQI-97ep0aK_rl_A0qOSSa6KNmjgraOjt7fltfc7NP29RJ2WXH2NxA0sy_TrHv9xPlgjHo_b379pKtbejhTSp4C1NG8E7NmmA1GuSYen2jsw7wQ53TRJbthR0l-IPiYNVfqjFZx_AG1ZTChJQJ3TxGgbK63mnIXe2IPT2h54s5Le6TTWiD_J6RsbOtBvBWj4uFQc-smV6q-I9R8fGjqTXsz_Q69AjKUZhf9X_ixnwTU65nuogULHBEY67I97M1Zg91RBbTvWqVmSAt4h4oVmHyqwdBeVP65AWGtsSTdm2xab9cm9OqWVn_1PWW68zg4vs82a-mJD23GWYlg3zIj0_gyE3nl3WHY4AxkbmKdKIZY7raKYUlUw08VQ9hTD3D03M4YPdMcufDOXqdTp9CVKWqlC4c86L9Qgyh4DCNKS12JxEKRjoq_Y_zfsxyHDGNAiDdH0Korl7m5seKtc1MGq3-A8bnBirIo8zGBheiVVK1NrVtFGgWnArMUEeED4VS1VuU1YoZuuJES4hEJKOrwDzCvwa-N5C7zW1Y38Um8BUbrggUZ4lT0wDaF0smIPA6Qi5UAhOhUVDV1e1mSjSIKTvyfpIMC_Yi9nGkEWCNg_jjKsuDewqiPBp-Ug6hEVkBmHscioj7Tzp8e7wEpGaXZyvn4ACDTMTY5dBX0k0hOmZsoIm_7IqcEUQ1fzNiLvYCy5uhJNIbtSs6k_KTobHdTZBD-_TRifcRlS2aWAQkHjQMud3tZkLK2LSZOSDjqre0Qm5eNGL6oPkxEJ_rKQfzvM2iblOqCdRtjrN95BYMpAms_2KICKNYbdN2xrAJbcI9Fdwy3nCEiO3BWcNbVQYq8ywCb3w2pOBKbo0pN2Bc3VWhg4KDk9WhPFI7HrfhASJs220oun_UTh1maN0cvphrLWUNC_2uYhZhyM0U3hjPfrtKsrhJYMPcAUbdcvbQNt8jL8HpY5QFYKDZemtG4t4x8im7eIg3CfZl3A1K7avV68JF022mGZzp2fjoGAlUeP18RZ8VXRqQBf39zSaECnZY6gexlLwCrCXTDFgYhqjZjLgp6zQbYdfX7ND1_T6E1sqIC6EQDc0pqT9s8LZZ9cjbn9LFrA9g7Y7zLIrfalRmDCl_qJhJVPp-3vjoi67YH4UxugBwR2z1ExfkLYPb3ue9F0oQwK8CRTBJOeRdxqJq4Pdb6flx8YobHkPm4EGnqwYvPtFgdcmUQNXVop8qpajS9tl5rDgyR9dQHcnwuRe02IVfPo10GijwavroGEokZCxw&cid=CAASKORoABelBWSx0EZq-1DfTGEYuEy3w_0X6RpEfwFicSJ18dqhOm7HBAs&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjssSP0IgUfQJs2vU04Us9DAWXxkt5aGqKWs_thF5zCLfBA9STESCyzB1wV7myGMRsdv6OgFjS1whM65nn2d0GwoIswLKyKguB7gN0eUulnSSfZAO4LrdryidtKHaixPkrmZkWepjATyBfNpY5BaRK7y99MwEo5EqHa6gP4H72LQtnY0lyZdvIuxarvnAhLzcaPJZQ6LEukJDOYTClu6GmVoVvIkpTb2-Lc6mhdKcni9vU7zSk9ktSbfiiiT9Wv13E6gzPBYaN-aw4-NoxjlMVGcAckRbTa02ozuF9ZhxPCViQZXiHMz_Yc_SI-Qw-lMChCZIhFZGlYxNZeXLr_xnvtH0IM9kiG686FXYfj-kKSpkxCZTiPK1bp0DOczrjA3DOwTn%26sai%3DAMfl-YSwTZ0DWZB9xfpdWIKUS59Wt96m4L6bo3Ye6SqXDYz4xDT_FERmBSEMWssfIVmQT8c0piowqti7eC8i_6xscOsBr1jvqR1EbgdLKFy_KGhwyN-cV3G-KA5uKczGSHB5qcY%26sig%3DCg0ArKJSzD3hJzyPNp4PEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=2%2Chttps%253A%252F%252Fbg.asayamind.com%252F%240
Frame ID: 8D6FB1279FF47A27306E8B2CF9254D26
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3DA0E266EB1ED3CA9B7B6C0C5D8B4719
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 30E54EBBC863F228AEDCD2A5AD30D5E3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DB42F6201CAE61AA22352BCAB2249673
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

137
Requests

94 %
HTTPS

60 %
IPv6

30
Domains

43
Subdomains

36
IPs

6
Countries

3284 kB
Transfer

7387 kB
Size

14
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CMhsmioHsYrLcCPqE9u8PsbiHyA2ir-bGa9Pk64bID5aCzYWIFhABIKqAwyJglYKAgJgHoAHQtPDlAsgBCakCnHCT9kExsT7gAgCoAwHIAwqqBJwCT9DlNoaTMn0v34QW0bW0AhIVPoqdHwWqLUlRPUmkwpMOiAYS2_HK1C_3L64vKeNbFsV2eSdffUKerZDcJ1IXCK3WRVbMSO-j_vVgKo3AcOcpe1OjrvTvioNruW2D5rha8O59tBB9jUsJZDiaCr521Y_bbTBSNZTtBqs0t5Y9i2TlHZ1cl-AAPHeFJyZm4Ue0S6zYct39SvpuyPTqprk4vv1_M3V_kpI4ETqeZsGILIJ3lh49WwKDrp5VKF0rJXRSGU8G0BUhU4MCEMgkh_HavbYuezLJhBJlwLU4gfHoYO-8qLGxZPM7xTJN_N5u0fJwXFWrcw2zWhWSFfPdDfZoZW8lbUUNTupn4TBE22fU1RJ_9YLnTwEokDUy_ZvABOrPzaL-A-AEAaAGLoAHmMuPmgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxsQmQupebzkggkIAKA5gLAcgLAYAMAbgMAbgT5APYEw2IFAHQFQGYFgH4FgGAFwE&ae=1&num=1&sig=AOD64_3r6u2U5fvRvHzdBztgebh_UaTM_A&client=ca-pub-5512390705137507&nb=9&adurl=https://www.nibe.eu/de-de/support/foerderung%3Fgclid%3DEAIaIQobChMIssn43NSu-QIVeoL9Bx0x3AHZEAEYASAAEgKlofD_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CMhsmioHsYrLcCPqE9u8PsbiHyA2ir-bGa9Pk64bID5aCzYWIFhABIKqAwyJglYKAgJgHoAHQtPDlAsgBCakCnHCT9kExsT7gAgCoAwHIAwqqBJwCT9DlNoaTMn0v34QW0bW0AhIVPoqdHwWqLUlRPUmkwpMOiAYS2_HK1C_3L64vKeNbFsV2eSdffUKerZDcJ1IXCK3WRVbMSO-j_vVgKo3AcOcpe1OjrvTvioNruW2D5rha8O59tBB9jUsJZDiaCr521Y_bbTBSNZTtBqs0t5Y9i2TlHZ1cl-AAPHeFJyZm4Ue0S6zYct39SvpuyPTqprk4vv1_M3V_kpI4ETqeZsGILIJ3lh49WwKDrp5VKF0rJXRSGU8G0BUhU4MCEMgkh_HavbYuezLJhBJlwLU4gfHoYO-8qLGxZPM7xTJN_N5u0fJwXFWrcw2zWhWSFfPdDfZoZW8lbUUNTupn4TBE22fU1RJ_9YLnTwEokDUy_ZvABOrPzaL-A-AEAaAGLoAHmMuPmgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxsQmQupebzkggkIAKA5gLAcgLAYAMAbgMAbgT5APYEw2IFAHQFQGYFgH4FgGAFwE&ae=1&num=1&sig=AOD64_3r6u2U5fvRvHzdBztgebh_UaTM_A&client=ca-pub-5512390705137507&nb=0&adurl=https://www.nibe.eu/de-de/support/foerderung%3Fgclid%3DEAIaIQobChMIssn43NSu-QIVeoL9Bx0x3AHZEAEYASAAEgKlofD_BwE
Title: NIBE Wärmepumpen mit bis zu 50%Förderung

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CMhsmioHsYrLcCPqE9u8PsbiHyA2ir-bGa9Pk64bID5aCzYWIFhABIKqAwyJglYKAgJgHoAHQtPDlAsgBCakCnHCT9kExsT7gAgCoAwHIAwqqBJwCT9DlNoaTMn0v34QW0bW0AhIVPoqdHwWqLUlRPUmkwpMOiAYS2_HK1C_3L64vKeNbFsV2eSdffUKerZDcJ1IXCK3WRVbMSO-j_vVgKo3AcOcpe1OjrvTvioNruW2D5rha8O59tBB9jUsJZDiaCr521Y_bbTBSNZTtBqs0t5Y9i2TlHZ1cl-AAPHeFJyZm4Ue0S6zYct39SvpuyPTqprk4vv1_M3V_kpI4ETqeZsGILIJ3lh49WwKDrp5VKF0rJXRSGU8G0BUhU4MCEMgkh_HavbYuezLJhBJlwLU4gfHoYO-8qLGxZPM7xTJN_N5u0fJwXFWrcw2zWhWSFfPdDfZoZW8lbUUNTupn4TBE22fU1RJ_9YLnTwEokDUy_ZvABOrPzaL-A-AEAaAGLoAHmMuPmgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxsQmQupebzkggkIAKA5gLAcgLAYAMAbgMAbgT5APYEw2IFAHQFQGYFgH4FgGAFwE&ae=1&num=1&sig=AOD64_3r6u2U5fvRvHzdBztgebh_UaTM_A&client=ca-pub-5512390705137507&nb=8&adurl=https://www.nibe.eu/de-de/support/foerderung%3Fgclid%3DEAIaIQobChMIssn43NSu-QIVeoL9Bx0x3AHZEAEYASAAEgKlofD_BwE
Title: Öffnen

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?source=display&reasons=AS7gl4LyRfZ9RZv8QU0wwJ6D8xsB2YLBORqhgYSHKHkDSvJ5r_MjHYTTug1Vu7nvADyKpzxN6E4y3w2m0A7SCQnt4UIEUWCur4clG4uqr6Ye9Vm0fpP7zAVomTpUG8wsPPBU2DBe4TQ7rdQLKzOCvcKfhP124oMsclAA8RNdbROVBizjMLSEcuK9RhQYPwuyyJGgy65bOutihWmj_s2xcgLnNTuJb8ETbQh5H9c3Avv-b2RuTIJlR3gNKoiUQbXY0Iw_m90-UzzzLrjBHoZ9rvYm0Aeccqktwtx0emtWOREvTxBJ0_EAs3hAH9CIaGDMqsiArurvdsFQ8SA9RUNEzQSbbO7mX2tvX3VKHOQrOjEEP1MSx5dsfdzcLhRhHWKEe9uo6kvqagNwLk40H0d8tuWC1mMzxi1v1W8r95KDsZyKYarxE54wA0DkkN26TYMPmwAQxq-EJBJ503EmL_BpAegQ4XluxParhLFkjCFIoA5Nmmce4Scsoavac5IRjyAeZk6LTYmqAsp0qwRdjd4RZvkKaJT0XRONw8UTwLvex0SKlepDoJUTPUgG7Ax2wKmpbKDngalHwJdjwl2IXbiDbS2elMjjaLDkoVuOr6s8Nw8GzOf9JhJVt_pm07SbEVzSOa6MRd5slk1T6dcHzz2_bxL6dVFeXNkmETQixgmjNfdzos5ltpvJKLYS8fRrCeOH8rUaz9tIFKn5Vw3fIOO9ezU62vi7Rccp-doOlUsSWMaskAz_sxxMwBJL8Urx0H_t7A4uBzkWv17jTaVtbC5wX3RdccqL2aQHttTdMFliuYkqW0V0WDFnTOho6WUmrkoI3stTuGDAQqyamEgDn6vKqK_78c_Smcl8dV9UPMO0-xKhNikFi6yK_MEC-RQUbiuQEqVrM_sm6wPpSwviuP1XnF4N4MCWF2kO7sZGLt6c2XFrZBayCmaLb_3FKSI4YyfoswUJ6qapGOHeH7zIDnpepIccLTKYkf94i9sCGHxGe1fDwxSljKY3sdm8GXd60o_MMjsl_nAOSiYGhuk--do7ZA-M2cEPxA8tI2TFvS-Qq-U6a-sPJfqOYGHyfh3dqJb0gdFkxvAmHs0Elw5YZ-jR_yj6EYFPYrkL6quJufprqtSv5lmgiPmhVksOrwUq5dao6T3oYR-Lo9_rKbiR7aVfs1jol4nTzgm0QMBaHviD0jWtY4f0Ds0lqSIk6Se4eSD4II_Jxe1oL9UKGhU834bLDqwcxkFc5HPiU5ctJxzlDZcqRAuL0YNoqpN1YoLn2t8fgth-OLUhbjdz4Kxr-SLE0gfEHtQAKads0X_2GQU4RnCOg-b9f6T8xlr1to0fKWzZ92bcQCExPGUW_8I5mktORWLKMMUCM5Ev7SuKGalhSvKT2rfiydR3O2PQ-MiB7f-t1XWyUiNQD2qqWQ99ZYx4l0o3MlToSIg6okmdaLJhVDXactik6zGK9oExSV3ZfHHW1Oidc12T5Hx1kIle2p9TGKVsCmSyiSV-9a5qALMYQUcvoV9JW7w0UOSCaE6-DtZgAar23vn-FqK4ZSqdZpvYDi4_kgMA228cUhh_ZLoWUC51iyStYHqLBGiEW9k5rejFgW7bs8UvVVeIAxH1yNnRBbwbr7RyMD5peCzmHuYjNDf5h3CRUtiqAYWch07Ve_KrNCYMpXnm9mC-N6GWKVyfScc6U3nKautT__1GnY5J5Q4m9uLXCHIoYQvSU9G9VbwR3YubdT1KwYRI7yfALBlYtrDw3d07C-uHZBQDdK8aGbDeglC3X_t6BvCKB9Y2ojSNEr9rUtXGEaA2amOaEQ

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 65

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMrKd3qDEJ2qOEl2A3pTOMI&google_cver=1

Request Chain 108

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAXSzZ1bfPgGTIEqyfWQRdU&google_cver=1

Request Chain 110

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D

Request Chain 135

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.asayamind.com%2F&domain=bg.asayamind.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=xlQ6LXwxMEZvV0FmOUhKTEFSVmVoeFAxdUkzem9iL3cySjNQdmt2OG9NQ1kvTVhKVjJSZlJadlN3bGhrU21VS0dDR1poc3Q4ODJNcnZPRnRlcHE1WjJWZjFZcUZxRURISXFGRlU5OFRPemNobFYrOVRpWk5Pb2ppdGl2YzBiZGZpQ280anRSK0F3MmJsaHZ3dnZSbVIrK2FLNU5JeFdsbnpYNnh6a2tEaE9CYWx2ck5wN1pscytmV0NRaHFIeGVaMmdtRWpPTDhNOVF5NjM1byt6aVZyTnlFU2ZsekNmaGVqRDB2MTNVZVdrcjRONVIxUDl5ejRvbFhhZXRES29LeWh5QlBafA&cppv=2

137 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request sodium Show response
bg.asayamind.com/ 37 KB
11 KB 607ms
556ms Document
text/html 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9d9847cfa9eaf4beb23c7ba7adbe050448cb2b26316b5469a38eb439c844e0c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 735c21359b8690f2-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 05 Aug 2022 02:33:45 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sRn8vbiHVoEJymGzJr5P1lsq6lk%2BvAH3D3a3R5Qj1mPvQkeLa%2Bx9i4rgByjd1a54QQu%2BuvsHZxqyTuRuRESiSIzmsc390Bbf6P1SeEOR%2Fst%2BWjFABBUWzQD8uaPG%2B4U7%2Fbx2xh%2F4puN3VjdrPFG"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 17 KB
1 KB 75ms
24ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Requested by

Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b253ef3fe01bdd1dbcf682caf6954cbf64877cf67955b085f18fd896809d7e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 00:50:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 05 Aug 2022 02:33:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Aug 2022 02:33:45 GMT

GET
H2 200 bootstrap.min.css
asayamind.com/template/css/ 152 KB
24 KB 38ms
20ms Stylesheet
text/css 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asayamind.com/template/css/bootstrap.min.css
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 642416
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 09:48:30 GMT
server: cloudflare
etag: W/"601d146e-2606e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQmlOD14mh8ekG6xL%2B4LKJqMLwGuCiCRrSDRFMbfDqD7pLn3AbTLCTOZsOK5ooQc%2BKBftP7o4r%2FNDzuDEp%2F82GtGir%2FHr%2BKCm7EmXN627icYgj7GtxqtBCmePNBwzmWijK0rR28MlRsNohel"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 735c21394d4990f2-FRA
expires: Sat, 27 Aug 2022 16:06:49 GMT

GET
H2 200 font-awesome.min.css
asayamind.com/template/css/ 30 KB
7 KB 31ms
14ms Stylesheet
text/css 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asayamind.com/template/css/font-awesome.min.css
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87a47b5cc1f7f079bf0daa6064d7024e5769af3a3efa272b9bc0c9c73059158b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1006389
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 09:48:30 GMT
server: cloudflare
etag: W/"601d146e-7936"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jx0mS4DRASfgT2rfmiSSbXNyxzdCuooZX81loXHj%2FDfQ6CxhlOxiSeABpOxC9sRml6%2BDkeZiAnlFsbMqOktPrtAMaxz4fb1jPDpGtNYJas6Kso8xNzSHRtQir%2BPUCsh0pFoTpnpqklc0%2FA8%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 735c21393d4790f2-FRA
expires: Tue, 23 Aug 2022 11:00:36 GMT

GET
H2 200 magnific-popup.css
asayamind.com/template/css/ 7 KB
2 KB 29ms
12ms Stylesheet
text/css 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asayamind.com/template/css/magnific-popup.css
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1978442
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 09:48:30 GMT
server: cloudflare
etag: W/"601d146e-1b27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9%2FDdbyWNfCltX4feRKmKWu8Tako3yKuzj06w5TsTikECbqAkq5uaLuOm6HEGgNtkgKxAw0%2BCMknx6GRW37fRisdSWHvBCcfSjhtYhCCEjr7x0%2BGI%2BMNXyMSYldG%2BocrxR9WG%2B1zjmDWUGVR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 735c21393d4290f2-FRA
expires: Fri, 12 Aug 2022 04:59:43 GMT

GET
H2 200 owl.carousel.min.css
asayamind.com/template/css/ 3 KB
1 KB 31ms
15ms Stylesheet
text/css 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asayamind.com/template/css/owl.carousel.min.css
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1016817
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 09:48:30 GMT
server: cloudflare
etag: W/"601d146e-d17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vhdH7%2Bm7u21xCIEhRWw0KRVw80YFeuUp5WBkmo8C0VK2P32C0IzTUtO0ICiLb%2BAKg51iWyxz03Mqfbxfffw2jHEoaoAotqOGCNd4f9S2c5y2SQHJi%2Br7DbkJlPMPdYigivl7lIFDbdxbiYG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 735c21393d4890f2-FRA
expires: Tue, 23 Aug 2022 08:06:48 GMT

GET
H2 200 slicknav.min.css
asayamind.com/template/css/ 2 KB
1 KB 29ms
14ms Stylesheet
text/css 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asayamind.com/template/css/slicknav.min.css
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c48050a1280b38ee66b4122dc30f7b8d0d89776c80f76f213dca958e701f45d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 642416
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 09:48:30 GMT
server: cloudflare
etag: W/"601d146e-9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLJ1dxpD9mWLHs%2FJ%2Be4SAgOQkti97lDnLY%2Bx1LWP3MMAncjXWubjmHzhRpKp5RtyqrfQtoyAMPl0GbwXl7qKTfQi70bnQKMRUwhUvVZVodJBc10fjyE7%2BrSi%2F4VaRjinP2k9cU3F2Z7DX15P"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 735c21393d4390f2-FRA
expires: Sat, 27 Aug 2022 16:06:49 GMT

GET
H2 200 style.css
asayamind.com/template/css/ 26 KB
5 KB 30ms
16ms Stylesheet
text/css 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asayamind.com/template/css/style.css
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e688389123ca5833bdbe2459b1d764d93fbee7bb07620de4a042a150609c423

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 754706
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 09:48:30 GMT
server: cloudflare
etag: W/"601d146e-69e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QY5kvDfh8mtE4j3dEAY77hGyybMiDP4qqGwoK%2FBT75duGCiKbWsI8PzJ5D1IKwXj8KXu5jdXv1D7N316KGhlujEkeX3HZuZ8aKBY5ynLdMlq9a8Lw%2Bo%2BKZd8dFj2sEpZrznzzP2vNg3oq09d"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 735c21393d4590f2-FRA
expires: Fri, 26 Aug 2022 08:55:19 GMT

GET
H2 200 fontawesome.css
asayamind.com/template/css/fontawesome/ 70 KB
13 KB 31ms
17ms Stylesheet
text/css 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asayamind.com/template/css/fontawesome/fontawesome.css
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba2ccd5586a31c9df1ec48aab00e143ae983cc2390cbc293b2623e62079471c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 642416
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 09:48:33 GMT
server: cloudflare
etag: W/"601d1471-11936"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9RnqKmcEIkg5Y8seczr8jgj90j4yJr5clIybtkjeFIJklb1%2BxaGSVsoQhb04Qp3HdaDdmWjodRT9cOvXM3Qpb4mGPNhnFvh8B%2BYDbHakmjAH4IiZkv6iWMdN8JUDm0mwpyZrhj3w7s%2B%2BHKr"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 735c21393d4690f2-FRA
expires: Sat, 27 Aug 2022 16:06:49 GMT

GET
H2 200 / Show response
op00.biz/ 14 KB
15 KB 67ms
21ms Script
application/javascript 185.177.94.108
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://op00.biz/?te=he4tgmrwmm5ha3ddf42tamzz

Requested by

Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.108 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-94-108.ah-server.com

Software

nginx /

Resource Hash

aaf507bab436a0cbe6048c2aa11304eb88acb9db8aa051a9e0b1bfc2a76120fe

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Aug 2022 02:33:45 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/ 395 KB
97 KB 60ms
8ms Script
application/javascript 2600:9000:206f:e400:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/plugin.min.js
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 59e6ccdc34bacab0f6ad5a0ab714a7eff1c929ac73a84ca206cc98032ad70bcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:56:12 GMT
content-encoding: gzip
last-modified: Thu, 23 Jun 2022 14:01:55 GMT
server: AmazonS3
age: 2254
etag: W/"4d2431a5ad29968b4aa873451b59fb2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: bN12ZND1wyPWR_jljio9-0uo9kbcMaIJgUYuZccK4C44OFbaByKVYA==

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 1 KB
863 B 118ms
8ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 89ceaf2fba13343764ed6f07696d5b3a49b28daf865c3f6c204c218a4cd62e1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: gzip
last-modified: Wed, 13 Jul 2022 06:52:04 GMT
server: nginx/1.18.0
etag: W/"62ce6b94-4e2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 05 Aug 2022 02:38:45 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H3 200 logo.png
asayamind.com/template/img/ 8 KB
8 KB 24ms
17ms Image
image/png 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/template/img/logo.png
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9d92d497bb26c99a13fe682be35853259225acbc6e0971244260c4fa783e1d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2580098
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7881
last-modified: Fri, 05 Feb 2021 09:54:59 GMT
server: cloudflare
etag: "601d15f3-1ec9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wmcLq0uKb3s0fQBSA2m2j3CNWDYNeMdOt0jB804u%2F7Ttw%2BJw7DrYEDlA%2BvnQMbeOn5JUPmpHJeBONY8MWW1Z6j90pyh0bbFu%2FxAKU4zF0NuDDmvroy9mXDFdDzq3FXZCnDb7QsdxFrItCx%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398dd99a3c-FRA
expires: Fri, 05 Aug 2022 05:52:07 GMT

GET
H3 200 sodium.jpg
asayamind.com/img/science/82/ 36 KB
37 KB 85ms
77ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/science/82/sodium.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 408f7bc5717c4e6eff974ec468662346fd79cd9fbf96b35fff59e338d7425318

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37052
last-modified: Tue, 15 Jun 2021 09:07:00 GMT
server: cloudflare
etag: "60c86db4-90bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkq3nSHx0CX%2BOxsjASmUjbOxVEAXc6l%2F8NnGKosfmCcQM805rAsk8eID97f0eH5ThrKxFcD0VVv%2FFOl5xUPH5E5Jikq6rMltqXiDt8UMrg2jzUwgd7t7wwevYzadv7jbZjCssfzSO3ryP3dH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398dda9a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 sodium-2.jpg
asayamind.com/img/science/82/ 52 KB
52 KB 106ms
99ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/science/82/sodium-2.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fd437f886786f7614c94cdf85dd787d120aac2ae5cba8eb08c9f9530e94b5d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52978
last-modified: Tue, 15 Jun 2021 09:06:16 GMT
server: cloudflare
etag: "60c86d88-cef2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uv81SlfMA2acOEFbLwadll2jVwSXmwUP%2BtcTmjIZT36xaN4wOJsCkjJPeV4vj%2B8QfrLn5kHwHp1O34u27KzoDyEVnA2dC7m8eYFPTyyJEudky0rAD%2FHfb6NQgwLslIUp2nJ%2BrZ6PPaJijtI1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398ddb9a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 sodium-3.jpg
asayamind.com/img/science/82/ 24 KB
25 KB 93ms
85ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/science/82/sodium-3.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 365cfe784eb130690c103b2d0f208f0aa9916824c9d3073bf7581bb967d170b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25065
last-modified: Tue, 15 Jun 2021 09:07:38 GMT
server: cloudflare
etag: "60c86dda-61e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohV7iri5j2vbqLwdb1zff3CSgUSFmIYezzyivSEIDN%2FzjSUpRPKwULaVUE3GkchBYoNtSQkoxVjCP5qOBWKN9jS%2FaHZbwlZNRMYTGBVJW60elMq1zVGRRANXPFM%2FlI8G%2BEdQ6VKFd3pY3nPV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398ddc9a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 sodium-4.jpg
asayamind.com/img/science/82/ 28 KB
29 KB 93ms
86ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/science/82/sodium-4.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92a387eeb82c237a49e38a5b4161f5f992f8253bb8b8f711178786885117e02e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29100
last-modified: Tue, 15 Jun 2021 09:07:26 GMT
server: cloudflare
etag: "60c86dce-71ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BPs76KYb68XxV356LO45Jbz6OZEFYLbovH4liUuCqNIba9RzleWWPO5MzCiga47BxUA%2B4jr0A%2B1SBW3COa%2Flx%2BeWGCeU5gpc5P3hlQlXieS%2Fv0OtC3DmlEU2OvV%2BZg4z%2F%2F8hlA95rbTpj%2Bo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398ddd9a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 sodium-5.jpg
asayamind.com/img/science/82/ 36 KB
36 KB 99ms
92ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/science/82/sodium-5.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c90b106a91165ee6b0eee691a5507062b90d189779541b4f2e67694a86154ea1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36738
last-modified: Tue, 15 Jun 2021 09:07:06 GMT
server: cloudflare
etag: "60c86dba-8f82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sr2S1v0EiM1Jo9lEK5Bwmusgc%2FtD4sZyquYIyGAPPV7UgR3O%2BH5rGj9WmyS3IM%2BNQWBsES2w1YI19TBdAQZ8FyOvYMtUKV3CHlOUSNW%2BSqqtA6ZFlIp0UKJqBo83uDeMMWWeHw5upKH%2FuG81"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398dde9a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 sodium-6.jpg
asayamind.com/img/science/82/ 49 KB
50 KB 107ms
100ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/science/82/sodium-6.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9308bbb7b7edafe6d52876aa2444ac810467ddfacc8b11501e9081c4938b664b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50274
last-modified: Tue, 15 Jun 2021 09:06:14 GMT
server: cloudflare
etag: "60c86d86-c462"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpwPPcjHOVYtV1tV0FlfcW36NAO7IjU6DZiQgw5b9vOKIi8Gm4LNe3gdWIRvJYzK7yKOGBqoaW9TFcVGFvUS33j5Fxnt99vab8aMsaj4%2FGlLZUT301x5%2B0lcF3PkXDjTI7O8DBNWLbeY8cWG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398ddf9a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 brown-v-board-education-topeka.jpg
asayamind.com/img/politics-law-government/98/ 31 KB
32 KB 100ms
93ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/politics-law-government/98/brown-v-board-education-topeka.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cec591cf64ba358c36b5f3e5d21cbaab61554dc4bde99a5943f249adc2a12eb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31799
last-modified: Tue, 15 Jun 2021 09:07:16 GMT
server: cloudflare
etag: "60c86dc4-7c37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4%2FHqz5tBiTwIn%2BV%2FR6je63mGnB%2FTObKdAvQJji%2FZmwhG%2FDn1K79oNXnhT7d%2BlcshI%2Bu8Q2LRgc%2BHltBSIm6urZ5VG5xPpXphc3Qy%2FdQinypHvHC6QfE6FK2Qu8UMRUoRCfwhNlcR1OmZbt6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398de09a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 effie-gray.jpg
asayamind.com/img/other/58/ 33 KB
34 KB 101ms
94ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/other/58/effie-gray.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ca90b3e77c9ccad51f409feaeb7f03a9c928ebb9989fc8d576f69dd5592c6af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33932
last-modified: Tue, 15 Jun 2021 09:07:12 GMT
server: cloudflare
etag: "60c86dc0-848c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3B92%2Fr7aP659cJvsQtbyR6sr7BNyNgOWMadsvuycGP0%2F%2BAz24h0yYrnBCzscvJRa%2F9AJOrmxKltU23jSPcPD%2Ba2ZPrj9PuiwojmND1msbez0VaDrMV74kmux8tHi1wIboPwRvWSHZ%2FdNC7r"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398de19a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 amazon-com.jpg
asayamind.com/img/politics-law-government/52/ 4 KB
5 KB 65ms
59ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/politics-law-government/52/amazon-com.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fd8aa7bd63885ddb344bffb24f29cb605eec6e33ea878da5dadeefa312df7cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4457
last-modified: Tue, 15 Jun 2021 09:08:04 GMT
server: cloudflare
etag: "60c86df4-1169"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcRejwlLODcEBvff32TFLL5HBFAwWrDn02Sab0R%2BA8PkKy9YNAVChCPG4nKsoORoa0JPauEjKMciujlS8t%2Fbsb4OEsUBPuEpNzIpowZ35%2FEnaKBan4GqnjdGmW6JkF1qIzlqTVqkReBvOIaK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398de39a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 story-behind-llullaillaco-maiden.jpg
asayamind.com/img/ancient-history/39/ 74 KB
74 KB 110ms
104ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/ancient-history/39/story-behind-llullaillaco-maiden.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55265099dbaefbd2e20b74d2c21800ad3f2f485a56e90d365f4e2df45db2a541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75331
last-modified: Thu, 14 Apr 2022 14:02:26 GMT
server: cloudflare
etag: "62582972-12643"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qNEdEhYsyD7Irs9COvbyF66BUQQFdricNZZ2XUMv9MPt8kzOiS%2BwOC9OfcIZK7vy%2FopDa%2B5azm8yPLw3%2FbqY9cPyAFRt9Z%2Bvj74M2N%2B%2BtpF95ZvypUDpNBWuc0LzpHMkV7TgTC3QkMJy5cH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398de59a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 ignacy-mo-cicki.jpg
asayamind.com/img/politics-law-government/27/ 211 KB
211 KB 106ms
100ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/politics-law-government/27/ignacy-mo-cicki.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c4a6b789ebcb5cc4c37e3c0af486224b499f9e2bffae77476ec0ba2f49c9658

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 215894
last-modified: Tue, 15 Jun 2021 09:04:32 GMT
server: cloudflare
etag: "60c86d20-34b56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=If93JsLoa5YQ79Py0yKZnjRlv42Nb8QrJSJVH%2FbQtAhRbqWZJCXXQDfyInUOHEycGcmRjiTD%2B5j1UWZHgPNw0cOy1%2Fbtb9N13PK%2BrvO8L%2FwBMeDR15TRgOIjwNh1FCyGCtJTD5K8Zt4Z4Npm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398de69a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 twisted-case-stacey-castor.jpeg
asayamind.com/img/american-history/50/ 47 KB
47 KB 112ms
106ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/american-history/50/twisted-case-stacey-castor.jpeg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99e9d63ba75630b9a012bcef0ba6621cbabb45239a3f8c440ca3ac68a575ea37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47658
last-modified: Thu, 14 Apr 2022 14:03:22 GMT
server: cloudflare
etag: "625829aa-ba2a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W34G9X6eGAa8D1rHYB5bM8%2FckiLLB%2Bd3BTMURAXLu8hQjrr3KMVHcahThwwpqxu%2B6u6yQMWYPe8doe0VvJWGc%2FPj4K7BMvY8sZDjcdfyQmiOQwZwWm306h50p%2F6dY04lgIk3IqxW%2Bfwh7mBB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398de79a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 prime-ministers-canada.jpg
asayamind.com/img/other/03/ 10 KB
11 KB 67ms
61ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/other/03/prime-ministers-canada.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67480894f81825d3340e98ce48763d88747c45b8e5c35ea2a888a2602213c744

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10223
last-modified: Tue, 15 Jun 2021 09:07:56 GMT
server: cloudflare
etag: "60c86dec-27ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8ylflLeO1ei%2FZK2IUct0Ggb%2BRa7RDO59sh8zk4WoHDzkbWrwmDj%2Fq%2Fj8u5TvkT6e%2Fh6djgbOPrM%2BOF6bMwiORyY0A5TtZHQNSvDtUkdD9zvCe1EOCyNBpn4LL8IK0lJlIUCO9IA9cyLEKbJ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398de89a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 dwight-d-eisenhower.jpg
asayamind.com/img/politics-law-government/47/ 30 KB
30 KB 103ms
97ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/politics-law-government/47/dwight-d-eisenhower.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46a39efa395c9b83497f75f9e153bc78a68c4ceb25b6071275619befad450562

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30578
last-modified: Tue, 15 Jun 2021 09:07:22 GMT
server: cloudflare
etag: "60c86dca-7772"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BYawvFilZp4ckgxSHt89Nw52%2BaT04fE3WeGZGxPA%2Fje4JR8rGmSS8P7diX5TMYe4t1HejMscz4Xg51X%2FN3VW74QaujlvgwapPlleClsgkQUJAYLwXbq81tYBkSqLn0iq35ctCOV9Zic%2Bihn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398dea9a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 brie-larson.jpg
asayamind.com/img/entertainment-pop-culture/48/ 44 KB
44 KB 112ms
107ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/entertainment-pop-culture/48/brie-larson.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1d4ffe1890105e05e1542b4e580ec0281bbba2de3f06a74813223304c990f44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44833
last-modified: Tue, 15 Jun 2021 09:06:36 GMT
server: cloudflare
etag: "60c86d9c-af21"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFCKbpf8%2BQbZ47K2KNOzxCd6tBtswAN6UG8FD2TZgStrXUGqsp%2Bh02wnNjWV6ueUnQ36UrGXJ8QSFijcswoj5AKNWnwY7uQFs294h3Fe9bwY%2BgkkK0T%2F1aRokUbmF8ShdCOQVwmRPxN%2BztJx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398deb9a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H3 200 mukden-incident.jpg
asayamind.com/img/politics-law-government/87/ 73 KB
73 KB 113ms
108ms Image
image/jpeg 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asayamind.com/img/politics-law-government/87/mukden-incident.jpg
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95320b67c12d63582c8c7b12b8bcb3a7e636b7ad6d099e096b9afd7b9c97ee0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74419
last-modified: Tue, 15 Jun 2021 09:05:20 GMT
server: cloudflare
etag: "60c86d50-122b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O6%2FFDhr4W%2FLGFkIUDSp0T6pRyJnIuDKSPahR4ZR%2BJRSsJeIfsXfGayeROiGu6c9gRCLPx%2BzYtVTLgOuIkAzq0PVNxsFKrkFmVPXTyWeqAXLYA41DxnHail2ITQDIaVWFFdmj1TMMGWrUFvn9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 735c21398ded9a3c-FRA
expires: Sun, 04 Sep 2022 02:33:45 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
asayamind.com/template/js/ 85 KB
31 KB 16ms
14ms Script
application/javascript 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asayamind.com/template/js/jquery-3.2.1.min.js
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 640242
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 09:48:32 GMT
server: cloudflare
etag: W/"601d1470-15283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E4joInJtDr0%2FAU%2FfN4lLp%2BfVjyf3wZpTEGlyYB0cwd7W8ZJGEZoG9hojEwsJAQKYEDCqDjgGpBzJAe0iMNncUpr3a7wTKcbGzk1zDaybtRXXdM2kjUI4o3WDWSvAY86kLq3Z6NbFkcVi7ADc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 735c21397d6990f2-FRA
expires: Sat, 27 Aug 2022 16:43:03 GMT

GET
H2 200 bootstrap.min.js Show response
asayamind.com/template/js/ 57 KB
16 KB 20ms
11ms Script
application/javascript 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asayamind.com/template/js/bootstrap.min.js
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1009004
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 09:48:32 GMT
server: cloudflare
etag: W/"601d1470-e2d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rwe%2FRiRRWjQ0sSj0YsN2EeMAK%2B7Y3EONWU%2BZeUUFXXgcbFPCC8bSxIzDrS5WoP75jnneF%2Bj9d0senEBER3JIiI8xZD8dNDI0CrijsnhMsgi%2BOYdiM2mLnGfuA84Hlm3LE9sEMbVtZ2BEbDQw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 735c21398d8190f2-FRA
expires: Tue, 23 Aug 2022 10:17:01 GMT

GET
H3 200 jquery.slicknav.js Show response
asayamind.com/template/js/ 20 KB
5 KB 25ms
16ms Script
application/javascript 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asayamind.com/template/js/jquery.slicknav.js
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c66dcc5003ba9cfe9b7697fe1fca1b38033ecbe712a8d4f21300624567036e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 980948
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 09:48:32 GMT
server: cloudflare
etag: W/"601d1470-51f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9NJ694Eq6ta3tvY90tB5Iwn%2B9usE%2BN3O802UNN%2FTA4UObJG3Me0ksCHarXZioh8E1ZE5NSir4OqFa1oN%2Fb3hoTaMKTX2anuaZqMtakp1968yD9nL%2BAko76jVWkcWu4gSwt3ONJ3RA1nW0cVn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 735c21398dd49a3c-FRA
expires: Tue, 23 Aug 2022 18:04:37 GMT

GET
H3 200 owl.carousel.min.js Show response
asayamind.com/template/js/ 43 KB
12 KB 30ms
21ms Script
application/javascript 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asayamind.com/template/js/owl.carousel.min.js
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1089534
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 09:48:32 GMT
server: cloudflare
etag: W/"601d1470-ad36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awrtoM3YTiIBkjRVNfmbSZ8jowilL%2BprZBURX%2F7K6CItQaWhlQ0IuWKq%2BsmMTa2OJoimgByzF8sA956AfEacmXvO5nOyuC6%2FHD7KeDbyKVoC6nKsX%2Fi7e7ghJb%2Fft60SLjp%2FiLOwA4IkkCo4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 735c21398dd59a3c-FRA
expires: Mon, 22 Aug 2022 11:54:51 GMT

GET
H3 200 circle-progress.min.js Show response
asayamind.com/template/js/ 4 KB
2 KB 22ms
14ms Script
application/javascript 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asayamind.com/template/js/circle-progress.min.js
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d97a637cb2f9b5160b6b7000334833e9a018d33c6f1e8803cd359e9b19133c38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 109598
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 09:48:31 GMT
server: cloudflare
etag: W/"601d146f-115d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4d0Uge36ai1XaQAAjQ5Vs0D8%2FZg%2F29tSOZrLl%2F%2BmHDyaNUrh6qQT0l%2BECqt5Mny8hf3Sw31aLkFVBXkU9wPnMwnKLUyvhKrt3vYOCwyuleqShhl2l3b55Ix5xMh0wvb4NLoqgfliu4j8%2BIw7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 735c21398dd69a3c-FRA
expires: Fri, 02 Sep 2022 20:07:07 GMT

GET
H3 200 jquery.magnific-popup.min.js Show response
asayamind.com/template/js/ 20 KB
8 KB 29ms
20ms Script
application/javascript 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asayamind.com/template/js/jquery.magnific-popup.min.js
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2226565
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 09:48:32 GMT
server: cloudflare
etag: W/"601d1470-4ef8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7p9SdE92I0TGUDGwNlTzZZ07V8op%2FiNMbvyGryRcWBdEXPMERpTAtwb2SxAbS9tyBNp7ojC3IdiNtiqiVHfiANmdTxgfe4H2Te7SxJFD2JRwP5FjMlT3GKO8jl9b7pJH%2B3xYOmR8%2FrUpqQiG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 735c21398dd79a3c-FRA
expires: Tue, 09 Aug 2022 08:04:20 GMT

GET
H3 200 main.js Show response
asayamind.com/template/js/ 3 KB
2 KB 23ms
14ms Script
application/javascript 2606:4700:3030::6815:e9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asayamind.com/template/js/main.js
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:e9e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a45b7c0631e1239bc47e2948fb4caa2b18aab01fee57dd3e7f43ade9e6c0f259

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1362442
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 09:48:32 GMT
server: cloudflare
etag: W/"601d1470-b13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FxrWdSUTRhL0VERhUbRaGDLc96jrAFb0Tu6z5gPJX99nN1O4Eb5%2BEg0UkeRUnxm4s05tBEQKSm1Ph9K0CITdPWw7r%2B3ydlr2PrRI0Z6YPYUN1nyaFkPNmpo2LuJaYg%2FF5%2Bpvc2omp8UU%2F1Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 735c21398dd89a3c-FRA
expires: Fri, 19 Aug 2022 08:06:23 GMT

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

20ms
7ms

Script
text/javascript

2a03:2880:f21c:81e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Server: 2a03:2880:f21c:81e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 18:35:45 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Fri, 05 Aug 2022 02:33:45 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: odn
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 84ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: 71679b04fbd29b2c4fe5a7f200ccdc88d666d9b9b9253c4f2878ea06591dac71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 05 Aug 2022 02:33:45 GMT
Content-Encoding: gzip
Age: 334
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29203
x-tw-cdn: VZ
Last-Modified: Wed, 03 Aug 2022 21:01:21 GMT
Server: ECS (frb/6731)
Etag: "2db8c3ce16d9541818f0d180a9ea89b1+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 192355X1677950.skimlinks.js Show response
s.skimresources.com/js/ 49 KB
19 KB 43ms
10ms Script
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/192355X1677950.skimlinks.js
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdb376528b441b3a3bd8714c9c10512d8dec925976294b875235d974fad8caee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 10:46:24 GMT
server: AmazonS3
x-amz-request-id: A9F4ACA793Q5Q6JD
etag: "0243943ebc0cbc2e9bd2b6292ca6c010"
x-hw: 1659666825.cds251.fr8.hn,1659666825.cds238.fr8.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 18851
x-amz-id-2: yRkzpT2o2ne4IXKCuvIZCuGWyXAFsEiBtUE2K8iqW/CgqMCUHKBEGeUJ3Zw2w7qNqau5yQnzrz0=

GET
H2 200 fFuA8XC8tIM Show response
www.youtube.com/embed/ Frame 1DD9 56 KB
25 KB 112ms
74ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/fFuA8XC8tIM?modestbranding=1

Requested by

Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7b37e9938d59c109b2c4b847644990a3dce6e5f69d68c82ff8e8cbca03bc731a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.asayamind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Fri, 05 Aug 2022 02:33:45 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 70ms
35ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.asayamind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 19:04:26 GMT
x-content-type-options: nosniff
age: 372559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 19:04:26 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 72ms
37ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.asayamind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 281042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 20:29:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 53ms
18ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.asayamind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 66714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 08:01:51 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 63ms
29ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6933e678530b263486fa7b185a449cac947e1496ef61d496642032f339e9e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.asayamind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 08:12:38 GMT
x-content-type-options: nosniff
age: 238867
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10292
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Aug 2023 08:12:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 66ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.asayamind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 21:51:35 GMT
x-content-type-options: nosniff
age: 276130
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 21:51:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 58ms
32ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.asayamind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:49 GMT
x-content-type-options: nosniff
age: 150536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Aug 2023 08:44:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 58ms
41ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.asayamind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 109400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Aug 2023 20:10:25 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
18 KB 31ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.asayamind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 11:25:53 GMT
x-content-type-options: nosniff
age: 313672
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 11:25:53 GMT

POST
H2 200 / Show response
r.skimresources.com/api/ 150 B
193 B 90ms
20ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/192355X1677950.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

95b1ff1b25013b9dba105c10771ef19ce83f45d2c58f18a869a165f73d194885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bg.asayamind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://bg.asayamind.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame C2F1 0
134 B 59ms
21ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.9489400335003073
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
276 B 66ms
18ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=9.21807375339734
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 67ms
19ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=9.21807375339734
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

POST
H2 200 / Show response
r.skimresources.com/api/ 168 B
383 B 34ms
20ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/192355X1677950.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

2b552cf0eed9a06573ca58ecf7916ddbde33020221a2dd83e53fa03d26a92a05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://bg.asayamind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://bg.asayamind.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H/1.1 200
OK widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html Show response
platform.twitter.com/widgets/ Frame EEB9 320 KB
104 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fbg.asayamind.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6776) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://bg.asayamind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 105632
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Fri, 05 Aug 2022 02:33:45 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Wed, 03 Aug 2022 20:59:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6776)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H3 200 www-player.css
www.youtube.com/s/player/2fd212f2/ Frame 1DD9 340 KB
47 KB 45ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2fd212f2/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fFuA8XC8tIM?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af5b01db369432e13c4fc7fd732a09338294d39668f7dd3d4c0c063db3a18be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/fFuA8XC8tIM?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 14:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47818
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 00:21:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 04 Aug 2023 14:56:25 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/2fd212f2/www-embed-player.vflset/ Frame 1DD9 307 KB
95 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2fd212f2/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fFuA8XC8tIM?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dca9b0dc612135d3fca2be6909f6006c4953175cdc92389cbcaca2d11ab9f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/fFuA8XC8tIM?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 14:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97170
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 00:21:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 04 Aug 2023 14:56:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/2fd212f2/player_ias.vflset/de_DE/ Frame 1DD9 2 MB
566 KB 67ms
38ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2fd212f2/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fFuA8XC8tIM?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f611cb7e93381f8dbb6df1c62fe1c4c5b9f861a93a52f27c7de12a26b2e1b97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/fFuA8XC8tIM?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 14:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 579287
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 00:21:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 04 Aug 2023 14:57:42 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/2fd212f2/fetch-polyfill.vflset/ Frame 1DD9 9 KB
3 KB 59ms
30ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2fd212f2/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fFuA8XC8tIM?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/fFuA8XC8tIM?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 14:56:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41840
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 00:21:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 04 Aug 2023 14:56:25 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1DD9 15 KB
15 KB 40ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fFuA8XC8tIM?modestbranding=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 02 Aug 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 227740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 02 Aug 2023 11:18:05 GMT

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 85 KB
31 KB 20ms
6ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 537862c011fddf4cdb4c7fba37674a577c6ce7c5d365a785eb43a5d806ea2b1f

Request headers

Referer: https://bg.asayamind.com/
Origin: https://bg.asayamind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: gzip
last-modified: Mon, 01 Aug 2022 15:27:41 GMT
server: nginx/1.18.0
etag: W/"62e7f0ed-15354"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 05 Aug 2022 02:38:45 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame EEB9 513 B
523 B 142ms
114ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=53615c79452b1f06f94d63bb2c64f8b6c2c04ff6

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b1befbea3a1424bb94efd70105dfa52.html?origin=https%3A%2F%2Fbg.asayamind.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

6bfdae4a96ded74a8b76984a830bba5e90a6a14a529f56ca4a2bf75021fe45fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-response-time: 107
date: Fri, 05 Aug 2022 02:33:44 GMT
content-encoding: gzip
last-modified: Fri, 05 Aug 2022 02:33:45 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 22496d256f297746ebffed5561f187079d561bcb1c92e57d63ffd9625dcb11f4
content-length: 242

POST
H3 200 page Show response
t.skimresources.com/api/v2/ 22 B
43 B 36ms
21ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/192355X1677950.skimlinks.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bg.asayamind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 02:33:45 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://bg.asayamind.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

GET
H2 200 2587 Show response
na.nawpush.com/tags/ 655 B
809 B 58ms
25ms XHR
application/json 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/2587?version_name=a
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 82f8bdcad72ab6408ae44b67ab13fff57058556ffe7a3438e046b1fbd0db5296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Aug 2022 02:33:45 GMT
cache-control: max-age=300, public
server: nginx/1.18.0
content-type: application/json
content-length: 655
x-proxy-cache: MISS

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
237 B 7ms
6ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 05 Aug 2022 02:38:45 GMT
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
29 KB 93ms
35ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

456536908f305f1887be5fe66066f4d05797a90ee08265fec1b9c2afd3afec47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28612
x-xss-protection: 0
server: sffe
etag: "1294 / 77 of 1000 / last-modified: 1659651030"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 Aug 2022 02:33:45 GMT

GET
H2 200 prebid5.14.0.js Show response
get.optad360.io/sf/ 460 KB
461 KB 8ms
7ms Script
application/javascript 2600:9000:206f:e400:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.14.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/e0f4023d-1f54-4786-94e7-bff2e058d23f/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e400:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Tue, 29 Mar 2022 00:35:49 GMT
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
server: AmazonS3
age: 11152677
etag: "6dd0a13bde35d2daa452bba998871016"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 471445
x-amz-cf-id: D8HMkJOvzhxeEoyX17um-VlacbKD2VV2uJSAXC8nMUc_re0qw0xGPw==

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 1DD9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

48ms
20ms

XHR
application/json

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/fFuA8XC8tIM?modestbranding=1

Protocol

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41e44b045e8237f9d70ad654e01306a7c41d43b564d9e33c3ca5c1b86cc69d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 05 Aug 2022 02:33:45 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 1DD9 29 B
588 B 57ms
23ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2fd212f2/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:19:42 GMT
x-content-type-options: nosniff
age: 843
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Aug 2022 02:34:42 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 84ms
22ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 05 Aug 2022 02:33:45 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1DD9 63 KB
29 KB 55ms
27ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2fd212f2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

268a314cd3a52283e005bc886573488bfab26cd1228b078f546b3800043a426a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30128
x-xss-protection: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 1DD9 0
19 B 22ms
22ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?cpn=d9sDcn_OQASesrQU&el=embedded&ns=yt&fexp=23853952%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24199710%2C24226335%2C24237632%2C24238983%2C24241936%2C24245746%2C24248385%2C24252017%2C24254429%2C39321934&cl=465163086&seq=1&event=streamingstats&docid=fFuA8XC8tIM&cbr=Chrome&cbrver=104.0.5112.79&c=WEB_EMBEDDED_PLAYER&cver=1.20220803.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2fd212f2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/fFuA8XC8tIM?modestbranding=1
X-YouTube-Client-Version: 1.20220803.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtES3g3WC1oeF9ZVSiJg7KXBg%3D%3D
X-YouTube-Ad-Signals: dt=1659666825599&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C556%2C311&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 02:33:45 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/2fd212f2/player_ias.vflset/de_DE/ Frame 1DD9 27 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/2fd212f2/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2fd212f2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf4ef47f10dc67845744d92465e9dbbd6280b84e2b84dd7cf9c6b6b5211e8737

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/fFuA8XC8tIM?modestbranding=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 14:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41762
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8106
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 00:21:08 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 04 Aug 2023 14:57:43 GMT

GET
DATA 200
OK truncated
/ Frame 1DD9 294 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6227855c05e33c326e45eb7c8f03c6cbd471599e7e6e02898bc5699d899fe84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 165ms
15ms Preflight 23.88.85.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=2587
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.85.6 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.85.88.23.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bg.asayamind.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://bg.asayamind.com
Connection: keep-alive
Date: Fri, 05 Aug 2022 02:33:45 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 0
370 B 44ms
24ms XHR
text/plain 23.88.85.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=2587
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.88.85.6 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.6.85.88.23.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bg.asayamind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 05 Aug 2022 02:33:45 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: https://bg.asayamind.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 track Show response
8a69c39ad9.f451b7f622.com/in/ 0
207 B 98ms
39ms XHR
text/plain 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://8a69c39ad9.f451b7f622.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTA1NDc5MDIwNzMxNTg0MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjIuMSIsInRhZ19pZCI6MjU4Nywic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkV0Yy9Vbmtub3duIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMjksImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IiVEMCVCRCVEMCVCMCVEMSU4MiVEMSU4MCVEMCVCOCVEMCVCOSUyQyVEMCVBNCVEMCVCMCVEMCVCQSVEMSU4MiVEMCVCOCUyQyVEMSU4MyVEMCVCRiVEMCVCRSVEMSU4MiVEMSU4MCVEMCVCNSVEMCVCMSVEMCVCOCUyQyVEMCVCOCUyQyVEMSU4MSVEMCVCMiVEMCVCRSVEMCVCOSVEMSU4MSVEMSU4MiVEMCVCMiVEMCVCMCUyQyVEMCU5RCVEMCVCMCVEMSU4MyVEMCVCQSVEMCVCMCUyQyVEMCU5RCVEMCVCMCVEMSU4MiVEMSU4MCVEMCVCOCVEMCVCOSUyQyVEMCVCNSVEMCVCRCVEMSU4NiVEMCVCOCVEMCVCQSVEMCVCQiVEMCVCRSVEMCVCRiVEMCVCNSVEMCVCNCVEMCVCOCVEMSU4RiUyQyVEMCVCNSVEMCVCRCVEMSU4NiVEMCVCOCVEMCVCQSVEMCVCQiVEMCVCRSVEMCVCRiVEMCVCNSVEMCVCNCVEMCVCOCVEMSU4RiUyQyVEMCVCMSVEMSU4MCVEMCVCOCVEMSU4MiVEMCVCMCVEMCVCRCVEMCVCOCVEMCVCQSVEMCVCMCUyQyVEMSU4MSVEMSU4MiVEMCVCMCVEMSU4MiVEMCVCOCVEMSU4RiUyQyVEMCU5RCVEMCVCMCVEMSU4MiVEMSU4MCVEMCVCOCVEMCVCOSUyQyVEMSU4NSVEMCVCOCVEMCVCQyVEMCVCOCVEMSU4NyVEMCVCNSVEMCVCRCUyQyVEMCVCNSVEMCVCQiVEMCVCNSVEMCVCQyVEMCVCNSVEMCVCRCVEMSU4MiUyQyVEMCVCRSVEMSU4MiUyQyVEMCVCMCVEMCVCQiVEMCVCQSVEMCVCMCVEMCVCQiVEMCVCRCVEMCVCMCVEMSU4MiVEMCVCMCUyQyVEMCVCQyVEMCVCNSVEMSU4MiVEMCVCMCVEMCVCQiVEMCVCRCVEMCVCMCUyQyVEMCVCMyVEMSU4MCVEMSU4MyVEMCVCRiVEMCVCMCUyQyVEMCVCMiUyQyVEMCVCRiVEMCVCNSVEMSU4MCVEMCVCOCVEMCVCRSVEMCVCNCVEMCVCOCVEMSU4NyVEMCVCRCVEMCVCMCVEMSU4MiVEMCVCMCUyQyVEMSU4MiVEMCVCMCVEMCVCMSVEMCVCQiVEMCVCOCVEMSU4NiVEMCVCMC4lMjAifQ==
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 02:33:45 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 push.m.js Show response
js.wpshsdk.com/npc/sdk/ 51 KB
20 KB 34ms
6ms Script
application/javascript 45.133.44.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpshsdk.com/npc/sdk/push.m.js?v=1
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.25 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 0f48bafb72621ca51f8397a1bf5a9ef2db26b36e723995268a475fa22480a882

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: gzip
last-modified: Wed, 27 Jul 2022 15:04:06 GMT
server: nginx/1.18.0
etag: W/"62e153e6-cd9a"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 05 Aug 2022 02:38:45 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 csub.m.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 52 KB
13 KB 28ms
7ms Script
application/javascript 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: ae76aab58df5505ae11ad294434acd86c398718cc15d0f4d7a92cf6953a42a38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 11:09:06 GMT
server: nginx/1.18.0
etag: W/"62eba8d2-d0c6"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 05 Aug 2022 02:38:45 GMT
cache-control: max-age=300
x-proxy-cache: HIT

GET
H3 200 pubads_impl_2022080101.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
130 KB 40ms
13ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

a5910455615630589802ca15818aa163322871e6468f06a3660c53d6ab2936bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 20:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22916
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132749
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 16:11:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Aug 2023 20:11:49 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 74 B
99 B 53ms
24ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bg.asayamind.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

5c36cc97464b8d5514e09ec6ce98511cb09f0cb6b9d720bcbe9208a96dd4856d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
expires: Fri, 05 Aug 2022 02:33:45 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 36ms
6ms XHR
application/json 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220805

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d87cb091a0dae7c5b2144d522c9f12ad686508f2fa646a83fdae7090eba7877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bg.asayamind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 41567
x-jsd-version: 1.0.1422
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 924
etag: W/"66b-EK1t8yoPyH5SHpAsprm4Uymegf8"
x-served-by: cache-fra19130-FRA
x-jsd-version-type: version
date: Fri, 05 Aug 2022 02:33:45 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
938 B 34ms
16ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2381632
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=774kIoswtgE%2B0YPNKw676aecJT%2BUiIU34OG8WwyibWCr1ENRBNC4DkAGQZw68XBreNUqnMiqRxOghzTgQGkiPlNuh7CMbxMGUmp6qoBsbeVG1djqcGhqdJLn4iE8wt8AskPZIEYlsUEy98QY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 735c213d4aabbba7-FRA

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
278 B 204ms
161ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bg.asayamind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.asayamind.com
date: Fri, 05 Aug 2022 02:33:45 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 148
vary: origin, Accept-Encoding

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
409 B 122ms
70ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bg.asayamind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 02:33:46 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://bg.asayamind.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
178 B 79ms
14ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bg.asayamind.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bg.asayamind.com
date: Fri, 05 Aug 2022 02:33:45 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 113ms
28ms Preflight 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bg.asayamind.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://bg.asayamind.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Fri, 05 Aug 2022 02:33:45 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 74ms
23ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bg.asayamind.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 74ms
23ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bg.asayamind.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
16 KB 284ms
283ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1037218444466524&correlator=532700060272278&eid=31068458%2C42531605&output=ldjh&gdfp_req=1&vrg=2022080101&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_Interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=3132106321&sfv=1-0-38&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1659666825870&lmt=1659666825&dlt=1659666825130&idt=716&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fbg.asayamind.com%2Fsodium&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=1026&ohw=0&ga_vid=961306192.1659666826&ga_sid=1659666826&ga_hid=1254559684&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

87e9dc088dc7e2c3f310eec464172f9cb0e4a361ef9086192674c769c9d1e612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15892
x-xss-protection: 0
google-lineitem-id: 6078677484
pragma: no-cache
server: cafe
google-creative-id: 614294415729
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bg.asayamind.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 97D4 6 KB
4 KB 154ms
22ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.asayamind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 02:33:46 GMT
expires: Sat, 05 Aug 2023 02:33:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022080101.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 13ms
13ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022080101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

e806d3229a860fbe57b6842ba4b6f6425cb4090b8068134ec5d2e38c0cf3753e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 18:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287194
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13581
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 16:11:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 01 Aug 2023 18:47:11 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 29ms
14ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29863
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx0effedfd698a46a18f067-0062d8036d
x-amz-id-2: tx0effedfd698a46a18f067-0062d8036d
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vTY%2FMXT%2Bu5gl1Mw9l%2BSAzEgrRvnDzwBebMjcJpWNnG7UF1T96G3eNxytCowiCWzZjRZUzN74lFjWl8plRt0SBjYSw5PvM%2BURH9zfsjQKWHN6Vm8ueOvhKJ1Jyn6TH7O2N0HZ2%2FzSsBU8YkRA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 735c213dee809195-FRA
access-control-allow-headers: Authorization

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1DD9 98 B
142 B 24ms
24ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/2fd212f2/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ff4a53b3d97b99f5a9a6b453cd2788266029278ac88dc862261df99d6d0c0a93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 05 Aug 2022 02:33:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 21ms
20ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 05 Aug 2022 02:33:45 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 49ms
22ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bg.asayamind.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 02:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 50ms
22ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bg.asayamind.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 02:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
12 KB 365ms
365ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1037218444466524&correlator=532700060272278&eid=31068458%2C42531605&output=ldjh&gdfp_req=1&vrg=2022080101&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_SF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=2&adks=466838934&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1659666826033&lmt=1659666826&dlt=1659666825130&idt=716&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fbg.asayamind.com%2Fsodium&frm=20&vis=1&psz=0x-1&msz=728x-1&fws=1664&ohw=0&ga_vid=961306192.1659666826&ga_sid=1659666826&ga_hid=1254559684&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e54d3a42682cb782e5a1072d17573526172766c9725ba5363cbffeb525918992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11995
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bg.asayamind.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 83ms
28ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022080101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba3d91b8968b19d0961a261e96a2f57a21ad423aa14722e014902af5c578fb77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 05 Aug 2022 02:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10567
x-xss-protection: 0

GET
H3 200 container.html Show response
a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8355 6 KB
3 KB 42ms
14ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.asayamind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 02:33:46 GMT
expires: Sat, 05 Aug 2023 02:33:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 93ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 02:33:46 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 8355 4 KB
636 B 76ms
24ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com
URL: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 00:47:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 05 Aug 2022 02:33:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Aug 2022 02:33:46 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DD86 624 B
300 B 25ms
25ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuhcRDAk-sBGM_Cy9ABMAE&v=APEucNX5NlMntwhnzyZN526qFuk3gOjQmPGDweyqWwdlNVJ7MAkMpZcR9KmshNtbAxo1X1euFudZmnmZub5o8b0pDQxFWTYKUDuaXpNrT4TDINMiotljiBWMl65Yr7BCBXvUJWqyn12ipKWgANIDK-XJF07tPZlFS8V2ZnV2ZOcZytCVDm0t-boxrjXaLeDiIASpR3ZG34vTwOjikVFtHhXZkxmkM-WDIw

Requested by

Host: a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com
URL: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 02:33:46 GMT
expires: Fri, 05 Aug 2022 02:33:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8D6F 73 KB
34 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bx__cXyXFMjNv4Tu5dBG2fshL1oWCZwOy_RQIgiL3mFPB0YCU9mvQWq-pSZumgo4DuercRowBq5EWkGTTfUhR79oy9tA&cry=1&dbm_d=AKAmf-DH6Yzep9bOm9cZjizkf6tDiyVvHxRe3aFpuubbKXQzN1u8MNNjqLLGqpffPoDKKf73CIhYgsKi0Sk6tNZtV5XW3ArWPkMDpiU09DaDK8Ebf6CMHh-880I1mi3ZR9WZOkRvY-lIVexojZo829ZrIeQa153VqefQkdsW-yb4aRaxIKWrDG2T3uxgBBP8o2jRi0w-Xvh5XihcNFcM3ZgsghkMY2Ebl8kC9kv-pCqbL9y_Lser0dPptVj1Po-TewaOCNnpqAuC7yg08GwW-L6m4jAg_fPQhcP9EEeI0KDv8H7qdp8t3JUMeFQGQPkbsuhsDg638fImV6o4tvI-HNl5CeQCwLhbx3su4hU5RgdOUOgcY0YxFHiKDXx6MESD2w8wZFlyJwyv8S1lv6tC0VlEfl_hAUhxw0EjGbNEyp5c4nImRn6n4rCxE3QCFryUkZSqHbl3RGg2dgwE-Mb6Gsm4iJbVjV5QNYwVNermU0mJG8SIiFOkPZIssH3rDJrTCgyVtAehuHfEiWkyWJ5b6LOrasuFrIsxoGqhm5IYozZaeC2ms-T_aKCdyKnlTkuMTit8laRz1pV7WiDwopFhx4c5DaSg0YfP63hdR1RuWLxmQQylRy5nZSIfUjku8hJBH0g-Nq6WtziJbVieny330ZTw6468bphVZ0MONg6OnMExjBiQzRxxJEZVMZy3wHpUzY4yLd6iRQvANe9Z5Ey6EU1QslrAcMHTzY9ckRJ5Z-OzF8LmfrvxZ4ycHzqAUXRW4G7O6_CkI1gtIpva7qnT3wFGviW7o2-TIp6pL7vTP1Dz7pE9VQVL85cSfVXxhWSnK_6gLlcczG9o_HAq-JIvfLjMl-MSJVZf0th3B1nIHW7nCNGuJ72J7UGy4bOj8jo-zRCbhW8qrz4Yy_ZTSZJGRYVnCLkoGgUtFDPr-DpgOX4U-oLWhX4e7RyxaNggM5GY6zlMqJIoUGyjsqBfR4YijjFD0u5TLrPWloFUp2d9onLYs6wfN8g_dhQNX1fXlm5e4ShJSiychxV2KobMQsGD10Hie63PtKxWB8uYsu-ovhJIKRwWDpx_SaRGq2SxkM4gfSEiiPoPTgElI1bWVwzCFMrwRMKZUaHRoLvtWLXOSjcj6vYo7OqgMuLLtfJI4cpZNfnGVuPBrdtJbLMNkwQk3zq5R87wHIJ_fpmYMx1lIUq-WLzpnrVmfvkSj4lZxtkEu7gHHp5OnHOsYaluz_xCHGzHz2S5McwNyY-eYx0sAetmSJurZX3sNbhigHRRV3fsDCv7LjNpgqHUfBC5XDNCNw3ryyPkmqKQfK07ppVc-xtMqNrmbyuTdGvTT_PTQesczELswQj94nwm06xdwFo20Q5CAWpo5ZfZ9NdOuwqOLEUfAyuM5XWfRzOgdhmUok6lSpft-kB42QpagbIuIhHbmK_4j9xNv9ldnYFlXJmGEFy4XWEh0A8emGiO4-ayO1YQ7VOUp1AdUMNtawflqewoEhMUE0UIRQcx-DquooQHaaeyplevIWINUC9SeGCWX5iygJwKEKElBF1KxYYOwsCtVw7XLcOOUD3pbRiYubpYJof5GaAoyYwvv70phRpjR9d3cLtb9nyHCshcP16x8ctvX-2X-HU7dK0s885Aacdi_yAuFyag2p0bNZCi0WjPMh40bXQiaJIIOm5FnPwSKf9sY9DLnQOuZkIWmq9CRRsZNgEvcNXih5sGD-jT1yoN7sljVlCWHq7kpl3lGmxXHAR7f6TtfklrYWFrSWpSGpy1qH_SpAe2ZHc8BeFwm4BkW2zfuDB2SMIKQKvQbhhJSe_YP8jj6z_wFiREjCCr39VyP4WNFhEL6dnLB66N8lVFVd7XtsXaAgWScpiOKp1xa92GSwwL-gBACrxAPXugXAjDRNDF3vDJfKsdQTMrqGQKF2ZURgclRrWdTqTrXShM1VXwne7jIvJ0TrWXhCW1eyFu0DZd08_5lsFGXSuQu8-7VYfPIFjMDNh6lDObBLLKXwTlIme77USYbNnLv3HV5xF4u-1ctFzQxptL3fspxZ52E9iGXZBOAYuV0tiAIFzpViStVXl0lygGlUycVvtaXx2ANAtCINZfQp0or2gx0Rn7R8Aj-22IJeygxWqXhriZzN-Zv9mMThZJu1KrRsOF7OJOCPnCYip1bBMHaxoeROgAlOV5cif5Pbr6RFPfCg5nZlydgjanLUZRyB6xp-Wm0wWwSkx3wWfSRzIXPeM9t7AbEJqgx4h1_BGWbfH2OmdmnPyNT1hDJais4NmezSyz-JxduptTNXeq4niHKREvxItrr_4-SgabDL85QrripDUoxLHc0OWSnLv4Wy48dJ73ycnpFXjqHZMVyvkK3j3O6TT2S_o2eiipf3IUmniICDcqosjuQE8AsWHtwMnrw68s10sME4thiYNdbgHhLw0SC9rURQRW_gb0HthOhr90nP5WYAMyYQMf_gGhIU3pAkXkIl9tXQbtLIp0XMBgHc9TCnnyCV6vYFRr8D7yvBcDHMGyR7I3Mb-5-S1rvqucXTp4GDONL6y1sDa0F_WEQcCJmsjUr5P-YFCTAmWr_FRrvrHNVTQs1Arqh2VMI8uVY2KtC8eRU7UEfHpIhhZ5kEWMyhMfVHorgPXYvOYU1_wmqprbdEKeWh3YXXfmB8sje0UXpFFvwgu19GU2Q4ZTLAp-bV295tsBt2CRDu3PcMb2kpnyjA7Pj37eCmrbEAeeeyagqwg7CDxMvXlzsaxc9frz_y42Ji3F_6o9lRcNcB9XXTuzoW0XN08qEfl8fSLxzPb6uO2PTDy7yhWVbY7RY8hcmN3DOdjz7NLI2HJw7hKrTwfyjazPpRD15TvxT4j08okJwm-uRBSY6liLyBKyiNE-Iem5ystsRfTsp95YZiqkuS2D6bPLZ3RoxuILmYCQAm5w8mjhBqHN5lttM_TM4_TBwEL1GLYtgxL9j5Xvl7gCMqJE5GkgnbxWuy6SRQud1Ruu9i_wPiYU1iBl88UPfik7ORf6mmMPBaevbxAhvg1X63Y631YawEKQK28hkwXRTZYEe4uWxC8CaY7E85yczIlLmGLkBc3CcySwto1QmpjMh5722bu9sAenLIBQwG3WdWB0fK3GdtC3EuI8dUP8a4ddtidgEkje13VpN2HVQOGz2Tm-z91T7fNZTH0r_d-1umNVlz4ad7d_Noxy75km5EqWk0KdXSGGw-jLL4f2L4-jAiBAI74Zyg_UtgSOHXiD5IOW4U-wx8NmkJD_D_s9nb9ZW9xHCn0W84eXIrG-Y2k6nkd3aUQqTtFBCzToELWS7QsqejNF2cjSPJJ9Pnkk1lWi1wNJ155fmqpG7wlm0MaxPAwW7lqWeUhHm6h8TEd795JNKoyetDhiIYhZg0VmQFKor-Lvko4vlYvxyqXv9d4238HNqUbYthdH5yJxi1O5F3tmuXo0GfzfLET8b7WJXQ4StlmvRgLTWECRCbm5xjLx-uuHOsnKtxxYmJ7Dk8Yg5esNoDzNrd9gug46yy-f7YPgYU7iecqb7W_APmbVllUPeNFDwfHUgmc73EQhrnzg7njATogu5zn6fuxOQqNndrR8UUJHtzEXZbQNu-gP7w3HsHOWfCEJdNpkWKquU85XgHW89Vy7WGrtKr82_n89QZTclPXam_2Rl9UMte6uaw8LxF0jWE90TUJL-_GeLFx6YY5o4-l61YFWj6PHoo-iltGdO6np3wtZQJuSbfJtIzETJ187Z2pzhCBX188GvDjA0FoXQpbilwiAic3Nxkg41O-45MIryAMlzIGC9DERYhO65PtKgTcCPCYX8We4bqtdit62-NLFz8I4BVydxjN7y0EyojRMB-OJAVvlPl3R6oMzJsm4RGqDn7bx1DSdrTmq2CkkNxXmwJJL2UWNA8Kj8DiuAmg_Kd4t3emiAjSTmBhT7xI0ukbwYCLp1L8dcIQdb4CjUiiLug53Maz6-fUQ8pQHMy8bL5NzKBuV5qtu0cfOLH37fval_8OPlNFGxTq7oK7OSQI-97ep0aK_rl_A0qOSSa6KNmjgraOjt7fltfc7NP29RJ2WXH2NxA0sy_TrHv9xPlgjHo_b379pKtbejhTSp4C1NG8E7NmmA1GuSYen2jsw7wQ53TRJbthR0l-IPiYNVfqjFZx_AG1ZTChJQJ3TxGgbK63mnIXe2IPT2h54s5Le6TTWiD_J6RsbOtBvBWj4uFQc-smV6q-I9R8fGjqTXsz_Q69AjKUZhf9X_ixnwTU65nuogULHBEY67I97M1Zg91RBbTvWqVmSAt4h4oVmHyqwdBeVP65AWGtsSTdm2xab9cm9OqWVn_1PWW68zg4vs82a-mJD23GWYlg3zIj0_gyE3nl3WHY4AxkbmKdKIZY7raKYUlUw08VQ9hTD3D03M4YPdMcufDOXqdTp9CVKWqlC4c86L9Qgyh4DCNKS12JxEKRjoq_Y_zfsxyHDGNAiDdH0Korl7m5seKtc1MGq3-A8bnBirIo8zGBheiVVK1NrVtFGgWnArMUEeED4VS1VuU1YoZuuJES4hEJKOrwDzCvwa-N5C7zW1Y38Um8BUbrggUZ4lT0wDaF0smIPA6Qi5UAhOhUVDV1e1mSjSIKTvyfpIMC_Yi9nGkEWCNg_jjKsuDewqiPBp-Ug6hEVkBmHscioj7Tzp8e7wEpGaXZyvn4ACDTMTY5dBX0k0hOmZsoIm_7IqcEUQ1fzNiLvYCy5uhJNIbtSs6k_KTobHdTZBD-_TRifcRlS2aWAQkHjQMud3tZkLK2LSZOSDjqre0Qm5eNGL6oPkxEJ_rKQfzvM2iblOqCdRtjrN95BYMpAms_2KICKNYbdN2xrAJbcI9Fdwy3nCEiO3BWcNbVQYq8ywCb3w2pOBKbo0pN2Bc3VWhg4KDk9WhPFI7HrfhASJs220oun_UTh1maN0cvphrLWUNC_2uYhZhyM0U3hjPfrtKsrhJYMPcAUbdcvbQNt8jL8HpY5QFYKDZemtG4t4x8im7eIg3CfZl3A1K7avV68JF022mGZzp2fjoGAlUeP18RZ8VXRqQBf39zSaECnZY6gexlLwCrCXTDFgYhqjZjLgp6zQbYdfX7ND1_T6E1sqIC6EQDc0pqT9s8LZZ9cjbn9LFrA9g7Y7zLIrfalRmDCl_qJhJVPp-3vjoi67YH4UxugBwR2z1ExfkLYPb3ue9F0oQwK8CRTBJOeRdxqJq4Pdb6flx8YobHkPm4EGnqwYvPtFgdcmUQNXVop8qpajS9tl5rDgyR9dQHcnwuRe02IVfPo10GijwavroGEokZCxw&cid=CAASKORoABelBWSx0EZq-1DfTGEYuEy3w_0X6RpEfwFicSJ18dqhOm7HBAs&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjssSP0IgUfQJs2vU04Us9DAWXxkt5aGqKWs_thF5zCLfBA9STESCyzB1wV7myGMRsdv6OgFjS1whM65nn2d0GwoIswLKyKguB7gN0eUulnSSfZAO4LrdryidtKHaixPkrmZkWepjATyBfNpY5BaRK7y99MwEo5EqHa6gP4H72LQtnY0lyZdvIuxarvnAhLzcaPJZQ6LEukJDOYTClu6GmVoVvIkpTb2-Lc6mhdKcni9vU7zSk9ktSbfiiiT9Wv13E6gzPBYaN-aw4-NoxjlMVGcAckRbTa02ozuF9ZhxPCViQZXiHMz_Yc_SI-Qw-lMChCZIhFZGlYxNZeXLr_xnvtH0IM9kiG686FXYfj-kKSpkxCZTiPK1bp0DOczrjA3DOwTn%26sai%3DAMfl-YSwTZ0DWZB9xfpdWIKUS59Wt96m4L6bo3Ye6SqXDYz4xDT_FERmBSEMWssfIVmQT8c0piowqti7eC8i_6xscOsBr1jvqR1EbgdLKFy_KGhwyN-cV3G-KA5uKczGSHB5qcY%26sig%3DCg0ArKJSzD3hJzyPNp4PEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=2%2Chttps%253A%252F%252Fbg.asayamind.com%252F%240

Requested by

Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc1a1f5967be9124339f40d1186aadb4fce2399d8aff7b20467a2ea30d868f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 02:33:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35119
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 window_focus_fy2021.js
s0.2mdn.net/pagead/js/r20220803/r20110914/client/ Frame 8D6F 0
0 81ms
14ms Script
image/gif 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js

Requested by

Host: a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com
URL: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:28:58 GMT
x-content-type-options: nosniff
server: sffe
age: 288
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 05 Aug 2022 02:43:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D6F 139 KB
43 KB 58ms
23ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com
URL: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:33:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43822
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659527892023609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Aug 2022 02:33:46 GMT

GET
H2 404 qs_click_protection_fy2021.js
s0.2mdn.net/pagead/js/r20220803/r20110914/client/ Frame 8D6F 0
0 80ms
13ms Script
image/gif 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com
URL: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:28:59 GMT
x-content-type-options: nosniff
server: sffe
age: 287
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 05 Aug 2022 02:43:59 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D6F 42 B
63 B 74ms
47ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BAkf0vscTOK0KwPBsYryEW1SZ3U8BFfYjHCr4kooqPhmtFHe8wSDCDCwRvCrMkvWbrjffo5iT0Fxwvp_TCWOLiTc5C42sm0_5M5h4K8MQOnDvLjDQ

Requested by

Host: a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com
URL: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 02:33:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 interstitial_ad_frame_fy2021.js
s0.2mdn.net/pagead/js/r20220803/r20110914/elements/html/ Frame 8355 0
0 81ms
14ms Script
image/gif 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/pagead/js/r20220803/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com
URL: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:32:36 GMT
x-content-type-options: nosniff
server: sffe
age: 70
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 05 Aug 2022 02:47:36 GMT

GET

rum
dsum-sec.casalemedia.com/ Frame DD86
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMrKd3qDEJ2qOEl2A3pTOMI&google_cver=1

0
0

GET

rrum
r.casalemedia.com/ Frame DD86
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1

0
0

GET

setuid
ib.adnxs.com/ Frame DD86
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAXSzZ1bfPgGTIEqyfWQRdU&google_cver=1

0
0

GET

bounce
ib.adnxs.com/ Frame DD86
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D

0
0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3DA0 13 KB
5 KB 45ms
15ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.asayamind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 19:12:06 GMT
expires: Fri, 04 Aug 2023 19:12:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 30E5 783 B
0 59ms
24ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2Ve2Nr7g7RQCkKPefVLmfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bg.asayamind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-2Ve2Nr7g7RQCkKPefVLmfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 02:33:46 GMT
expires: Fri, 05 Aug 2022 02:33:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220803/r20110914/ Frame 8D6F 30 KB
11 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220803/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bx__cXyXFMjNv4Tu5dBG2fshL1oWCZwOy_RQIgiL3mFPB0YCU9mvQWq-pSZumgo4DuercRowBq5EWkGTTfUhR79oy9tA&cry=1&dbm_d=AKAmf-DH6Yzep9bOm9cZjizkf6tDiyVvHxRe3aFpuubbKXQzN1u8MNNjqLLGqpffPoDKKf73CIhYgsKi0Sk6tNZtV5XW3ArWPkMDpiU09DaDK8Ebf6CMHh-880I1mi3ZR9WZOkRvY-lIVexojZo829ZrIeQa153VqefQkdsW-yb4aRaxIKWrDG2T3uxgBBP8o2jRi0w-Xvh5XihcNFcM3ZgsghkMY2Ebl8kC9kv-pCqbL9y_Lser0dPptVj1Po-TewaOCNnpqAuC7yg08GwW-L6m4jAg_fPQhcP9EEeI0KDv8H7qdp8t3JUMeFQGQPkbsuhsDg638fImV6o4tvI-HNl5CeQCwLhbx3su4hU5RgdOUOgcY0YxFHiKDXx6MESD2w8wZFlyJwyv8S1lv6tC0VlEfl_hAUhxw0EjGbNEyp5c4nImRn6n4rCxE3QCFryUkZSqHbl3RGg2dgwE-Mb6Gsm4iJbVjV5QNYwVNermU0mJG8SIiFOkPZIssH3rDJrTCgyVtAehuHfEiWkyWJ5b6LOrasuFrIsxoGqhm5IYozZaeC2ms-T_aKCdyKnlTkuMTit8laRz1pV7WiDwopFhx4c5DaSg0YfP63hdR1RuWLxmQQylRy5nZSIfUjku8hJBH0g-Nq6WtziJbVieny330ZTw6468bphVZ0MONg6OnMExjBiQzRxxJEZVMZy3wHpUzY4yLd6iRQvANe9Z5Ey6EU1QslrAcMHTzY9ckRJ5Z-OzF8LmfrvxZ4ycHzqAUXRW4G7O6_CkI1gtIpva7qnT3wFGviW7o2-TIp6pL7vTP1Dz7pE9VQVL85cSfVXxhWSnK_6gLlcczG9o_HAq-JIvfLjMl-MSJVZf0th3B1nIHW7nCNGuJ72J7UGy4bOj8jo-zRCbhW8qrz4Yy_ZTSZJGRYVnCLkoGgUtFDPr-DpgOX4U-oLWhX4e7RyxaNggM5GY6zlMqJIoUGyjsqBfR4YijjFD0u5TLrPWloFUp2d9onLYs6wfN8g_dhQNX1fXlm5e4ShJSiychxV2KobMQsGD10Hie63PtKxWB8uYsu-ovhJIKRwWDpx_SaRGq2SxkM4gfSEiiPoPTgElI1bWVwzCFMrwRMKZUaHRoLvtWLXOSjcj6vYo7OqgMuLLtfJI4cpZNfnGVuPBrdtJbLMNkwQk3zq5R87wHIJ_fpmYMx1lIUq-WLzpnrVmfvkSj4lZxtkEu7gHHp5OnHOsYaluz_xCHGzHz2S5McwNyY-eYx0sAetmSJurZX3sNbhigHRRV3fsDCv7LjNpgqHUfBC5XDNCNw3ryyPkmqKQfK07ppVc-xtMqNrmbyuTdGvTT_PTQesczELswQj94nwm06xdwFo20Q5CAWpo5ZfZ9NdOuwqOLEUfAyuM5XWfRzOgdhmUok6lSpft-kB42QpagbIuIhHbmK_4j9xNv9ldnYFlXJmGEFy4XWEh0A8emGiO4-ayO1YQ7VOUp1AdUMNtawflqewoEhMUE0UIRQcx-DquooQHaaeyplevIWINUC9SeGCWX5iygJwKEKElBF1KxYYOwsCtVw7XLcOOUD3pbRiYubpYJof5GaAoyYwvv70phRpjR9d3cLtb9nyHCshcP16x8ctvX-2X-HU7dK0s885Aacdi_yAuFyag2p0bNZCi0WjPMh40bXQiaJIIOm5FnPwSKf9sY9DLnQOuZkIWmq9CRRsZNgEvcNXih5sGD-jT1yoN7sljVlCWHq7kpl3lGmxXHAR7f6TtfklrYWFrSWpSGpy1qH_SpAe2ZHc8BeFwm4BkW2zfuDB2SMIKQKvQbhhJSe_YP8jj6z_wFiREjCCr39VyP4WNFhEL6dnLB66N8lVFVd7XtsXaAgWScpiOKp1xa92GSwwL-gBACrxAPXugXAjDRNDF3vDJfKsdQTMrqGQKF2ZURgclRrWdTqTrXShM1VXwne7jIvJ0TrWXhCW1eyFu0DZd08_5lsFGXSuQu8-7VYfPIFjMDNh6lDObBLLKXwTlIme77USYbNnLv3HV5xF4u-1ctFzQxptL3fspxZ52E9iGXZBOAYuV0tiAIFzpViStVXl0lygGlUycVvtaXx2ANAtCINZfQp0or2gx0Rn7R8Aj-22IJeygxWqXhriZzN-Zv9mMThZJu1KrRsOF7OJOCPnCYip1bBMHaxoeROgAlOV5cif5Pbr6RFPfCg5nZlydgjanLUZRyB6xp-Wm0wWwSkx3wWfSRzIXPeM9t7AbEJqgx4h1_BGWbfH2OmdmnPyNT1hDJais4NmezSyz-JxduptTNXeq4niHKREvxItrr_4-SgabDL85QrripDUoxLHc0OWSnLv4Wy48dJ73ycnpFXjqHZMVyvkK3j3O6TT2S_o2eiipf3IUmniICDcqosjuQE8AsWHtwMnrw68s10sME4thiYNdbgHhLw0SC9rURQRW_gb0HthOhr90nP5WYAMyYQMf_gGhIU3pAkXkIl9tXQbtLIp0XMBgHc9TCnnyCV6vYFRr8D7yvBcDHMGyR7I3Mb-5-S1rvqucXTp4GDONL6y1sDa0F_WEQcCJmsjUr5P-YFCTAmWr_FRrvrHNVTQs1Arqh2VMI8uVY2KtC8eRU7UEfHpIhhZ5kEWMyhMfVHorgPXYvOYU1_wmqprbdEKeWh3YXXfmB8sje0UXpFFvwgu19GU2Q4ZTLAp-bV295tsBt2CRDu3PcMb2kpnyjA7Pj37eCmrbEAeeeyagqwg7CDxMvXlzsaxc9frz_y42Ji3F_6o9lRcNcB9XXTuzoW0XN08qEfl8fSLxzPb6uO2PTDy7yhWVbY7RY8hcmN3DOdjz7NLI2HJw7hKrTwfyjazPpRD15TvxT4j08okJwm-uRBSY6liLyBKyiNE-Iem5ystsRfTsp95YZiqkuS2D6bPLZ3RoxuILmYCQAm5w8mjhBqHN5lttM_TM4_TBwEL1GLYtgxL9j5Xvl7gCMqJE5GkgnbxWuy6SRQud1Ruu9i_wPiYU1iBl88UPfik7ORf6mmMPBaevbxAhvg1X63Y631YawEKQK28hkwXRTZYEe4uWxC8CaY7E85yczIlLmGLkBc3CcySwto1QmpjMh5722bu9sAenLIBQwG3WdWB0fK3GdtC3EuI8dUP8a4ddtidgEkje13VpN2HVQOGz2Tm-z91T7fNZTH0r_d-1umNVlz4ad7d_Noxy75km5EqWk0KdXSGGw-jLL4f2L4-jAiBAI74Zyg_UtgSOHXiD5IOW4U-wx8NmkJD_D_s9nb9ZW9xHCn0W84eXIrG-Y2k6nkd3aUQqTtFBCzToELWS7QsqejNF2cjSPJJ9Pnkk1lWi1wNJ155fmqpG7wlm0MaxPAwW7lqWeUhHm6h8TEd795JNKoyetDhiIYhZg0VmQFKor-Lvko4vlYvxyqXv9d4238HNqUbYthdH5yJxi1O5F3tmuXo0GfzfLET8b7WJXQ4StlmvRgLTWECRCbm5xjLx-uuHOsnKtxxYmJ7Dk8Yg5esNoDzNrd9gug46yy-f7YPgYU7iecqb7W_APmbVllUPeNFDwfHUgmc73EQhrnzg7njATogu5zn6fuxOQqNndrR8UUJHtzEXZbQNu-gP7w3HsHOWfCEJdNpkWKquU85XgHW89Vy7WGrtKr82_n89QZTclPXam_2Rl9UMte6uaw8LxF0jWE90TUJL-_GeLFx6YY5o4-l61YFWj6PHoo-iltGdO6np3wtZQJuSbfJtIzETJ187Z2pzhCBX188GvDjA0FoXQpbilwiAic3Nxkg41O-45MIryAMlzIGC9DERYhO65PtKgTcCPCYX8We4bqtdit62-NLFz8I4BVydxjN7y0EyojRMB-OJAVvlPl3R6oMzJsm4RGqDn7bx1DSdrTmq2CkkNxXmwJJL2UWNA8Kj8DiuAmg_Kd4t3emiAjSTmBhT7xI0ukbwYCLp1L8dcIQdb4CjUiiLug53Maz6-fUQ8pQHMy8bL5NzKBuV5qtu0cfOLH37fval_8OPlNFGxTq7oK7OSQI-97ep0aK_rl_A0qOSSa6KNmjgraOjt7fltfc7NP29RJ2WXH2NxA0sy_TrHv9xPlgjHo_b379pKtbejhTSp4C1NG8E7NmmA1GuSYen2jsw7wQ53TRJbthR0l-IPiYNVfqjFZx_AG1ZTChJQJ3TxGgbK63mnIXe2IPT2h54s5Le6TTWiD_J6RsbOtBvBWj4uFQc-smV6q-I9R8fGjqTXsz_Q69AjKUZhf9X_ixnwTU65nuogULHBEY67I97M1Zg91RBbTvWqVmSAt4h4oVmHyqwdBeVP65AWGtsSTdm2xab9cm9OqWVn_1PWW68zg4vs82a-mJD23GWYlg3zIj0_gyE3nl3WHY4AxkbmKdKIZY7raKYUlUw08VQ9hTD3D03M4YPdMcufDOXqdTp9CVKWqlC4c86L9Qgyh4DCNKS12JxEKRjoq_Y_zfsxyHDGNAiDdH0Korl7m5seKtc1MGq3-A8bnBirIo8zGBheiVVK1NrVtFGgWnArMUEeED4VS1VuU1YoZuuJES4hEJKOrwDzCvwa-N5C7zW1Y38Um8BUbrggUZ4lT0wDaF0smIPA6Qi5UAhOhUVDV1e1mSjSIKTvyfpIMC_Yi9nGkEWCNg_jjKsuDewqiPBp-Ug6hEVkBmHscioj7Tzp8e7wEpGaXZyvn4ACDTMTY5dBX0k0hOmZsoIm_7IqcEUQ1fzNiLvYCy5uhJNIbtSs6k_KTobHdTZBD-_TRifcRlS2aWAQkHjQMud3tZkLK2LSZOSDjqre0Qm5eNGL6oPkxEJ_rKQfzvM2iblOqCdRtjrN95BYMpAms_2KICKNYbdN2xrAJbcI9Fdwy3nCEiO3BWcNbVQYq8ywCb3w2pOBKbo0pN2Bc3VWhg4KDk9WhPFI7HrfhASJs220oun_UTh1maN0cvphrLWUNC_2uYhZhyM0U3hjPfrtKsrhJYMPcAUbdcvbQNt8jL8HpY5QFYKDZemtG4t4x8im7eIg3CfZl3A1K7avV68JF022mGZzp2fjoGAlUeP18RZ8VXRqQBf39zSaECnZY6gexlLwCrCXTDFgYhqjZjLgp6zQbYdfX7ND1_T6E1sqIC6EQDc0pqT9s8LZZ9cjbn9LFrA9g7Y7zLIrfalRmDCl_qJhJVPp-3vjoi67YH4UxugBwR2z1ExfkLYPb3ue9F0oQwK8CRTBJOeRdxqJq4Pdb6flx8YobHkPm4EGnqwYvPtFgdcmUQNXVop8qpajS9tl5rDgyR9dQHcnwuRe02IVfPo10GijwavroGEokZCxw&cid=CAASKORoABelBWSx0EZq-1DfTGEYuEy3w_0X6RpEfwFicSJ18dqhOm7HBAs&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjssSP0IgUfQJs2vU04Us9DAWXxkt5aGqKWs_thF5zCLfBA9STESCyzB1wV7myGMRsdv6OgFjS1whM65nn2d0GwoIswLKyKguB7gN0eUulnSSfZAO4LrdryidtKHaixPkrmZkWepjATyBfNpY5BaRK7y99MwEo5EqHa6gP4H72LQtnY0lyZdvIuxarvnAhLzcaPJZQ6LEukJDOYTClu6GmVoVvIkpTb2-Lc6mhdKcni9vU7zSk9ktSbfiiiT9Wv13E6gzPBYaN-aw4-NoxjlMVGcAckRbTa02ozuF9ZhxPCViQZXiHMz_Yc_SI-Qw-lMChCZIhFZGlYxNZeXLr_xnvtH0IM9kiG686FXYfj-kKSpkxCZTiPK1bp0DOczrjA3DOwTn%26sai%3DAMfl-YSwTZ0DWZB9xfpdWIKUS59Wt96m4L6bo3Ye6SqXDYz4xDT_FERmBSEMWssfIVmQT8c0piowqti7eC8i_6xscOsBr1jvqR1EbgdLKFy_KGhwyN-cV3G-KA5uKczGSHB5qcY%26sig%3DCg0ArKJSzD3hJzyPNp4PEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=2%2Chttps%253A%252F%252Fbg.asayamind.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a719dfbca2b4fc363e174b3f4e0f6ed16229e8bdcd22d6001d7d4411a8d86cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 02:24:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
server: cafe
etag: 6430633989078232507
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Aug 2022 02:24:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220803/r20110914/elements/html/ Frame 8D6F 8 KB
3 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220803/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 01:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 19 Aug 2022 01:18:30 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8D6F 41 KB
15 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 16:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 16:26:05 GMT

GET
H2 200 6918276418879263517
s0.2mdn.net/simgad/ Frame 8D6F 79 KB
80 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6918276418879263517

Requested by

Host: a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com
URL: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ea96efb7dd6199ef6c6e69ceb5ef9910d92a5ad65fbeb51530f5a9d0909fc39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 13:24:28 GMT
x-content-type-options: nosniff
age: 47358
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81032
x-xss-protection: 0
last-modified: Tue, 02 Aug 2022 10:23:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Aug 2023 13:24:28 GMT

GET
H3 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DB42 0
0 14ms
14ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 36461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 16:26:05 GMT
expires: Fri, 04 Aug 2023 16:26:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST qoe
www.youtube.com/api/stats/ Frame 1DD9 0
0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012207221643000/ 220 KB
61 KB 93ms
23ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 296141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61462
x-xss-protection: 0
server: sffe
date: Mon, 01 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "006401e583f0e23c"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Aug 2023 16:18:05 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 14 KB
5 KB 115ms
46ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 296141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5196
x-xss-protection: 0
server: sffe
date: Mon, 01 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc8caad49b08d8fb"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Aug 2023 16:18:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 94 KB
28 KB 118ms
48ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 296141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28864
x-xss-protection: 0
server: sffe
date: Mon, 01 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "14e9be8f3cf5efda"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Aug 2023 16:18:05 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 5 KB
2 KB 122ms
53ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 296141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1913
x-xss-protection: 0
server: sffe
date: Mon, 01 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fcd376918b45715d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Aug 2023 16:18:05 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207221643000/v0/ 40 KB
13 KB 111ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207221643000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 296141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12959
x-xss-protection: 0
server: sffe
date: Mon, 01 Aug 2022 16:18:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fd6c62727a90c1dd"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 01 Aug 2023 16:18:05 GMT

GET
H3 200 css
fonts.googleapis.com/ 4 KB
621 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 05 Aug 2022 01:30:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 05 Aug 2022 02:33:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 05 Aug 2022 02:33:46 GMT

GET
H3 200 bg.png
tpc.googlesyndication.com/pagead/images/adchoices/ 3 KB
3 KB 14ms
13ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/bg.png

Requested by

Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bdd1166ae125d8c5b128008f13ae09b8739b127c28027ef086e36aa9166b5cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 15:41:11 GMT
x-content-type-options: nosniff
server: cafe
age: 39155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 9696399085754783419
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2658
x-xss-protection: 0
expires: Fri, 05 Aug 2022 15:41:11 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 295 B
319 B 14ms
13ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 09:55:02 GMT
x-content-type-options: nosniff
server: cafe
age: 59924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 05 Aug 2022 09:55:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 60ms
60ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAHIfioHsYrLcCPqE9u8PsbiHyA2ir-bGa9Pk64bID5aCzYWIFhABIKqAwyJglYKAgJgHoAHQtPDlAsgBCakCnHCT9kExsT7gAgCoAwHIAwqqBJkCT9DlNoaTMn0v34QW0bW0AhIVPoqdHwWqLUlRPUmkwpMOiAYS2_HK1C_3L64vKeNbFsV2eSdffUKerZDcJ1IXCK3WRVbMSO-j_vVgKo3AcOcpe1OjrvTvioNruW2D5rha8O59tBB9jUsJZDiaCr521Y_bbTBSNZTtBqs0t5Y9i2TlHZ1cl-AAPHeFJyZm4Ue0S6zYct39SvpuyPTqprk4vv1_M3V_kpI4ETqeZsGILIJ3lh49WwKDrp5VKF0rJXRSGU8G0BUhU4MCEMgkh_HavbYuezLJhBJlwLU4gfHoYO-8qLGxZPM7xTJN_N5u0fJwXFWrc0-xeod79iTa0yEg8tls-tvpe8JuzyivHqjTC-eT4q7_64-G2aLABOrPzaL-A-AEAZIFBAgEGAGSBQQIBRgEoAYugAeYy4-aAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIvxD9IIEgiI4YAQEAEYHTIDqoIBOgKAQPIIG2FkeC1zdWJzeW4tNzk0NDcyNjcwMDYwNDcwMYAKA8gLAbgT5APYEw2IFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNTUxMjM5MDcwNTEzNzUwNxiS7yE&sigh=UuC0B6V73bs&uach_m=[UACH]&template_id=484
Requested by: Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/10628498300272671222/ 62 KB
62 KB 14ms
14ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10628498300272671222/6592766407814317453

Requested by

Host: bg.asayamind.com
URL: https://bg.asayamind.com/sodium

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

390321b248db2eb5bf6fd90b23407c50d397535bec996c60444c5b41c3dca5e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 07:04:31 GMT
x-content-type-options: nosniff
age: 588555
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63954
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 15:35:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 29 Jul 2023 07:04:31 GMT

GET
DATA 200
OK truncated
/ 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b1a76f9f81f1d93801141cc6892b1e49752085e72b4af4ec0dbae6b3b3e56e3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.asayamind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:44:49 GMT
x-content-type-options: nosniff
age: 150537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Aug 2023 08:44:49 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 17ms
17ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bg.asayamind.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 08:01:51 GMT
x-content-type-options: nosniff
age: 66715
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Aug 2023 08:01:51 GMT

GET
H3 200 bg.png
tpc.googlesyndication.com/pagead/images/adchoices/ 3 KB
3 KB 13ms
13ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/bg.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bdd1166ae125d8c5b128008f13ae09b8739b127c28027ef086e36aa9166b5cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 15:41:11 GMT
x-content-type-options: nosniff
server: cafe
age: 39155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 9696399085754783419
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2658
x-xss-protection: 0
expires: Fri, 05 Aug 2022 15:41:11 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 295 B
319 B 13ms
13ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012207221643000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 09:55:02 GMT
x-content-type-options: nosniff
server: cafe
age: 59924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 05 Aug 2022 09:55:02 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
64 B 57ms
57ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0EZj3_Le9_03HyVWAjs_HU3KSMENzjLi_Ooi3c7rVO5D2WPxL3xq5_z2YTAVlKrEkxgOTx-n0_CsqEZ6FkliPPb-ZYYMX7qcmROXV-F168TMZ5xpYZBEP8PUb8iaE1Ul0BMMfaU1WpVgLQhGTMAhMTu2lqzqVL_FTZCsPbxIt&sai=AMfl-YQz7ZkLFGRK7vLnt5DariAy-eBrkU-lgH0ngtftuWidJfnjcmlCQa9_DtK6SG0Izvnta4ZbIOhB-BhYGtBLd_BmSwoPn3Ye4BCmsrgGaBl60eglD2xhMj5gZmcbnJc&sig=Cg0ArKJSzC3alt1-OyPAEAE&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=2105&tls=3105&g=100&h=100&tt=3105&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=466838934

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 02:33:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.asayamind.com%2F&domain=bg.asayamind.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=xlQ6LXwxMEZvV0FmOUhKTEFSVmVoeFAxdUkzem9iL3cySjNQdmt2OG9NQ1kvTVhKVjJSZlJadlN3bGhrU21VS0dDR1poc3Q4ODJNcnZPRnRlcHE1WjJWZjFZcUZxRURISXFGRlU5OFRPemNobFYrOVRpWk5Pb2ppdGl2Yz...

345 B
613 B

50ms
17ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=xlQ6LXwxMEZvV0FmOUhKTEFSVmVoeFAxdUkzem9iL3cySjNQdmt2OG9NQ1kvTVhKVjJSZlJadlN3bGhrU21VS0dDR1poc3Q4ODJNcnZPRnRlcHE1WjJWZjFZcUZxRURISXFGRlU5OFRPemNobFYrOVRpWk5Pb2ppdGl2YzBiZGZpQ280anRSK0F3MmJsaHZ3dnZSbVIrK2FLNU5JeFdsbnpYNnh6a2tEaE9CYWx2ck5wN1pscytmV0NRaHFIeGVaMmdtRWpPTDhNOVF5NjM1byt6aVZyTnlFU2ZsekNmaGVqRDB2MTNVZVdrcjRONVIxUDl5ejRvbFhhZXRES29LeWh5QlBafA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

478fef7c6ea53b15ece24a079cc879f1c3de077f81392ce40ec5c3caba7b155c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bg.asayamind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Aug 2022 02:33:49 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2900
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 05 Aug 2022 02:33:48 GMT
location: https://mug.criteo.com/sid?cpp=xlQ6LXwxMEZvV0FmOUhKTEFSVmVoeFAxdUkzem9iL3cySjNQdmt2OG9NQ1kvTVhKVjJSZlJadlN3bGhrU21VS0dDR1poc3Q4ODJNcnZPRnRlcHE1WjJWZjFZcUZxRURISXFGRlU5OFRPemNobFYrOVRpWk5Pb2ppdGl2YzBiZGZpQ280anRSK0F3MmJsaHZ3dnZSbVIrK2FLNU5JeFdsbnpYNnh6a2tEaE9CYWx2ck5wN1pscytmV0NRaHFIeGVaMmdtRWpPTDhNOVF5NjM1byt6aVZyTnlFU2ZsekNmaGVqRDB2MTNVZVdrcjRONVIxUDl5ejRvbFhhZXRES29LeWh5QlBafA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bg.asayamind.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1127
content-length: 509
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 58ms
18ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbg.asayamind.com%2F&domain=bg.asayamind.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bg.asayamind.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://bg.asayamind.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 05 Aug 2022 02:33:48 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1304
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 205ms
18ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 05 Aug 2022 02:33:49 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1219
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMrKd3qDEJ2qOEl2A3pTOMI&google_cver=1

Domain: r.casalemedia.com
URL: https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/setuid?entity=101&code=CAESEAXSzZ1bfPgGTIEqyfWQRdU&google_cver=1

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D

Domain: www.youtube.com
URL: https://www.youtube.com/api/stats/qoe?cpn=d9sDcn_OQASesrQU&el=embedded&ns=yt&fexp=23853952%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24199710%2C24226335%2C24237632%2C24238983%2C24241936%2C24245746%2C24248385%2C24252017%2C24254429%2C39321934&cl=465163086&seq=2&event=streamingstats&docid=fFuA8XC8tIM&cbr=Chrome&cbrver=104.0.5112.79&c=WEB_EMBEDDED_PLAYER&cver=1.20220803.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.749:ER&bat=0.749:1:1&cmt=0.749:0.000&bh=0.749:0.000

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.op00.biz/	1970-01-20 05:44:18	Name: uuid Value: 077454d1-fdf6-405b-b867-54dd606649da
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: sAL8AVSRI5o
.youtube.com/	1970-01-20 09:20:18	Name: VISITOR_INFO1_LIVE Value: DKx7X-hx_YU
bg.asayamind.com/	1970-01-20 05:44:18	Name: _pbjs_userid_consent_data Value: 6683316680106290
fp.metricswpsh.com/	1970-01-20 13:46:42	Name: id Value: 14211374937352736667
.prebid.a-mo.net/	1970-01-20 13:46:42	Name: __amc Value: 1_1659666825_1659666825
.doubleclick.net/	1970-01-20 14:22:42	Name: IDE Value: AHWqTUl-XNl5BxfYFpuMJzEcGISYn__x3X_ebpK21DahXD8p99lHuVgTYoIvl6S16hE
.casalemedia.com/	1970-01-20 13:46:42	Name: CMID Value: YuyBijo8j.TduYaCg.OBOgAA
.casalemedia.com/	1970-01-20 07:10:42	Name: CMPS Value: 1113
.adnxs.com/	1970-01-20 07:10:42	Name: uuid2 Value: 3765359124546911367
.doubleclick.net/	1970-01-20 05:01:07	Name: test_cookie Value: CheckForPermission
.asayamind.com/	1970-01-20 14:22:42	Name: __gads Value: ID=56f6d3fe1eaa1176-22a64b00e7cd007b:T=1659666826:S=ALNI_MbewY5WhTYLVlrrH-IgqMydmXs9Lg
bg.asayamind.com/	1970-01-20 14:22:42	Name: cto_bundle Value: jTMk9l8yZDBpeG5FS2ZkVTFRYUdYdkluVnY3UVc1NHZ4WUVSd1l2Q0ptamVxMVJtTVhQZFU3Ulc1ZkdBU0w0YmJkcVFKMVY5RW9nM2h3aSUyQml6c3VtQVF1djJ2YnN4OTJTMVdiQkYxUndhRG52MUdsJTJCeUhHdlVWUXYlMkZYTXF4dzY3cnJBaw
bg.asayamind.com/	1970-01-20 14:22:42	Name: cto_bidid Value: bI9jIV9GZU1PVFJBYTA5RzkzMjBVZGtCTWVkWmtjZ0JOdEpkSkF4cjJqREk5all5RGlmJTJCeHJEb29OUGRBclhQQnN2QUI2eCUyRjRJbEo0bzltVFQzSTRvTkxJaFElM0QlM0Q

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.
network	error	URL: https://s0.2mdn.net/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s0.2mdn.net/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://s0.2mdn.net/pagead/js/r20220803/r20110914/elements/html/interstitial_ad_frame_fy2021.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://cdn.ampproject.org/rtv/012207221643000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://op00.biz/?te=he4tgmrwmm5ha3ddf42tamzz(Line 324) Message: Refused to create a worker from 'https://bg.asayamind.com/wbI9pfDc.js' because it violates the following Content Security Policy directive: "child-src blob:". Note that 'worker-src' was not explicitly set, so 'child-src' is used as a fallback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8a69c39ad9.f451b7f622.com
a3793fca722173cb26dd770ab2ecdb5b.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
adx.adform.net
asayamind.com
bg.asayamind.com
cdn.ampproject.org
cdn.jsdelivr.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fp.metricswpsh.com
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
jnn-pa.googleapis.com
js.wpadmngr.com
js.wpshsdk.com
js.wpushsdk.com
mug.criteo.com
na.nawpush.com
op00.biz
p.skimresources.com
pagead2.googlesyndication.com
platform.twitter.com
prebid-eu.creativecdn.com
prebid.a-mo.net
r.casalemedia.com
r.skimresources.com
s.skimresources.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
static.doubleclick.net
syndication.twitter.com
t.skimresources.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.instagram.com
www.youtube.com
dsum-sec.casalemedia.com
ib.adnxs.com
r.casalemedia.com
www.youtube.com
104.244.42.200
142.250.184.226
147.75.85.234
151.139.128.11
178.250.0.157
185.177.94.108
185.184.8.90
23.88.85.6
2600:9000:206f:e400:11:a4de:2580:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:9a9
2606:4700:3030::6815:e9e
2a00:1450:4001:801::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:812::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2006
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a02:2638::1c
2a03:2880:f21c:81e5:face:b00c:0:4420
2a04:4e42:600::485
35.190.59.101
35.190.91.160
35.201.67.47
37.157.3.30
45.133.44.24
45.133.44.25
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
09bdd678609812f4311a2a3ae3b63b08b35029f886975555f704a3f79fbbe2d5
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0f48bafb72621ca51f8397a1bf5a9ef2db26b36e723995268a475fa22480a882
1c9464895887e89bf485eb9a07e7ebe22ff70133a8bcb1e19a0774ecf67703a8
268a314cd3a52283e005bc886573488bfab26cd1228b078f546b3800043a426a
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2b552cf0eed9a06573ca58ecf7916ddbde33020221a2dd83e53fa03d26a92a05
2c48050a1280b38ee66b4122dc30f7b8d0d89776c80f76f213dca958e701f45d
2c4a6b789ebcb5cc4c37e3c0af486224b499f9e2bffae77476ec0ba2f49c9658
2c66dcc5003ba9cfe9b7697fe1fca1b38033ecbe712a8d4f21300624567036e7
365cfe784eb130690c103b2d0f208f0aa9916824c9d3073bf7581bb967d170b4
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
390321b248db2eb5bf6fd90b23407c50d397535bec996c60444c5b41c3dca5e5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
408f7bc5717c4e6eff974ec468662346fd79cd9fbf96b35fff59e338d7425318
41e44b045e8237f9d70ad654e01306a7c41d43b564d9e33c3ca5c1b86cc69d45
456536908f305f1887be5fe66066f4d05797a90ee08265fec1b9c2afd3afec47
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
46a39efa395c9b83497f75f9e153bc78a68c4ceb25b6071275619befad450562
478fef7c6ea53b15ece24a079cc879f1c3de077f81392ce40ec5c3caba7b155c
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4bdd1166ae125d8c5b128008f13ae09b8739b127c28027ef086e36aa9166b5cd
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
537862c011fddf4cdb4c7fba37674a577c6ce7c5d365a785eb43a5d806ea2b1f
55265099dbaefbd2e20b74d2c21800ad3f2f485a56e90d365f4e2df45db2a541
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59e6ccdc34bacab0f6ad5a0ab714a7eff1c929ac73a84ca206cc98032ad70bcf
5c36cc97464b8d5514e09ec6ce98511cb09f0cb6b9d720bcbe9208a96dd4856d
5fd437f886786f7614c94cdf85dd787d120aac2ae5cba8eb08c9f9530e94b5d7
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67480894f81825d3340e98ce48763d88747c45b8e5c35ea2a888a2602213c744
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6bfdae4a96ded74a8b76984a830bba5e90a6a14a529f56ca4a2bf75021fe45fd
6ca90b3e77c9ccad51f409feaeb7f03a9c928ebb9989fc8d576f69dd5592c6af
6dca9b0dc612135d3fca2be6909f6006c4953175cdc92389cbcaca2d11ab9f32
6ea96efb7dd6199ef6c6e69ceb5ef9910d92a5ad65fbeb51530f5a9d0909fc39
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
71679b04fbd29b2c4fe5a7f200ccdc88d666d9b9b9253c4f2878ea06591dac71
7b1a76f9f81f1d93801141cc6892b1e49752085e72b4af4ec0dbae6b3b3e56e3
7b37e9938d59c109b2c4b847644990a3dce6e5f69d68c82ff8e8cbca03bc731a
7e688389123ca5833bdbe2459b1d764d93fbee7bb07620de4a042a150609c423
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82f8bdcad72ab6408ae44b67ab13fff57058556ffe7a3438e046b1fbd0db5296
866c3e7e9c3ac0d8e0df50f622518445b0465dc4a34bbb6082b6c27391d77dbc
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87a47b5cc1f7f079bf0daa6064d7024e5769af3a3efa272b9bc0c9c73059158b
87e9dc088dc7e2c3f310eec464172f9cb0e4a361ef9086192674c769c9d1e612
89ceaf2fba13343764ed6f07696d5b3a49b28daf865c3f6c204c218a4cd62e1e
8a719dfbca2b4fc363e174b3f4e0f6ed16229e8bdcd22d6001d7d4411a8d86cd
8af5b01db369432e13c4fc7fd732a09338294d39668f7dd3d4c0c063db3a18be
8d87cb091a0dae7c5b2144d522c9f12ad686508f2fa646a83fdae7090eba7877
92a387eeb82c237a49e38a5b4161f5f992f8253bb8b8f711178786885117e02e
9308bbb7b7edafe6d52876aa2444ac810467ddfacc8b11501e9081c4938b664b
95320b67c12d63582c8c7b12b8bcb3a7e636b7ad6d099e096b9afd7b9c97ee0b
95b1ff1b25013b9dba105c10771ef19ce83f45d2c58f18a869a165f73d194885
99e9d63ba75630b9a012bcef0ba6621cbabb45239a3f8c440ca3ac68a575ea37
9fd8aa7bd63885ddb344bffb24f29cb605eec6e33ea878da5dadeefa312df7cc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1d4ffe1890105e05e1542b4e580ec0281bbba2de3f06a74813223304c990f44
a45b7c0631e1239bc47e2948fb4caa2b18aab01fee57dd3e7f43ade9e6c0f259
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a5910455615630589802ca15818aa163322871e6468f06a3660c53d6ab2936bb
a6933e678530b263486fa7b185a449cac947e1496ef61d496642032f339e9e43
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9d92d497bb26c99a13fe682be35853259225acbc6e0971244260c4fa783e1d6
a9d9847cfa9eaf4beb23c7ba7adbe050448cb2b26316b5469a38eb439c844e0c
aaf507bab436a0cbe6048c2aa11304eb88acb9db8aa051a9e0b1bfc2a76120fe
ae76aab58df5505ae11ad294434acd86c398718cc15d0f4d7a92cf6953a42a38
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b253ef3fe01bdd1dbcf682caf6954cbf64877cf67955b085f18fd896809d7e83
b396ad1f1cac053ea579e5989462b206af7fb863907bf319fe02d2a5ce29aebc
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
ba2ccd5586a31c9df1ec48aab00e143ae983cc2390cbc293b2623e62079471c4
ba3d91b8968b19d0961a261e96a2f57a21ad423aa14722e014902af5c578fb77
bf4ef47f10dc67845744d92465e9dbbd6280b84e2b84dd7cf9c6b6b5211e8737
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c6227855c05e33c326e45eb7c8f03c6cbd471599e7e6e02898bc5699d899fe84
c90b106a91165ee6b0eee691a5507062b90d189779541b4f2e67694a86154ea1
cec591cf64ba358c36b5f3e5d21cbaab61554dc4bde99a5943f249adc2a12eb4
d97a637cb2f9b5160b6b7000334833e9a018d33c6f1e8803cd359e9b19133c38
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54d3a42682cb782e5a1072d17573526172766c9725ba5363cbffeb525918992
e78609c13e44bafd8f619e97e02631aea063465da09c9f1022a24a30f2ecd192
e806d3229a860fbe57b6842ba4b6f6425cb4090b8068134ec5d2e38c0cf3753e
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f611cb7e93381f8dbb6df1c62fe1c4c5b9f861a93a52f27c7de12a26b2e1b97e
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc1a1f5967be9124339f40d1186aadb4fce2399d8aff7b20467a2ea30d868f38
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fdb376528b441b3a3bd8714c9c10512d8dec925976294b875235d974fad8caee
ff4a53b3d97b99f5a9a6b453cd2788266029278ac88dc862261df99d6d0c0a93

bg.asayamind.com Open in urlscan Pro 2606:4700:3030::6815:e9e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

137 Requests

94 %HTTPS

60 %IPv6

30 Domains

43 Subdomains

36 IPs

6 Countries

3284 kBTransfer

7387 kBSize

14 Cookies

4 Outgoing links

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bg.asayamind.com Open in urlscan Pro
2606:4700:3030::6815:e9e Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

94 %
HTTPS

60 %
IPv6

30
Domains

43
Subdomains

36
IPs

6
Countries

3284 kB
Transfer

7387 kB
Size

14
Cookies

137 HTTP transactions
2 data transactions