urlscan.io logo urlscan.io
SecurityTrails logo

offsitebu.info Open in urlscan Pro
164.90.237.173  Public Scan

Go To Rescan Add Verdict Report
URL: https://offsitebu.info/
Submission: On May 26 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 2 countries across 18 domains to perform 76 HTTP transactions. The main IP is 164.90.237.173, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is offsitebu.info.
TLS certificate: Issued by R3 on May 22nd 2024. Valid for: 3 months.
This is the only time offsitebu.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 164.90.237.173 14061 (DIGITALOC...)
7 13.32.99.27 16509 (AMAZON-02)
2 4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
1 13.32.99.52 16509 (AMAZON-02)
3 108.138.6.136 16509 (AMAZON-02)
3 2600:9000:237... 16509 (AMAZON-02)
4 172.217.16.130 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
2 108.138.36.3 16509 (AMAZON-02)
1 18.172.112.22 16509 (AMAZON-02)
2 2600:9000:26d... 16509 (AMAZON-02)
7 9 2600:9000:225... 16509 (AMAZON-02)
2 54.202.252.141 16509 (AMAZON-02)
1 2 18.244.18.38 16509 (AMAZON-02)
2 172.64.144.166 13335 (CLOUDFLAR...)
1 3.160.150.105 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 18.245.31.92 16509 (AMAZON-02)
2 18.244.15.236 16509 (AMAZON-02)
1 13.32.27.122 16509 (AMAZON-02)
10 2a04:4e42:400... 54113 (FASTLY)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42::626 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 142.250.186.66 15169 (GOOGLE)
76 29
16    164.90.237.173 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
offsitebu.info
7    13.32.99.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-27.fra60.r.cloudfront.net
ads.adthrive.com
4    2606:4700:10::6816:2e76 (United States)

ASN13335 (CLOUDFLARENET, US)
app.slickstream.com
c03f.app.slickstream.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
1    13.32.99.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-52.fra60.r.cloudfront.net
ads.adthrive.com
3    108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net
c.amazon-adsystem.com
3    2600:9000:237d:ae00:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr-wrapper.privacymanager.io
4    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2600:9000:225b:4200:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr.privacymanager.io
2    108.138.36.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-3.muc50.r.cloudfront.net
geo.privacymanager.io
1    18.172.112.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-22.fra60.r.cloudfront.net
cmp-consent-tool.privacymanager.io
2    2600:9000:26db:5a00:1b:d3ea:d40:93a1 (United States)

ASN16509 (AMAZON-02, US)
vendors.privacymanager.io
9    2600:9000:225e:9c00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
2    54.202.252.141 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-202-252-141.us-west-2.compute.amazonaws.com
pb-ing.ccgateway.net
2    18.244.18.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-38.fra56.r.cloudfront.net
sb.scorecardresearch.com
2    172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    3.160.150.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-105.fra60.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    2600:9000:225e:3600:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
1    18.245.31.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-92.fra56.r.cloudfront.net
config.aps.amazon-adsystem.com
2    18.244.15.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-15-236.fra56.r.cloudfront.net
aax.amazon-adsystem.com
1    13.32.27.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-122.fra56.r.cloudfront.net
launchpad.privacymanager.io
10    2a04:4e42:400::626 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
1    152.199.22.243 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a04:4e42::626 (United States)

ASN54113 (FASTLY, US)
assets-jpcust.jwpsrv.com
1    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2600:9000:21f3:8c00:1b:6b7c:c940:93a1 (United States)

ASN16509 (AMAZON-02, US)
prd.jwpltx.com
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
16 offsitebu.info
offsitebu.info
958 KB
11 privacymanager.io
gdpr-wrapper.privacymanager.io — Cisco Umbrella Rank: 33827
gdpr.privacymanager.io — Cisco Umbrella Rank: 37929
geo.privacymanager.io — Cisco Umbrella Rank: 1924
cmp-consent-tool.privacymanager.io — Cisco Umbrella Rank: 56427
vendors.privacymanager.io — Cisco Umbrella Rank: 97169
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 2615
launchpad.privacymanager.io — Cisco Umbrella Rank: 2008
285 KB
10 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2920
entitlements.jwplayer.com — Cisco Umbrella Rank: 2741
20 KB
8 adthrive.com
ads.adthrive.com — Cisco Umbrella Rank: 5555
408 KB
7 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 4172
338 KB
6 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 308
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 630
aax.amazon-adsystem.com — Cisco Umbrella Rank: 419
81 KB
5 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2347
273 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
171 KB
4 slickstream.com
app.slickstream.com — Cisco Umbrella Rank: 11235
c03f.app.slickstream.com — Cisco Umbrella Rank: 66966
1010 B
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 491
137 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1603
171 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 191
4 KB
2 ccgateway.net
pb-ing.ccgateway.net — Cisco Umbrella Rank: 10546
366 B
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 2906
pixel.wp.com — Cisco Umbrella Rank: 2883
3 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
14 KB
1 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 2505
204 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 326
17 KB
1 jwplatform.com
content.jwplatform.com — Cisco Umbrella Rank: 4731
43 KB
76 18
Domain Requested by
16 offsitebu.info offsitebu.info
9 cdn.jwplayer.com 7 redirects ads.adthrive.com
content.jwplatform.com
ssl.p.jwpcdn.com
8 ads.adthrive.com offsitebu.info
ads.adthrive.com
7 assets-jpcust.jwpsrv.com
5 ssl.p.jwpcdn.com content.jwplatform.com
4 securepubads.g.doubleclick.net ads.adthrive.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
3 gdpr-wrapper.privacymanager.io ads.adthrive.com
gdpr.privacymanager.io
3 c.amazon-adsystem.com ads.adthrive.com
c.amazon-adsystem.com
2 imasdk.googleapis.com content.jwplatform.com
imasdk.googleapis.com
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 cdn.confiant-integrations.net ads.adthrive.com
cdn.confiant-integrations.net
2 sb.scorecardresearch.com 1 redirects
2 pb-ing.ccgateway.net ads.adthrive.com
2 vendors.privacymanager.io gdpr.privacymanager.io
2 geo.privacymanager.io gdpr.privacymanager.io
2 c03f.app.slickstream.com offsitebu.info
2 app.slickstream.com 2 redirects
1 pagead2.googlesyndication.com imasdk.googleapis.com
1 prd.jwpltx.com
1 s0.2mdn.net imasdk.googleapis.com
1 entitlements.jwplayer.com content.jwplatform.com
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 content.jwplatform.com ads.adthrive.com
1 launchpad-wrapper.privacymanager.io ads.adthrive.com
1 cmp-consent-tool.privacymanager.io gdpr.privacymanager.io
1 gdpr.privacymanager.io gdpr-wrapper.privacymanager.io
1 pixel.wp.com offsitebu.info
1 stats.wp.com offsitebu.info
76 29

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.pinterest.com
www.instagram.com
www.youtube.com
Subject Issuer Validity Valid
offsitebu.info
R3		 2024-05-22 -
2024-08-20		 3 months crt.sh
*.adthrive.com
Amazon RSA 2048 M03		 2024-04-05 -
2025-05-04		 a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
ccgateway.net
R3		 2024-05-10 -
2024-08-08		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2024-05-14 -
2024-08-12		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-30 -
2024-09-30		 a year crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1		 2024-05-12 -
2025-06-12		 a year crt.sh
upload.video.google.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
jwpltx.com
Amazon RSA 2048 M03		 2023-10-12 -
2024-11-09		 a year crt.sh

This page contains 5 frames:

Primary Page: https://offsitebu.info/
Frame ID: F7E4E4A66F22B9D1957567D545C938EE
Requests: 77 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/073145e/html/i.html
Frame ID: 27CF60A0D122F638B972725777BDF459
Requests: 1 HTTP requests in this frame

Frame: https://cmp-consent-tool.privacymanager.io/latest/index.html
Frame ID: 36B41C35AD672DD008BB42D6421F478D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.642.0_en.html
Frame ID: FE233FE5290F0D7787902547C3C1720B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9A1107E282B12D8BDAEF0598BFBF6E48
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Easy Tried and True Recipes - Daily Yum

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

76
Requests

86 %
HTTPS

39 %
IPv6

18
Domains

29
Subdomains

29
IPs

2
Countries

2922 kB
Transfer

7577 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://app.slickstream.com/d/page-boot-data?site=CTQKJBFV&url=https%3A%2F%2Foffsitebu.info%2F HTTP 302
  • https://c03f.app.slickstream.com/d/page-boot-data?site=CTQKJBFV&url=https%3A%2F%2Foffsitebu.info%2F
Request Chain 30
  • https://app.slickstream.com/d/page-boot-data?site=CTQKJBFV&url=https%3A%2F%2Foffsitebu.info%2F HTTP 302
  • https://c03f.app.slickstream.com/d/page-boot-data?site=CTQKJBFV&url=https%3A%2F%2Foffsitebu.info%2F
Request Chain 50
  • https://sb.scorecardresearch.com/cs/6035453/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js
Request Chain 70
  • https://cdn.jwplayer.com/strips/iTe3O6Kz-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/iTe3O6Kz-120.vtt
Request Chain 73
  • https://cdn.jwplayer.com/v2/media/iTe3O6Kz/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/ekyaztee-720.jpg
Request Chain 74
  • https://cdn.jwplayer.com/v2/media/iTe3O6Kz/poster.jpg?width=640 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/ekyaztee-640.jpg
Request Chain 79
  • https://cdn.jwplayer.com/strips/MvJVeurx-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/MvJVeurx-120.vtt
Request Chain 80
  • https://cdn.jwplayer.com/v2/media/MvJVeurx/poster.jpg?width=640 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/507i3xgv-640.jpg
Request Chain 81
  • https://cdn.jwplayer.com/strips/iTe3O6Kz-120.jpg HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/iTe3O6Kz-120.jpg
Request Chain 82
  • https://cdn.jwplayer.com/v2/media/2Rq4Dq8B/poster.jpg?width=120 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/o8h83tw7-120.jpg

76 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offsitebu.info/ 		332 KB
332 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
63d91b0e9d09a2a94c459280bfeeda40e778b3579b51aae43fe1d5e869191065

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
339569
content-type
text/html; charset=UTF-8
date
Sun, 26 May 2024 07:32:42 GMT
last-modified
Wed, 22 May 2024 09:42:46 GMT
server
nginx/1.15.4
ads.min.js
ads.adthrive.com/sites/63927fea0da8bf3284ac7e6d/ 		90 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/63927fea0da8bf3284ac7e6d/ads.min.js?referrer=https%3A%2F%2Foffsitebu.info%2F&cb=62
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
3e9275cbfbb0a3acd0d5b2f3a8ffbf66c19697ca379bac10c1d66252c716495e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

adthrive-bucket
flex-25
date
Sun, 26 May 2024 07:32:43 GMT
content-encoding
br
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
adthrive-deployment
2024-05-24-02:acd-396:pr4849:073145e:4
x-amz-cf-pop
FRA60-P3
adthrive-commit
073145e
x-cache
Miss from cloudfront
adthrive-gdpr
true
pragma
no-cache
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, must-revalidate, s-maxage=28800
x-amz-cf-id
H9YG9q-ZdMGL0lcdKAGmVscMi0rtSEse4L0S77pm4TQ5mr3CVYPcqg==
expires
0
jquery.min.js
offsitebu.info/wp-includes/js/jquery/ 		86 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offsitebu.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:42 GMT
last-modified
Wed, 22 May 2024 09:43:15 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
87553
content-type
application/javascript; charset=utf-8
jquery-migrate.min.js
offsitebu.info/wp-includes/js/jquery/ 		13 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offsitebu.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:42 GMT
last-modified
Wed, 22 May 2024 09:43:15 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
13577
content-type
application/javascript; charset=utf-8
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b85686532bf02fb28b472480bc32794c7cb3f7f3c6ac57aa81b3177ab3890028

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
cropped-8452C9E3-6295-4A0F-A58E-E0C992F871CE.png
offsitebu.info/wp-content/uploads/2022/07/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsitebu.info/wp-content/uploads/2022/07/cropped-8452C9E3-6295-4A0F-A58E-E0C992F871CE.png
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
e81065dd56ec28e086da29bf46c1df4ad3c0a84e3e26ff81f721c7091318b9d1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:42 GMT
last-modified
Wed, 22 May 2024 09:43:15 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
68615
content-type
image/png
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c704aede1d014c046dabc777d84a5dadfe636445c6e031cb35869edcb68c2d2

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2908e55eb30a33aa0a6974ad7a7ba1c7f86718929abce2471760d338b944d2cf

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6575fa3e27517086e42ef2851c7dd0a2c664f78f030c9c6f3a113831fe617e69

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f9b391ce09f03b0841c105445cf76e67d6f19b4d193d9475037ef29bdd9b9cd

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
page-boot-data
c03f.app.slickstream.com/d/
Redirect Chain
  • https://app.slickstream.com/d/page-boot-data?site=CTQKJBFV&url=https%3A%2F%2Foffsitebu.info%2F
  • https://c03f.app.slickstream.com/d/page-boot-data?site=CTQKJBFV&url=https%3A%2F%2Foffsitebu.info%2F
40 B
392 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c03f.app.slickstream.com/d/page-boot-data?site=CTQKJBFV&url=https%3A%2F%2Foffsitebu.info%2F
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Server
2606:4700:10::6816:2e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
689b73bfdbec6e41e162f52507257b5da67eb295221ef27709ba191a147fa44b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://offsitebu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
BYPASS
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
access-control-max-age
43200
access-control-allow-methods
POST, PUT, GET, OPTIONS
access-control-allow-origin
*
content-type
text/html; charset=utf-8
cache-control
public, max-age=900
x-slickstream-consent
ask
x-ss-serverid
c03-app-55c97ddd49-8stjk
cf-ray
889c12aadda02beb-FRA

Redirect headers

date
Sun, 26 May 2024 07:32:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
x-powered-by
Express
content-length
121
cdn-cache-control
public, max-age=900
server
cloudflare
access-control-max-age
43200
access-control-allow-methods
GET, HEAD, POST, PUT, OPTIONS
content-type
text/plain; charset=utf-8
location
https://c03f.app.slickstream.com/d/page-boot-data?site=CTQKJBFV&url=https%3A%2F%2Foffsitebu.info%2F
access-control-allow-origin
*
cache-control
public, max-age=900
vary
Accept, Accept-Encoding
x-ss-serverid
common-app-6f75549957-txzcj
x-slickstream-consent
ask
cf-ray
889c12a8cab09f4b-FRA
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4700db5c4d259a986d368efc9ff56fd86d9459d5e64bb74bf74935d5139329c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ac0e7e7f71d143292b51ee698a5795bdf2531f3739570467cfad74ad81be01a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07e029883bbc9adc7427cad81fd42eb4abefa79308d02af6d726a1abb2c3e7fa

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
search.svg
offsitebu.info/wp-content/themes/foodiepro-v444/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsitebu.info/wp-content/themes/foodiepro-v444/images/search.svg
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
b1997dab216a1ae3a6865fed352a6e580a0b7d87963556fed51daed631f6dcdf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:42 GMT
last-modified
Wed, 22 May 2024 09:43:15 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
1564
content-type
image/svg+xml
e-202421.js
stats.wp.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202421.js
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-minify-cache
hit
x-nc
HIT hhn
date
Sun, 26 May 2024 07:32:43 GMT
content-encoding
br
server
nginx
x-minify
t
etag
W/14377-1704402356563.6672
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
alt-svc
h3=":443"; ma=86400
expires
Tue, 13 May 2025 13:19:18 GMT
abd.js
ads.adthrive.com/abd/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/abd/abd.js
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
os8MwQFHVWjrrk14iP4Ip4gSDo8pMj4I
content-encoding
br
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
date
Sun, 26 May 2024 06:38:37 GMT
x-amz-cf-pop
FRA60-P3
age
3247
x-cache
Hit from cloudfront
last-modified
Tue, 06 Sep 2022 21:10:57 GMT
server
AmazonS3
etag
W/"1a1900d242621b126237113a25ab0ab3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
wgKT12TpwzfQ_S8sCu_uXeriNRgoFJ_3VK4pVLdU1Lr8U9o-sgUfSA==
lazyload.min.js
offsitebu.info/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offsitebu.info/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
last-modified
Wed, 22 May 2024 09:43:15 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
8892
content-type
application/javascript; charset=utf-8
g.gif
pixel.wp.com/ 		50 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=61761802&post=5949&tz=-4&srv=dailyyum.com&j=1%3A13.4.3&host=offsitebu.info&ref=&fcp=0&rand=0.4624969012031037
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sun, 26 May 2024 07:32:43 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
air-fryer-tilapia-fish-recipe-500x500.jpg
offsitebu.info/wp-content/uploads/2024/05/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsitebu.info/wp-content/uploads/2024/05/air-fryer-tilapia-fish-recipe-500x500.jpg
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
0df06c875c5fc42fae96397af2e40c6201d81f4c727c1e634864313401db6c46

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
last-modified
Wed, 22 May 2024 09:43:15 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
43912
content-type
image/jpeg
air-fryer-pineapple-with-crispy-edges-500x500.jpg
offsitebu.info/wp-content/uploads/2024/05/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsitebu.info/wp-content/uploads/2024/05/air-fryer-pineapple-with-crispy-edges-500x500.jpg
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
21a8297a03caec540dddc2cca5be00026985dcb52c7e5e217729425bac96d67d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
last-modified
Wed, 22 May 2024 09:43:15 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
55233
content-type
image/jpeg
homemade-copycat-chick-fila-a-sauce-500x500.jpg
offsitebu.info/wp-content/uploads/2024/05/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsitebu.info/wp-content/uploads/2024/05/homemade-copycat-chick-fila-a-sauce-500x500.jpg
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
d3b94b743c9c01a263a8494e6fe20d61045f87044a48db7dae6c28adf32544d9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
last-modified
Wed, 22 May 2024 09:43:15 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
47504
content-type
image/jpeg
coconut-crusted-charred-chicken-breast-500x500.jpg
offsitebu.info/wp-content/uploads/2024/04/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsitebu.info/wp-content/uploads/2024/04/coconut-crusted-charred-chicken-breast-500x500.jpg
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
5bc0d9989666598716c07a78e2e0fdcbd741d00c28da0e6ceb238060e9209abe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
last-modified
Wed, 22 May 2024 09:43:15 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
61455
content-type
image/jpeg
Crispy-Air-Fryer-French-Bread-Pizza-Recipe-500x500.jpg
offsitebu.info/wp-content/uploads/2024/04/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsitebu.info/wp-content/uploads/2024/04/Crispy-Air-Fryer-French-Bread-Pizza-Recipe-500x500.jpg
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
69c77496e93a36c26e5f824028b89165e08e61149167c1f32bca7cc010303b2f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
last-modified
Wed, 22 May 2024 09:43:15 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
72864
content-type
image/jpeg
air-fryer-egg-bites-recipe-cooked-in-ramekins-500x500.jpg
offsitebu.info/wp-content/uploads/2024/04/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsitebu.info/wp-content/uploads/2024/04/air-fryer-egg-bites-recipe-cooked-in-ramekins-500x500.jpg
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
94aa0553194d7119b325a016e9582708bfc3f28102375662d79b4fb724e5ba45

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
last-modified
Wed, 22 May 2024 09:43:15 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
40699
content-type
image/jpeg
1-inch-thick-fluffy-pancake-500x500.jpg
offsitebu.info/wp-content/uploads/2024/03/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsitebu.info/wp-content/uploads/2024/03/1-inch-thick-fluffy-pancake-500x500.jpg
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
f7b9a05474cefee8acce5c47bad0251ad77f6dfcd54ffd7fa9e833141d11def8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
last-modified
Wed, 22 May 2024 09:43:15 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
33953
content-type
image/jpeg
charred-crispy-carrots-in-air-fryer-500x500.jpg
offsitebu.info/wp-content/uploads/2024/03/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsitebu.info/wp-content/uploads/2024/03/charred-crispy-carrots-in-air-fryer-500x500.jpg
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
9c9760e4851e8f96d14fe6604dfb7ac26e470b212f7c62ee06d4ceb9fb3b9558

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
last-modified
Wed, 22 May 2024 09:43:15 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
65789
content-type
image/jpeg
Irina-Davey-Food-Blogger.jpg
offsitebu.info/wp-content/uploads/2020/10/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://offsitebu.info/wp-content/uploads/2020/10/Irina-Davey-Food-Blogger.jpg
Requested by
Host: offsitebu.info
URL: https://offsitebu.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
d5efb2f774b54c8f777d3925c985eddddaf66fea49008087661656d28fc5646e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
last-modified
Wed, 22 May 2024 09:44:13 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
37347
content-type
image/jpeg
marmalade
ads.adthrive.com/api/v1/ 		8 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v1/marmalade?siteid=63927fea0da8bf3284ac7e6d&url=https%3A%2F%2Foffsitebu.info%2F&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/63927fea0da8bf3284ac7e6d/ads.min.js?referrer=https%3A%2F%2Foffsitebu.info%2F&cb=62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
/
Resource Hash
88b19c9dedbd03b6f58fddfaca2aa339807f5248287fc9ee29541487e6158e20

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
content-encoding
br
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amzn-trace-id
Root=1-6652e59b-300cf02b6e7bcd5c330b63eb;Parent=0c3d6d38dca2c137;Sampled=0;lineage=e948d84a:0
x-amzn-requestid
e968729f-a823-4dea-b932-eabe7dc9feed
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=3600
x-amz-apigw-id
YXjQVEXVIAMEWbQ=
x-amz-cf-id
mD1F66yY4fhYS-3LQuRIr2qQunhxRQYTuBEIpohOM4J7jJ6h5dWUag==
63927fea0da8bf3284ac7e6d
ads.adthrive.com/api/v2/raptiveFloors/ 		103 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v2/raptiveFloors/63927fea0da8bf3284ac7e6d
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/63927fea0da8bf3284ac7e6d/ads.min.js?referrer=https%3A%2F%2Foffsitebu.info%2F&cb=62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
/
Resource Hash
085b7af1e4e0c1dfe15975fd460a0db2daa1893005af81a4df0e7e27e82295ea

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:44 GMT
content-encoding
br
via
1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amzn-trace-id
Root=1-6652e59b-72374d27707b03030ababc95;Parent=2245609ad9467a9f;Sampled=0;lineage=e7e36c41:0
x-amzn-requestid
045ee4b9-6304-40f1-9eed-767e395e2770
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-apigw-id
YXjQWHlKoAMEYBA=
x-amz-cf-id
2xiKHXFZPjLQKTfWNhwsFz5J3v0U1eP9t27t2Cjw7FZuzAjc-DVIwg==
adthrive.min.js
ads.adthrive.com/builds/core/073145e/es2018/js/ 		849 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/073145e/es2018/js/adthrive.min.js?deployment=2024-05-24-02:acd-396:pr4849:073145e:4&bucket=flex-25&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=63927fea0da8bf3284ac7e6d
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/63927fea0da8bf3284ac7e6d/ads.min.js?referrer=https%3A%2F%2Foffsitebu.info%2F&cb=62
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
c2e9de9db2f46baf7053aa5d8402763313c5094816e9c1f7d82e3e4b30a0058d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 00:06:17 GMT
content-encoding
br
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P3
age
26786
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, s-maxage=86400
x-amz-cf-id
BGaBQIElEim48Xg2pQ7sM6CLADRlxQsLwGIQzLHZ_n4hdS3E726iaQ==
page-boot-data
c03f.app.slickstream.com/d/
Redirect Chain
  • https://app.slickstream.com/d/page-boot-data?site=CTQKJBFV&url=https%3A%2F%2Foffsitebu.info%2F
  • https://c03f.app.slickstream.com/d/page-boot-data?site=CTQKJBFV&url=https%3A%2F%2Foffsitebu.info%2F
40 B
140 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c03f.app.slickstream.com/d/page-boot-data?site=CTQKJBFV&url=https%3A%2F%2Foffsitebu.info%2F
Protocol
H2
Server
2606:4700:10::6816:2e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
689b73bfdbec6e41e162f52507257b5da67eb295221ef27709ba191a147fa44b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://offsitebu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
BYPASS
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
access-control-max-age
43200
access-control-allow-methods
POST, PUT, GET, OPTIONS
access-control-allow-origin
*
content-type
text/html; charset=utf-8
cache-control
public, max-age=900
x-slickstream-consent
ask
x-ss-serverid
c03-app-55c97ddd49-6nhdb
cf-ray
889c12ad88b32beb-FRA

Redirect headers

date
Sun, 26 May 2024 07:32:43 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
age
0
x-powered-by
Express
content-length
121
cdn-cache-control
public, max-age=900
server
cloudflare
access-control-max-age
43200
access-control-allow-methods
GET, HEAD, POST, PUT, OPTIONS
content-type
text/plain; charset=utf-8
location
https://c03f.app.slickstream.com/d/page-boot-data?site=CTQKJBFV&url=https%3A%2F%2Foffsitebu.info%2F
access-control-allow-origin
*
cache-control
public, max-age=900
vary
Accept, Accept-Encoding
x-ss-serverid
common-app-6f75549957-txzcj
x-slickstream-consent
ask
cf-ray
889c12ad78d09f4b-FRA
favicon.ico
offsitebu.info/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://offsitebu.info/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
164.90.237.173 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.15.4 /
Resource Hash
59453cc7ce58d6637ec6586b5794cdc8c151afadb9e599a7a494cef99eb6ff4e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
last-modified
Wed, 22 May 2024 09:43:15 GMT
server
nginx/1.15.4
accept-ranges
bytes
content-length
1150
content-type
image/x-icon
i.html
ads.adthrive.com/builds/core/073145e/html/ Frame 27CF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/073145e/html/i.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/073145e/es2018/js/adthrive.min.js?deployment=2024-05-24-02:acd-396:pr4849:073145e:4&bucket=flex-25&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=63927fea0da8bf3284ac7e6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-52.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://offsitebu.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
95
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sun, 26 May 2024 07:31:09 GMT
etag
W/"7ff33d1082bd05a8e5c77e94bc0fa576"
last-modified
Fri, 24 May 2024 14:19:29 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-id
xKjwnFfvXONEDWRc_jdFhaB4DGzr8FlBZTEW4sm4vWo0EbzOynvCFA==
x-amz-cf-pop
FRA60-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
XQkwBbZXmr.bPoQ4K0rvrCaBC5yeFvOm
x-cache
Hit from cloudfront
prebid.min.js
ads.adthrive.com/builds/core/073145e/gdpr/vendor/prebid/es2018/ 		660 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/073145e/gdpr/vendor/prebid/es2018/prebid.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/073145e/es2018/js/adthrive.min.js?deployment=2024-05-24-02:acd-396:pr4849:073145e:4&bucket=flex-25&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=63927fea0da8bf3284ac7e6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ea778e34c3dc349a17be5ae4178fc3c759213fa2fbb945c817186fc7c83e1d3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
guR41f9FDRjCnqlloZqdHBgYxDuXAFcY
content-encoding
br
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
date
Sun, 26 May 2024 07:00:55 GMT
last-modified
Fri, 24 May 2024 14:19:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
1909
x-amz-server-side-encryption
AES256
etag
W/"7af9251f62ba7603fdfc0f11c3ac5394"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
bZZ6i7rRY1JWdiu2qo7o07ShQFm342JDnoGWbWefTbGca_cF5W4xAg==
apstag.js
c.amazon-adsystem.com/aax2/ 		303 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/073145e/es2018/js/adthrive.min.js?deployment=2024-05-24-02:acd-396:pr4849:073145e:4&bucket=flex-25&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=63927fea0da8bf3284ac7e6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5339b2c0e2da97d564233498a2ee75b6fd895f8408d4bd90d1319d002a3f46d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 06:54:35 GMT
content-encoding
gzip
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
last-modified
Tue, 07 May 2024 20:29:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2289
x-amz-server-side-encryption
AES256
etag
W/"299fe111f64c76143769e50e3f9edd6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
7KkIyYzZr-P3lqNAxfmu5U1awl_Cc37kU00Q47xPlMjlyMR5dkPKVA==
gdpr-liveramp.js
gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/ 		478 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/gdpr-liveramp.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/073145e/es2018/js/adthrive.min.js?deployment=2024-05-24-02:acd-396:pr4849:073145e:4&bucket=flex-25&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=63927fea0da8bf3284ac7e6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:ae00:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c41e0dbe6565a4a2b82fe534555bbf2a469fcaf3c2105eb0491602b39e02dc41

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
HVb6kcsmemKWzmdhkLWudCfj5ZMOY_ZE
content-encoding
gzip
via
1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
date
Sun, 26 May 2024 02:31:21 GMT
x-amz-cf-pop
MUC50-P2
age
18084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="gdpr-liveramp.js"
last-modified
Wed, 15 May 2024 12:29:55 GMT
server
AmazonS3
etag
W/"c915bc42d12784abc0679a7a5bbab0f4"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
58RRfDLRmPyF2RwxMYd903-FeoU5qynkyB94TPUncHFZMyTIY6tt3g==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/073145e/es2018/js/adthrive.min.js?deployment=2024-05-24-02:acd-396:pr4849:073145e:4&bucket=flex-25&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=63927fea0da8bf3284ac7e6d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
75a257646d6715d8b5d3ecb5d27d570789080270db89900aa64d3fd4e3f3eb42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29830
x-xss-protection
0
server
cafe
etag
983 / 19869 / m202405210101 / config-hash: 9677823490987414970
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 26 May 2024 07:32:43 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
date
Sun, 26 May 2024 07:32:45 GMT
x-amz-cf-pop
FRA56-P6
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
M0oyNLOGKpCrKLZ_WePFcj1Qw0sexgRv78wAU_wfJ8UoFsAttYYZ-g==
gdpr.bundle.js
gdpr.privacymanager.io/latest/ 		136 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Requested by
Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/gdpr-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:4200:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27f62274d9858073e8f3e5643a6bf652b6a1576e00dae337f8c7e12f6b91b97c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Y_FI2tHwceecL4aCNm0w90ZTQwQBXlnf
content-encoding
gzip
via
1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
date
Sun, 26 May 2024 06:35:14 GMT
last-modified
Wed, 03 Jan 2024 12:37:03 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P1
age
3449
x-amz-server-side-encryption
AES256
etag
W/"97a8e6b3690e415e6982e057a4ec3a39"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
eAkAcGMoc-Gh9F9eH7Me_AcRtlTlYYuWZast6rLSRqyuY4JCfE7eNA==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/ 		453 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
28d67e38e786f668fd2626102d56948a804d96d7e7da9fab7a7cedbde80adcf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 19:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
44563
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144883
x-xss-protection
0
server
cafe
etag
4044733500222243164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 25 May 2025 19:10:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		68 B
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=offsitebu.info
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
d8a55c153acb96781aa127df7db7b2b3f5ccb4670a14451b8af901081d875bca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55
x-xss-protection
0
expires
Sun, 26 May 2024 07:32:43 GMT
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/vendor-list.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:ae00:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://offsitebu.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
age
68563
content-length
0
date
Sat, 25 May 2024 12:30:02 GMT
server
AmazonS3
via
1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
x-amz-cf-id
ATecAr1BHUWiDcSMifDVpsbw9fazIAU-8LcNueqtCUV9nuBnRv94VA==
x-amz-cf-pop
MUC50-P2
x-cache
Hit from cloudfront
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-3.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://offsitebu.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Sun, 26 May 2024 07:32:44 GMT
via
1.1 2551fa016e0e39646c40c584001d7b4e.cloudfront.net (CloudFront), 1.1 a79cccd642ddc0038c3b0c4a9e7fcd6c.cloudfront.net (CloudFront)
x-amz-apigw-id
YXjQcGLZDoEEnwA=
x-amz-cf-id
IImdL4aAB3HaC9LFHaAArZgN9vmjoSEyi0b64PIvhz-xOmPPPu9qmA==
x-amz-cf-pop
MUC50-P1 MUC50-P2
x-amzn-requestid
a564b2f2-29a7-42f0-a2a1-e5feab879ef1
x-cache
Miss from cloudfront
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/ 		106 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/34233849-5500-4e44-8601-5006ae8d13fe/vendor-list.json
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237d:ae00:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
654e82c295f6853ff61029bd2ef3fbd52ccf3c5ed1d07726435231d31c86b2d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://offsitebu.info/
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
iQSCVZGo75BPrFhiAE32HREUgoZ8e43e
content-encoding
gzip
via
1.1 ac1ae217387c42a8268a34d5a89f4b46.cloudfront.net (CloudFront)
date
Sun, 26 May 2024 07:15:04 GMT
x-amz-cf-pop
MUC50-P2
age
1075
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 24 May 2024 17:40:20 GMT
server
AmazonS3
etag
W/"bcc6cf82d0e6a7b0146a1125ca4dd0a8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
NSqnYalb_NjyIdoWEM79Yr8qhcGRfOTz4BKAAj5RR2yrGpdtUJkclg==
/
geo.privacymanager.io/ 		30 B
626 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-3.muc50.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://offsitebu.info/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 02:15:15 GMT
via
1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront), 1.1 a79cccd642ddc0038c3b0c4a9e7fcd6c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, MUC50-P2
age
19049
x-amzn-trace-id
Root=1-66529b33-7962fb5379efdc261f4056aa;Parent=7ab3b48a7f7daf68;Sampled=0;lineage=06620786:0
x-amzn-requestid
b1e309ab-33ba-4390-9870-236fa185823a
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
YW0wBH-0DoEEFuA=
content-length
30
x-amz-cf-id
K-JWL8TW0L71O_Ykciog2ojJl4KQhNQTn1YDIoAPEbCEUWgvUk_Ysw==
index.html
cmp-consent-tool.privacymanager.io/latest/ Frame 36B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/index.html
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-22.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://offsitebu.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
123150
cache-control
must-revalidate,public,max-age=604800
content-encoding
br
content-type
text/html
date
Fri, 24 May 2024 21:20:15 GMT
etag
W/"75610cde1541054da56aaac17da27360"
last-modified
Mon, 20 Nov 2023 09:32:51 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 81a2ccccd3da8ffc5c6580a9c9d4bace.cloudfront.net (CloudFront)
x-amz-cf-id
Q_lNec5WdWXTDpIdxF_LYotQ2BIECeL-mhVnc1LocgHiU2SorLQULw==
x-amz-cf-pop
FRA60-P8
x-amz-server-side-encryption
AES256
x-amz-version-id
.t5aPfxCiC3dcMaLwZ0jl5ylX_nghvVJ
x-cache
Hit from cloudfront
purposes-de.json
vendors.privacymanager.io/v3/ 		52 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vendors.privacymanager.io/v3/purposes-de.json
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:5a00:1b:d3ea:d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38215063b833b4bf896334afc70b9a0571a17534345470efaf0e36cd3de12353

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
x-amz-version-id
_.NsOd8YVSAWRro25NRtea21GlHB5d4I
content-encoding
gzip
via
1.1 ca623c10f2a669c8a9af30362937ebac.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 11 Apr 2024 11:41:29 GMT
server
AmazonS3
etag
W/"461cf56e2a57a9a56548d04cfe872374"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
3C51YGXeglk5_eAIP7WMMFYUdoGkLv0zg3EtHw1CYJlFC4peremriQ==
purposes-de.json
vendors.privacymanager.io/v3/ 		52 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vendors.privacymanager.io/v3/purposes-de.json
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:5a00:1b:d3ea:d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38215063b833b4bf896334afc70b9a0571a17534345470efaf0e36cd3de12353

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
x-amz-version-id
_.NsOd8YVSAWRro25NRtea21GlHB5d4I
content-encoding
gzip
via
1.1 ca623c10f2a669c8a9af30362937ebac.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Thu, 11 Apr 2024 11:41:29 GMT
server
AmazonS3
etag
W/"461cf56e2a57a9a56548d04cfe872374"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
3C51YGXeglk5_eAIP7WMMFYUdoGkLv0zg3EtHw1CYJlFC4peremriQ==
xndzMxXT
cdn.jwplayer.com/v2/playlists/ 		81 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/xndzMxXT?max_resolution=1280
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/073145e/es2018/js/adthrive.min.js?deployment=2024-05-24-02:acd-396:pr4849:073145e:4&bucket=flex-25&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=63927fea0da8bf3284ac7e6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
05ad428d61566996605db81fe11478551c1106ec292959ecc93e6e72eb88fd17

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:44 GMT
content-encoding
gzip
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
9472
x-amz-cf-id
pzjUqpAjTqwWUWOLVmDQbN_yAwEULyx8DOiggopQ7qZfuOTSTW1xJw==
expires
Sun, 26 May 2024 07:35:44
page_load
pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/page_load
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.202.252.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-252-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://offsitebu.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://offsitebu.info
access-control-max-age
86400
date
Sun, 26 May 2024 07:32:45 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
beacon.js
sb.scorecardresearch.com/internal-cs/6035453/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6035453/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js
10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js
Protocol
H2
Server
18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-38.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68eaee1dfb1182af9bbb1cd60df98aceb32c2de546d8afe7f6480ac94679b350

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://offsitebu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 26 May 2024 04:13:23 GMT
content-encoding
gzip
via
1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
last-modified
Mon, 15 Apr 2024 09:46:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
16393
x-amz-server-side-encryption
AES256
etag
W/"380203da1313f445d8bc395ba3b88bad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
Bm8_5huGsD9YUq97IzQs0QtqaKJHJJ4ACgwcD4VxTd5YtC46Rf73OQ==

Redirect headers

date
Sun, 26 May 2024 07:32:44 GMT
via
1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
location
/internal-cs/6035453/beacon.js
content-length
0
x-amz-cf-id
aA4zhHUSOrFiQcoxSON4-COHFhGw1-Dfetwnrbwn8qsoO8-260LFvA==
config.js
cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/ 		321 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/073145e/es2018/js/adthrive.min.js?deployment=2024-05-24-02:acd-396:pr4849:073145e:4&bucket=flex-25&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=63927fea0da8bf3284ac7e6d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
829f86439bce220aa4e37a8b6ecd0e94b15b01b51725881bd3069830007a23d0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:44 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
B5KT2QGXBJ3YNZ16
age
289
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
65486
x-amz-id-2
wWgsxTuGin7Os35TEu35dpVFckwmBAfgSU+cv1qMlasAWrzl2ecaqq/Eq20/gvF+5bdvKk9kTvw=
last-modified
Sun, 26 May 2024 04:08:59 GMT
server
cloudflare
etag
"2261dc841000f9dfe2fd9e04cc1ee83f"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
cf-ray
889c12b339da9bbf-FRA
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/ 		345 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/073145e/es2018/js/adthrive.min.js?deployment=2024-05-24-02:acd-396:pr4849:073145e:4&bucket=flex-25&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=63927fea0da8bf3284ac7e6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56bac9ea6760f3ff6fdd160ab7a566367558c996a5a1453b796d85f37208845f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Lhhuec.W.qrWQpQTth94dtO2siYbvhWK
content-encoding
gzip
via
1.1 0f391c2597a5d33716c9422eacf66306.cloudfront.net (CloudFront)
date
Sun, 26 May 2024 02:11:47 GMT
x-amz-cf-pop
FRA60-P7
age
19258
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Wed, 01 May 2024 18:18:53 GMT
server
AmazonS3
etag
W/"deaea14c98a96aab090d1c714f3de8f0"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
s5F2IPGN47w-Eg75K20_SqQm6tc0LxNZI1uZfNseIRoAfvSLfi0Ktg==
jqAzneno.js
content.jwplatform.com/libraries/ 		117 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/jqAzneno.js?version_override=8.30.0
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/073145e/es2018/js/adthrive.min.js?deployment=2024-05-24-02:acd-396:pr4849:073145e:4&bucket=flex-25&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=63927fea0da8bf3284ac7e6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:3600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
1c26228a48f35b6b947725875e44570c5c742d96d6c50028973f9981d2701209

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:44 GMT
content-encoding
gzip
via
1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
43906
x-amz-cf-id
whhhNsEr-lFRg_pTm5Jlj6Gn7L8Yz6ZNucGzYarHxRhVpIJJjJ4SWQ==
ads.min.css
ads.adthrive.com/sites/63927fea0da8bf3284ac7e6d/ 		920 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/63927fea0da8bf3284ac7e6d/ads.min.css
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/073145e/es2018/js/adthrive.min.js?deployment=2024-05-24-02:acd-396:pr4849:073145e:4&bucket=flex-25&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=63927fea0da8bf3284ac7e6d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-27.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
a890ca3cb425390e992eb0280364df9d0002129f27b4fe1dd41612f23395f039

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 25 May 2024 22:39:00 GMT
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P3
age
32024
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600, s-maxage=86400
content-length
920
x-amz-cf-id
w_2DIcQwnGKdNOF6Au1Nbols_J3ETcWq72y2tOyg3nMabL8j2tJ6ug==
4fbba76f-7987-4fa2-9733-c27eb3a2170b
config.aps.amazon-adsystem.com/configs/ 		563 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-92.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
57da007436809f672fd40685d537dff9c1041c6d662e6e98a29442462942a54c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:12:42 GMT
via
1.1 1feab8d6a8e5cc920c359b62fd33d3de.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P8
age
1202
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
8dnC4IYvaSVA-NoA-M5RP572rCR1RpQ20llkP2N9P77Xd0X4VvVebw==
config
c.amazon-adsystem.com/cdn/prod/ 		494 B
843 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Foffsitebu.info&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-6-136.fra56.r.cloudfront.net
Software
Server /
Resource Hash
068fcfb02c6a1bb3605aa25f2ca8f71cd9317c4fd909dd2a682defc8189fd35f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:43 GMT
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://offsitebu.info
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
494
x-amz-cf-id
8O2y-_yKZIcDilu2S6JF0pVWuruiqQUopGAAzPaF5LZFdEZnV2P5tQ==
page_load
pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/ 		60 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/page_load
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/073145e/es2018/js/adthrive.min.js?deployment=2024-05-24-02:acd-396:pr4849:073145e:4&bucket=flex-25&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=63927fea0da8bf3284ac7e6d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.202.252.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-252-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
9d9e4b3660d68c14e1b89ed41f6815937e97b782d49b237b3adb4209407a1354

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://offsitebu.info
date
Sun, 26 May 2024 07:32:45 GMT
access-control-allow-credentials
true
content-length
60
vary
Origin
content-type
application/json; charset=utf-8
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Foffsitebu.info%2F&pid=RQMTeJZSlKIez&cb=0&ws=1600x1200&v=24.506.1519&t=1900&slots=%5B%7B%22sd%22%3A%22AdThrive_Footer_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F63927fea0da8bf3284ac7e6d%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A31%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C63927fea0da8bf3284ac7e6d%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-15-236.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:44 GMT
via
1.1 92818640c38efb006e1c39f31234144c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://offsitebu.info
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
Cq1_aCuljqY_WX-TFGtqZlEtMqBsIj2M8Q54x8pSniOzFkeXHpsKqg==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Foffsitebu.info%2F&pid=RQMTeJZSlKIez&cb=1&ws=1600x1200&v=24.506.1519&t=1900&slots=%5B%7B%22sd%22%3A%22AdThrive_Sidebar_9_desktop%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22320x50%22%2C%22160x600%22%2C%22300x1050%22%2C%22300x50%22%2C%22320x100%22%2C%22250x250%22%2C%221x1%22%2C%22300x420%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Sidebar_9%2F63927fea0da8bf3284ac7e6d%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A27%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C63927fea0da8bf3284ac7e6d%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.15.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-15-236.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:44 GMT
via
1.1 92818640c38efb006e1c39f31234144c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://offsitebu.info
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
lXXMIfDz1xhfy19fGyMpTgg3rKEYfdUGG-MehpLGQ_Zo6tBDjslVWw==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202402121010/ 		300 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202402121010/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:44 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
CPJNVX3WBRE4ZCNK
age
4535886
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
109265
x-amz-id-2
e07/SAF/BZ1ID7UPSLRJVa5RvKYvSWp2sOAV2ESBALKyvwi4AqooiTQrsJdMRCRi0dU/l43xhzA=
last-modified
Mon, 12 Feb 2024 15:11:18 GMT
server
cloudflare
etag
"3d93a0af15b12fc9dbbc93edd96a2b7f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
889c12b41af09bbf-FRA
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		205 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c892a3b81f32ff562d0c8f44e909e65c8366453aa55cc88c8d136bb51578375

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
G5ps5XkVrakniD._EiRoY_pU9_2jf8nx
content-encoding
br
via
1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
date
Sun, 26 May 2024 07:22:28 GMT
last-modified
Fri, 17 May 2024 13:05:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
617
x-amz-server-side-encryption
AES256
etag
W/"e71ebe4c8fcf58b53c9a099a76c2af39"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
tX9QzmcI9covY_p76PzCVxvHhpyWLnd_4lyMhxpSTkKgCMmLm8KLlw==
googima.js
ssl.p.jwpcdn.com/player/v/8.30.0/ 		74 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.0/googima.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/jqAzneno.js?version_override=8.30.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79317f11dcdac37b3a021fd1e7a44aba3d372832c7aa1f6675178ac1d5e6cd48

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:44 GMT
content-encoding
gzip
via
1.1 varnish
age
25928
x-cache
HIT
content-length
22441
x-served-by
cache-fra-eddf8230148-FRA
last-modified
Mon, 23 Oct 2023 15:56:32 GMT
server
AmazonS3
x-timer
S1716708765.939316,VS0,VE0
etag
"a88261d323c729e1484aaf704131e34f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
52198
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.30.0/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.0/jwpsrv.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/jqAzneno.js?version_override=8.30.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f4c0014a4f36c11302077dc073ef529031ce3eebc04c0ca9bc1d7ea0ed95eca

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:44 GMT
content-encoding
gzip
via
1.1 varnish
age
825
x-cache
HIT
content-length
19879
x-served-by
cache-fra-eddf8230148-FRA
last-modified
Fri, 19 Apr 2024 18:23:54 GMT
server
AmazonS3
x-timer
S1716708765.939365,VS0,VE0
etag
"d7f3733c71441c1881fc4eabe9c96086"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
29
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.30.0/ 		318 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.0/jwplayer.core.controls.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/jqAzneno.js?version_override=8.30.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b8419f63bb4186ae86a73a201c75de3a4bbbcc1c2b7910443b02261a4b29174

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:44 GMT
content-encoding
gzip
via
1.1 varnish
age
2102471
x-cache
HIT
content-length
85289
x-served-by
cache-fra-eddf8230148-FRA
last-modified
Mon, 23 Oct 2023 15:56:26 GMT
server
AmazonS3
x-timer
S1716708765.939333,VS0,VE0
etag
"f71a099576f74e3ec9b82257622dea2c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
49199
xndzMxXT
cdn.jwplayer.com/v2/playlists/ 		44 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/xndzMxXT?max_resolution=1280&page_domain=offsitebu.info
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/jqAzneno.js?version_override=8.30.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9c00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
ae4711c890b3f1d5cafa29b9addf7ad1c1d5f8d2ce07dc0de6323fa2f0a62db1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
content-encoding
gzip
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
7612
x-amz-cf-id
K6b9BiOann1mS5_dbOcuPhiGAfiNjfLyBxJ39t0NlWGRlc9Dhs4pJg==
expires
Sun, 26 May 2024 07:35:45
boLlz5OKEe2cDqJLey88AQ.json
entitlements.jwplayer.com/ 		70 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/boLlz5OKEe2cDqJLey88AQ.json
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/jqAzneno.js?version_override=8.30.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amb/6AB0) /
Resource Hash
58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
content-encoding
gzip
last-modified
Sun, 26 May 2024 04:56:40 GMT
server
ECAcc (amb/6AB0)
age
9365
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=14640
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		399 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/jqAzneno.js?version_override=8.30.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b2c8b6e7978db1a1ba167674ddb400a9168c48d9de88016fa0cd5ff9fbe720c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140126
x-xss-protection
0
expires
Sun, 26 May 2024 07:32:45 GMT
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		15 B
40 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Foffsitebu.info%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
039027fdfb64d533991b24885cf5d2cb4ca2ce917d9b4c73f464fe0cc015024f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-xss-protection
0
expires
Sun, 26 May 2024 07:32:45 GMT
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.30.0/ 		413 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.0/provider.hlsjs.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/jqAzneno.js?version_override=8.30.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ee7830c5b6fcf588dd338e19cc0f305f8f2fd07d6189f09aa70748023d1ca08

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
content-encoding
gzip
via
1.1 varnish
age
2102435
x-cache
HIT
content-length
126154
x-served-by
cache-fra-eddf8230148-FRA
last-modified
Mon, 23 Oct 2023 15:56:29 GMT
server
AmazonS3
x-timer
S1716708765.154538,VS0,VE0
etag
"ac8db5646766d8df3efbd6f48ef054bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
29699
iTe3O6Kz-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/iTe3O6Kz-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/iTe3O6Kz-120.vtt
3 KB
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/iTe3O6Kz-120.vtt
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1169df27c860a19d96339b725c224042b54d2a3e1a77482bc9edb30c112b0fbf

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://offsitebu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
262
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
455
x-served-by
cache-iad-kjyo7100054-IAD, cache-fra-eddf8230067-FRA
last-modified
Fri, 24 Feb 2023 22:21:50 GMT
server
nginx
x-timer
S1716708766.638754,VS0,VE89
etag
"99b9a08116eb40c21082726089ee5b7e"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
30615, 0

Redirect headers

date
Sun, 26 May 2024 07:32:45 GMT
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/iTe3O6Kz-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
T8dDATjhY-ZK_vdyTOLTM_hZU75aCD6Sufos3ziF8jLVtoaYCiLa3w==
related.js
ssl.p.jwpcdn.com/player/v/8.30.0/ 		103 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.30.0/related.js
Requested by
Host: content.jwplatform.com
URL: https://content.jwplatform.com/libraries/jqAzneno.js?version_override=8.30.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
250553fd5318233a8fae063430ebde889cca2c4193d7b0e688b80578f9a98ba2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
content-encoding
gzip
via
1.1 varnish
age
2102369
x-cache
HIT
content-length
25137
x-served-by
cache-fra-eddf8230148-FRA
last-modified
Mon, 23 Oct 2023 15:56:31 GMT
server
AmazonS3
x-timer
S1716708766.520947,VS0,VE0
etag
"eef5502a106c89d71de48accd0ea2e74"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
35507
iTe3O6Kz.m3u8
cdn.jwplayer.com/manifests/ 		0
0
ekyaztee-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/iTe3O6Kz/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/ekyaztee-720.jpg
60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/ekyaztee-720.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7d978f0c917f5ccae66063e7e3d8447c1906e1a0948b1a04a8548ec9d98f2646

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://offsitebu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
61216
x-served-by
cache-iad-kiad7000029-IAD, cache-fra-eddf8230148-FRA
last-modified
Fri, 24 Feb 2023 22:22:08 GMT
server
nginx
x-timer
S1716708766.662331,VS0,VE99
etag
"1b9575493278f47e8f68323f309dd06f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
44407, 0

Redirect headers

date
Sun, 26 May 2024 07:32:45 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/ekyaztee-720.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
PKG8bzurl3L9kYvY9TpVWOHcDZbfAOi8Wm2AvfBAPfHjkjOXl7BLKw==
ekyaztee-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/iTe3O6Kz/poster.jpg?width=640
  • https://assets-jpcust.jwpsrv.com/thumbnails/ekyaztee-640.jpg
50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/ekyaztee-640.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfbe60cd5b73c7e924d496bd28179bc4d14a5937e169382a3f2c2b11740c0ef4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://offsitebu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
127
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
51488
x-served-by
cache-iad-kcgs7200140-IAD, cache-fra-eddf8230148-FRA
last-modified
Fri, 24 Feb 2023 22:22:08 GMT
server
nginx
x-timer
S1716708766.675901,VS0,VE91
etag
"2059146245c685ae45421e5d62f7889a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
26104, 0

Redirect headers

date
Sun, 26 May 2024 07:32:45 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/ekyaztee-640.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
brdl0QakRVxTX-vMuEuDTrKa30O2lGOzqlDlCLG1-UTAoMKhsxIlSg==
bridge3.642.0_en.html
imasdk.googleapis.com/js/core/ Frame FE23 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.642.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://offsitebu.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
107145
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
256031
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 25 May 2024 01:47:00 GMT
expires
Sun, 25 May 2025 01:47:00 GMT
last-modified
Thu, 23 May 2024 15:17:24 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 26 May 2024 07:32:45 GMT
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-503251238&e=e&n=8552414119089635&abc=0&abt=128_sendDomainToFeedsOn&aid=boLlz5OKEe2cDqJLey88AQ&amp=0&ask=DmULPHgQ&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=3&emi=62vyldh0vmwm&i=0&id=MvJVeurx&lid=1wunu5h6me4c&lsa=read&mt=1&pbd=1&pbr=1&pgi=14onx5v1aok7&ph=1&pid=jqAzneno&pii=0&pl=360&plc=15&pli=9s561118jgec&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Easy%20Tried%20and%20True%20Recipes%20-%20Daily%20Yum&pu=https%3A%2F%2Foffsitebu.info%2F&pv=8.30.0&pyc=0&s=1&sdk=0&stc=1&stpe=0&t=Air%20fryer%20crispy%20beet%20chips%20&tv=4.0.5&vb=0&vi=0.3&vl=90&wd=639&ab=1&cae=0&cb=0&cdid=xndzMxXT&cme=0&dd=1&fed=xndzMxXT&flc=0&fv=&ga=0&lng=en-US&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2FMvJVeurx.m3u8%3Fmax_resolution%3D1280&pbc=0&pd=2&pdr=&plng=en-US&plt=850&pni=0&po=0&sp=0&st=590&sa=1716708765528
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8c00:1b:6b7c:c940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://offsitebu.info/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
via
1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
_qrEldsSREUwPBQayzyi5-r0llnWDRfDZH-a7A2UxmJfIVEJkPvPUw==
x-cache
Miss from cloudfront
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9A11 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 26 May 2024 07:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13943
x-xss-protection
0
last-modified
Thu, 11 Apr 2024 19:10:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 26 May 2024 08:31:43 GMT
MvJVeurx-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/MvJVeurx-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/MvJVeurx-120.vtt
1 KB
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/MvJVeurx-120.vtt
Protocol
H2
Server
2a04:4e42::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7439684d29535083c9a1136d209c90c7c260085d6367677acbfa55f4d57bad14

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://offsitebu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
170
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
226
x-served-by
cache-iad-kjyo7100115-IAD, cache-fra-eddf8230067-FRA
last-modified
Thu, 06 Jul 2023 01:35:10 GMT
server
nginx
x-timer
S1716708766.686145,VS0,VE89
etag
"a7db5d2f028bedcae69ccf3b31bd07d6"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
2342, 0

Redirect headers

date
Sun, 26 May 2024 07:32:45 GMT
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/MvJVeurx-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
k7rZr3ecrdFEywUJH4QwurPb1B1D0nFP1g5EBSPOBl7nMC5dRj1dow==
507i3xgv-640.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/MvJVeurx/poster.jpg?width=640
  • https://assets-jpcust.jwpsrv.com/thumbnails/507i3xgv-640.jpg
76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/507i3xgv-640.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5625f8d73b16a5caf7d7cf02813aa42a14bd7fdc3f4f1518f4f2ecf5c4b1afb1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://offsitebu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
25
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
77995
x-served-by
cache-iad-kjyo7100047-IAD, cache-fra-eddf8230148-FRA
last-modified
Thu, 06 Jul 2023 01:42:37 GMT
server
nginx
x-timer
S1716708766.701329,VS0,VE89
etag
"7a98cbca94d7f32cd1e1f9bc38d4f246"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
94, 0

Redirect headers

date
Sun, 26 May 2024 07:32:45 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/507i3xgv-640.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
ybkO3JOIQmJXhqMbNYp20KkB7B3U2jPooQzLmhU7qgaFOLm9zetovw==
iTe3O6Kz-120.jpg
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/iTe3O6Kz-120.jpg
  • https://assets-jpcust.jwpsrv.com/strips/iTe3O6Kz-120.jpg
140 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/strips/iTe3O6Kz-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
97daf37496478563f565eca300a8ed3b312f393b7e65a78b7804e01cc6aef9dc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://offsitebu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 26 May 2024 07:32:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
491
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
142317
x-served-by
cache-iad-kiad7000094-IAD, cache-fra-eddf8230148-FRA
last-modified
Fri, 24 Feb 2023 22:21:50 GMT
server
nginx
x-timer
S1716708766.848678,VS0,VE88
etag
"1f8d35051c78382e8175f7a8b7b8ccaf"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
867, 0

Redirect headers

date
Sun, 26 May 2024 07:32:45 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/iTe3O6Kz-120.jpg
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
J7Q-RP8m8soUrdCGgrTLU9tcQD-6s9QwTkkEEGAllX9YOEkjmvk1nw==
o8h83tw7-120.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/2Rq4Dq8B/poster.jpg?width=120
  • https://assets-jpcust.jwpsrv.com/thumbnails/o8h83tw7-120.jpg
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/o8h83tw7-120.jpg
Protocol
H2
Server
2a04:4e42:400::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85fd10ed4d2568f9c073692ae5ab88fc78e2775b9f885a3b0a951674aaf96156

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://offsitebu.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 26 May 2024 07:32:46 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
570
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
10348
x-served-by
cache-iad-kjyo7100141-IAD, cache-fra-eddf8230148-FRA
last-modified
Fri, 24 Feb 2023 22:21:11 GMT
server
nginx
x-timer
S1716708766.242492,VS0,VE88
etag
"f3745806f84ec169df11c06c9bc2ae21"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
16916, 0

Redirect headers

date
Sun, 26 May 2024 07:32:46 GMT
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/o8h83tw7-120.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
kJBy_viWLMBcg9UGQUcj2Z5xzSTkRi700e0hKTwZnovnoG3H8GRChQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.jwplayer.com
URL
https://cdn.jwplayer.com/manifests/iTe3O6Kz.m3u8?max_resolution=1280

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 undefined| href object| adthriveCLS object| adthrive object| $slickBoot object| cls_disable_ads object| wprm_public object| jpibfi_options object| wprmp_public object| RocketPreloadLinksConfig object| _stq object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe undefined| $ function| jQuery function| LazyLoad function| st_go function| linktracker_init object| wpcom object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy boolean| gtag_enable_tcf_support function| __tcfapi object| pbjs object| apstag object| googletag object| _pbjsGlobals object| regeneratorRuntime object| _aps boolean| apstagLOADED object| cmp object| cmpConfiguration object| nodeScript object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| dataLayer object| _comscore object| confiant boolean| liModuleEnabled object| apscustom object| COMSCORE object| launchPad object| launchPadConfiguration function| __launchpad object| jwDefaults object| webpackChunkjwplayer function| jwplayer object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| closure_lm_881157 object| closure_lm_638524 function| addEventListenerBase

6 Cookies

Domain/Path Name / Value
offsitebu.info/ Name: __adblocker
Value: false
offsitebu.info/ Name: gdpr-auditId
Value: dedea46325ff49f5b02ce74087069e0f
offsitebu.info/ Name: geo-location
Value: {"country":"DE","region":"HE"}
offsitebu.info/ Name: ccuid
Value: 15087de4-4f7b-4235-b3c1-29779ded9801
offsitebu.info/ Name: ccsid
Value: 5412740b-7935-4914-947c-32faa0bb418b
.ccgateway.net/ Name: ccuid
Value: 15087de4-4f7b-4235-b3c1-29779ded9801

3 Console Messages

Source Level URL
Text
network error URL: https://c03f.app.slickstream.com/d/page-boot-data?site=CTQKJBFV&url=https%3A%2F%2Foffsitebu.info%2F
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c03f.app.slickstream.com/d/page-boot-data?site=CTQKJBFV&url=https%3A%2F%2Foffsitebu.info%2F
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://offsitebu.info/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ads.adthrive.com
app.slickstream.com
assets-jpcust.jwpsrv.com
c.amazon-adsystem.com
c03f.app.slickstream.com
cdn.confiant-integrations.net
cdn.jwplayer.com
cmp-consent-tool.privacymanager.io
config.aps.amazon-adsystem.com
content.jwplatform.com
entitlements.jwplayer.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
imasdk.googleapis.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
offsitebu.info
pagead2.googlesyndication.com
pb-ing.ccgateway.net
pixel.wp.com
prd.jwpltx.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssl.p.jwpcdn.com
stats.wp.com
vendors.privacymanager.io
cdn.jwplayer.com
108.138.36.3
108.138.6.136
13.32.27.122
13.32.99.27
13.32.99.52
142.250.186.66
152.199.22.243
164.90.237.173
172.217.16.130
172.64.144.166
18.172.112.22
18.244.15.236
18.244.18.38
18.245.31.92
192.0.76.3
2600:9000:21f3:8c00:1b:6b7c:c940:93a1
2600:9000:225b:4200:16:f82a:8600:93a1
2600:9000:225e:3600:1:a3fa:7cc0:93a1
2600:9000:225e:9c00:1:a3fa:7cc0:93a1
2600:9000:237d:ae00:11:2a6a:9480:93a1
2600:9000:26db:5a00:1b:d3ea:d40:93a1
2606:4700:10::6816:2e76
2a00:1450:4001:811::2006
2a00:1450:4001:813::200a
2a04:4e42:400::626
2a04:4e42::626
3.160.150.105
54.202.252.141
039027fdfb64d533991b24885cf5d2cb4ca2ce917d9b4c73f464fe0cc015024f
05ad428d61566996605db81fe11478551c1106ec292959ecc93e6e72eb88fd17
068fcfb02c6a1bb3605aa25f2ca8f71cd9317c4fd909dd2a682defc8189fd35f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07e029883bbc9adc7427cad81fd42eb4abefa79308d02af6d726a1abb2c3e7fa
085b7af1e4e0c1dfe15975fd460a0db2daa1893005af81a4df0e7e27e82295ea
0df06c875c5fc42fae96397af2e40c6201d81f4c727c1e634864313401db6c46
1169df27c860a19d96339b725c224042b54d2a3e1a77482bc9edb30c112b0fbf
1c26228a48f35b6b947725875e44570c5c742d96d6c50028973f9981d2701209
1ea778e34c3dc349a17be5ae4178fc3c759213fa2fbb945c817186fc7c83e1d3
21a8297a03caec540dddc2cca5be00026985dcb52c7e5e217729425bac96d67d
250553fd5318233a8fae063430ebde889cca2c4193d7b0e688b80578f9a98ba2
27f62274d9858073e8f3e5643a6bf652b6a1576e00dae337f8c7e12f6b91b97c
28d67e38e786f668fd2626102d56948a804d96d7e7da9fab7a7cedbde80adcf4
2908e55eb30a33aa0a6974ad7a7ba1c7f86718929abce2471760d338b944d2cf
2f9b391ce09f03b0841c105445cf76e67d6f19b4d193d9475037ef29bdd9b9cd
38215063b833b4bf896334afc70b9a0571a17534345470efaf0e36cd3de12353
3ac0e7e7f71d143292b51ee698a5795bdf2531f3739570467cfad74ad81be01a
3e9275cbfbb0a3acd0d5b2f3a8ffbf66c19697ca379bac10c1d66252c716495e
4b2c8b6e7978db1a1ba167674ddb400a9168c48d9de88016fa0cd5ff9fbe720c
4c704aede1d014c046dabc777d84a5dadfe636445c6e031cb35869edcb68c2d2
4f9f4e2e225088f9cf3b6b54aa421e0f776d1802255505d2f752e1f83f441641
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5625f8d73b16a5caf7d7cf02813aa42a14bd7fdc3f4f1518f4f2ecf5c4b1afb1
56bac9ea6760f3ff6fdd160ab7a566367558c996a5a1453b796d85f37208845f
57da007436809f672fd40685d537dff9c1041c6d662e6e98a29442462942a54c
58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61
59453cc7ce58d6637ec6586b5794cdc8c151afadb9e599a7a494cef99eb6ff4e
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5bc0d9989666598716c07a78e2e0fdcbd741d00c28da0e6ceb238060e9209abe
63d91b0e9d09a2a94c459280bfeeda40e778b3579b51aae43fe1d5e869191065
654e82c295f6853ff61029bd2ef3fbd52ccf3c5ed1d07726435231d31c86b2d7
6575fa3e27517086e42ef2851c7dd0a2c664f78f030c9c6f3a113831fe617e69
689b73bfdbec6e41e162f52507257b5da67eb295221ef27709ba191a147fa44b
68eaee1dfb1182af9bbb1cd60df98aceb32c2de546d8afe7f6480ac94679b350
69c77496e93a36c26e5f824028b89165e08e61149167c1f32bca7cc010303b2f
6b8419f63bb4186ae86a73a201c75de3a4bbbcc1c2b7910443b02261a4b29174
6c892a3b81f32ff562d0c8f44e909e65c8366453aa55cc88c8d136bb51578375
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded
7439684d29535083c9a1136d209c90c7c260085d6367677acbfa55f4d57bad14
75a257646d6715d8b5d3ecb5d27d570789080270db89900aa64d3fd4e3f3eb42
79317f11dcdac37b3a021fd1e7a44aba3d372832c7aa1f6675178ac1d5e6cd48
7d978f0c917f5ccae66063e7e3d8447c1906e1a0948b1a04a8548ec9d98f2646
829f86439bce220aa4e37a8b6ecd0e94b15b01b51725881bd3069830007a23d0
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963
85fd10ed4d2568f9c073692ae5ab88fc78e2775b9f885a3b0a951674aaf96156
88b19c9dedbd03b6f58fddfaca2aa339807f5248287fc9ee29541487e6158e20
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8ee7830c5b6fcf588dd338e19cc0f305f8f2fd07d6189f09aa70748023d1ca08
94aa0553194d7119b325a016e9582708bfc3f28102375662d79b4fb724e5ba45
97daf37496478563f565eca300a8ed3b312f393b7e65a78b7804e01cc6aef9dc
9c9760e4851e8f96d14fe6604dfb7ac26e470b212f7c62ee06d4ceb9fb3b9558
9d9e4b3660d68c14e1b89ed41f6815937e97b782d49b237b3adb4209407a1354
9f4c0014a4f36c11302077dc073ef529031ce3eebc04c0ca9bc1d7ea0ed95eca
a890ca3cb425390e992eb0280364df9d0002129f27b4fe1dd41612f23395f039
ae4711c890b3f1d5cafa29b9addf7ad1c1d5f8d2ce07dc0de6323fa2f0a62db1
b1997dab216a1ae3a6865fed352a6e580a0b7d87963556fed51daed631f6dcdf
b85686532bf02fb28b472480bc32794c7cb3f7f3c6ac57aa81b3177ab3890028
c2e9de9db2f46baf7053aa5d8402763313c5094816e9c1f7d82e3e4b30a0058d
c41e0dbe6565a4a2b82fe534555bbf2a469fcaf3c2105eb0491602b39e02dc41
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3b94b743c9c01a263a8494e6fe20d61045f87044a48db7dae6c28adf32544d9
d5efb2f774b54c8f777d3925c985eddddaf66fea49008087661656d28fc5646e
d8a55c153acb96781aa127df7db7b2b3f5ccb4670a14451b8af901081d875bca
dfbe60cd5b73c7e924d496bd28179bc4d14a5937e169382a3f2c2b11740c0ef4
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4700db5c4d259a986d368efc9ff56fd86d9459d5e64bb74bf74935d5139329c
e81065dd56ec28e086da29bf46c1df4ad3c0a84e3e26ff81f721c7091318b9d1
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f5339b2c0e2da97d564233498a2ee75b6fd895f8408d4bd90d1319d002a3f46d
f7b9a05474cefee8acce5c47bad0251ad77f6dfcd54ffd7fa9e833141d11def8