lelive.weebly.com Open in urlscan Pro
199.34.228.53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lelive.weebly.com/
Effective URL:
https://lelive.weebly.com/
Submission: On January 13 via api (January 13th 2024, 4:06:54 am UTC) from US — Scanned from DE

Summary HTTP 251 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 45 IPs in 5 countries across 30 domains to perform 251 HTTP transactions. The main IP is 199.34.228.53, located in United States and belongs to WEEBLY, US. The main domain is lelive.weebly.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 28th 2023. Valid for: a year.

This is the only time lelive.weebly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	199.34.228.53 199.34.228.53	27647 (WEEBLY) (WEEBLY)
22	2a04:4e42:400... 2a04:4e42:400::302	54113 (FASTLY) (FASTLY)
14	74.115.50.109 74.115.50.109	27647 (WEEBLY) (WEEBLY)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 13	2606:4700:303... 2606:4700:3033::ac43:84fa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2 23	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
5 6	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3 5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
4	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	54.189.77.43 54.189.77.43	16509 (AMAZON-02) (AMAZON-02)
1 4	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	92.123.148.9 92.123.148.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.41.85.159 13.41.85.159	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	18.66.147.52 18.66.147.52	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.52 99.86.4.52	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	13.42.80.79 13.42.80.79	16509 (AMAZON-02) (AMAZON-02)
251	45

20 199.34.228.53 (United States) 1 redirects

ASN27647 (WEEBLY, US)
PTR: pages-wildcard-1.weebly.com

lelive.weebly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a04:4e42:400::302 (United States)

ASN54113 (FASTLY, US)

cdn2.editmysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 74.115.50.109 (United States)

ASN27647 (WEEBLY, US)
PTR: www.weebly.com

www.weebly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3033::ac43:84fa (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

widgetic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.widgetic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.134 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.181.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.85 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.189.77.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-189-77-43.us-west-2.compute.amazonaws.com

ec.editmysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.117 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal90003.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.41.85.159 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-41-85-159.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-52.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-52.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.42.80.79 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-80-79.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 static.doubleclick.net — Cisco Umbrella Rank: 263 ad.doubleclick.net — Cisco Umbrella Rank: 163 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 126874	79 KB
34	weebly.com 1 redirects lelive.weebly.com www.weebly.com — Cisco Umbrella Rank: 20641	3 MB
32	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	4 MB
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	442 KB
24	editmysite.com cdn2.editmysite.com — Cisco Umbrella Rank: 12531 ec.editmysite.com — Cisco Umbrella Rank: 13672	566 KB
19	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 jnn-pa.googleapis.com — Cisco Umbrella Rank: 220 ajax.googleapis.com — Cisco Umbrella Rank: 369	167 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	188 KB
13	widgetic.com 1 redirects widgetic.com — Cisco Umbrella Rank: 84050 files.widgetic.com — Cisco Umbrella Rank: 271015	120 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38309 hal90003.redintelligence.net — Cisco Umbrella Rank: 210216	40 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 98	79 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	3 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 570 www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029	38 KB
4	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	12 KB
4	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 93	624 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	301 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 28599 api.webgains.io — Cisco Umbrella Rank: 69568	19 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 41332	1013 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 236	752 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1376	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 524	400 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69384	3 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 55633	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	2 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 16092	702 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 148117	923 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 600	24 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	20 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	65 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	16 KB
251	30

	Domain	Requested by
32	www.youtube.com	lelive.weebly.com www.youtube.com
23	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net
22	cdn2.editmysite.com	lelive.weebly.com cdn2.editmysite.com
21	pagead2.googlesyndication.com	www.weebly.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com lelive.weebly.com www.googletagservices.com
20	lelive.weebly.com	1 redirects lelive.weebly.com cdn2.editmysite.com
16	jnn-pa.googleapis.com	www.youtube.com
14	www.weebly.com	lelive.weebly.com
12	widgetic.com	1 redirects lelive.weebly.com widgetic.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
8	www.gstatic.com	www.youtube.com www.gstatic.com
8	fonts.gstatic.com	www.youtube.com
6	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.google.com	www.youtube.com tpc.googlesyndication.com
4	hal90003.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90003.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal90003.redintelligence.net
4	yt3.ggpht.com	www.youtube.com
4	i.ytimg.com	www.youtube.com
4	static.doubleclick.net	www.youtube.com
4	www.googletagmanager.com	lelive.weebly.com www.googletagmanager.com adv.office-partner.de
3	pv.medialead.de	hal90003.redintelligence.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	ad.doubleclick.net	googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	5994599.fls.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	ec.editmysite.com	cdn2.editmysite.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	bam.nr-data.net	widgetic.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	fonts.googleapis.com	widgetic.com hal90003.redintelligence.net
1	adservice.google.com	5994599.fls.doubleclick.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	googleads.g.doubleclick.net
1	www.facebook.com	widgetic.com
1	www.awin1.com	hal90003.redintelligence.net
1	adv.office-partner.de	hal90003.redintelligence.net
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	widgetic.com
1	ssl.google-analytics.com	lelive.weebly.com
1	js-agent.newrelic.com	widgetic.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	files.widgetic.com	widgetic.com
1	cdn.jsdelivr.net	widgetic.com
251	46

This site contains links to these domains. Also see Links.

Domain
www2.bingfeng.tw
www.game735.com
www.facebook.com
www.youtube.com
mega.nz
www.weebly.com

Subject Issuer	Validity	Valid
*.weebly.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-28` - `2024-11-15`	a year	crt.sh
*.editmysite.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-12` - `2024-07-13`	a year	crt.sh
www.weebly.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-09-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
widgetic.com E1	`2024-01-08` - `2024-04-07`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
ec.editmysite.com Amazon RSA 2048 M01	`2023-06-12` - `2024-07-10`	a year	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-22` - `2024-01-20`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://lelive.weebly.com/
Frame ID: A16CD62ECAEDEB7D76EAE97A376190ED
Requests: 69 HTTP requests in this frame

Frame: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
Frame ID: 35B00F8EF00150F4828F99E7033875CD
Requests: 17 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
Frame ID: 24C390CCA8DB2F86558136AB7356284D
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 12631721326574971CB99ADF997FF041
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
Frame ID: 2428264A18C7886941207E1D9DC767C5
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3728641180&adf=1460459252&w=468&lmt=1705118807&ad_type=text_image&format=468x60_as&color_bg=000000&color_border=000000&color_link=FFFFFF&color_text=CCCCCC&color_url=999999&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=000000&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807296&bpp=171&bdt=1003&idt=369&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&correlator=4322789930108&frm=20&pv=2&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=566&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=377
Frame ID: A0061E10194C6A3AD16D3A69FAB93F40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=843395539&w=468&lmt=1705118807&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807679&bpp=1&bdt=1387&idt=1&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=1&fsb=1&dtd=3
Frame ID: 102D30B8BA3BBD41F687C003E63A6F42
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=3566803071&adf=4055878447&w=728&lmt=1705118807&ad_type=image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807304&bpp=164&bdt=1011&idt=388&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=389
Frame ID: D6B5695F32F33F5876C0FC411EAB84BD
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=250&adk=597672501&adf=2042640218&w=300&lmt=1705118807&ad_type=text_image&format=300x250_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807701&bpp=1&bdt=1408&idt=1&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=2&fsb=1&dtd=2
Frame ID: 1E8241CDBED16D091167BB0B74038266
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=1030568439&w=468&lmt=1705118807&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807704&bpp=1&bdt=1411&idt=1&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=4476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&btvi=3&fsb=1&dtd=2
Frame ID: 91D425377A7397BAD70F1E384262BA63
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1705118807&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807432&bpp=36&bdt=1139&idt=281&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=4&fsb=1&dtd=283
Frame ID: 8A1A1B1BA39BA51A7D8916FB55AE5C4C
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=4027036295&w=468&lmt=1705118807&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807733&bpp=1&bdt=1441&idt=1&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as%2C728x90_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=4476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&btvi=5&fsb=1&dtd=3
Frame ID: C19810B8DA831DBE751E1F24890264E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=2776088540&adf=2540194251&w=468&lmt=1705118807&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807452&bpp=17&bdt=1159&idt=294&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as%2C728x90_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=919&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=6&fsb=1&dtd=295
Frame ID: AE861F02F7192C969386726A1AEF4087
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
Frame ID: DBA3B4318026B9D18BFBA0776CC09C7A
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=3310464510&w=468&lmt=1705118807&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807501&bpp=1&bdt=1209&idt=265&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as%2C728x90_as%2C468x60_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=7&fsb=1&dtd=267
Frame ID: 914CB57C0662BDA62942BE836ACF516F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=1230979907&adf=3956329256&w=234&lmt=1705118807&ad_type=text_image&format=234x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807503&bpp=1&bdt=1211&idt=356&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as%2C728x90_as%2C468x60_as%2C468x60_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=2301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=8&fsb=1&dtd=358
Frame ID: CA373A6BDF83F68F6BC2EE0B598DFBA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=2671402218&adf=898975295&w=728&lmt=1705118807&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807517&bpp=1&bdt=1225&idt=429&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as%2C728x90_as%2C468x60_as%2C468x60_as%2C468x60_as%2C234x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3064&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=9&fsb=1&dtd=431
Frame ID: ABEBD4C153BFC08577907942414246B9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNU0MbD7qEcd_f7B5tKU5ZuheP6rObQ0Ao1Pq4XtrMiuaaYcKNmhYOIkbfR0HWbbvRAMZfPUhGw8SSowLojJbcXacZsoWcQ96TPYfbgvnXOyCATBc3tCLQM8ZKvKZDRJKL_3GcLx6PefHvqqsZ4MWbI-29ylszIVaR43-OwvQQKBn3zrKeM
Frame ID: 9900D58E02C7CE7AB579468A0010E3CF
Requests: 5 HTTP requests in this frame

Frame: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
Frame ID: 82749771F7E85F5487A30D5E557ED2A7
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiP9b7cATAB&v=APEucNXE21CmRWMpsfcbaUiYrH-Lx1anZ-E_kX6i-EJyrCe2JT-hxRwWO1ACHW8Rs_VIabl1UVtxKEDGCxUNwYg5H_nOxgZ563cV2Cfl_NIxUYAoLAQVBJFz__DJfx2m9JXjklbnXud3BSL8b43IslhRW6zVFL2p3tm7K0Cu0ia8VZruk0nC4h4
Frame ID: DAB13969207C67EEDCDDA470E86CCAB8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=2127476350&adf=3363419344&w=468&lmt=1705118808&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807759&bpp=1&bdt=1466&idt=1&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D482594ecf4059e21%3AT%3D1705118807%3ART%3D1705118807%3AS%3DALNI_MY1NxPkLgaWQaJesmeZLp8FPY2fvQ&gpic=UID%3D00000d40837e7a92%3AT%3D1705118807%3ART%3D1705118807%3AS%3DALNI_Mbw3RC9pVgYUeHgEn4FKAPluw1s3w&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as%2C728x90_as%2C468x60_as%2C468x60_as%2C468x60_as%2C234x60_as%2C728x90_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=5189&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=10&fsb=1&dtd=453
Frame ID: 861FCCAAF930D52EE81D2CE212368FDF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 66754787A44C8056E5D6A6BC05556E68
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&adk=1812271804&adf=3025194257&lmt=1705118808&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118808437&bpp=1&bdt=2145&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D482594ecf4059e21%3AT%3D1705118807%3ART%3D1705118807%3AS%3DALNI_MY1NxPkLgaWQaJesmeZLp8FPY2fvQ&gpic=UID%3D00000d40837e7a92%3AT%3D1705118807%3ART%3D1705118807%3AS%3DALNI_Mbw3RC9pVgYUeHgEn4FKAPluw1s3w&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as%2C728x90_as%2C468x60_as%2C468x60_as%2C468x60_as%2C234x60_as%2C728x90_as%2C468x60_as&nras=1&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&psts=AOrYGslP53SU3kHd5VdXfk3C3xmIZf4-DQ3cF60UD73UhFH_cfsdpDtSNR9NlonobG9qJSYwUZxpazWyLWKnmXDPgCfnOpTa&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=15&uci=a!f&fsb=1&dtd=10
Frame ID: B1C160C331CB991572AD76C73A7E73CC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 2BB63F18A5B8BA49F723648BFE6DEC44
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=64126200008893804444550012568003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: F98C68CB8EA23EB3BF977A9632474F96
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: FFB887AE7AC071AA38ADB307DB0B385D
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/talksometingshit&width&layout=button_count&action=like&show_faces=false&share=false&height=80
Frame ID: 80C78C19E7FBF4DEBB498D5B0B73A0FD
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNfWpse-2YMDFfnnOwIdBD0Ezg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1743267619023.0723
Frame ID: 6184C644B867ED52785D70500535F311
Requests: 2 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=64126200008893804444550012568003&a=76507fbf
Frame ID: A81D0D65E1C64ADB9E9186D8C9C4493B
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 81874B12B6D1D948072B3E80313FC453
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EA71996D6020F55375C238D2FFEE058B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sidsupertool - Sid超級流亡輔助

Page URL History Show full URLs

http://lelive.weebly.com/ HTTP 301
https://lelive.weebly.com/ Page URL

Detected technologies

Weebly (CMS) Expand

Overall confidence: 100%
Detected patterns

cdn\d+\.editmysite\.com

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

251
Requests

96 %
HTTPS

55 %
IPv6

30
Domains

46
Subdomains

45
IPs

5
Countries

9606 kB
Transfer

22965 kB
Size

27
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www2.bingfeng.tw/thread-616556-1-1.html?x=252309
Title: 冰楓論壇

Search URL Search Domain Scan URL

URL: https://www.game735.com/p-325966-421647.html
Title: 夢遊電玩論壇

Search URL Search Domain Scan URL

URL: https://www.facebook.com/talksometingshit/
Title: FB粉絲專頁: @talksometingshit

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCTZxcsGnHgKFZbTjg4_u11A

Search URL Search Domain Scan URL

URL: https://mega.nz/#F!RAVBnC6B!T1CkjnmjcoBfdYj4az-IuQ
Title: 免費下載(點我)

Search URL Search Domain Scan URL

URL: https://www.weebly.com/signup?utm_source=internal&utm_medium=footer
Title: Unterstützt von Erstellen Sie mit anpassbaren Vorlagen Ihre eigene einzigartige Website. Legen Sie los

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lelive.weebly.com/ HTTP 301
https://lelive.weebly.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://widgetic.com/wbl/app/53f6253e09c7e204038b4567?wbl[wid]=069b0a64-e565-4ce4-8775-ddeb28af730c&wbl[uid]=77032051&wbl[sid]=693506005579234598&prod&autoscale= HTTP 301
https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com

Request Chain 85

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 88

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHLTfvRDq1rhhR-1b0a3TU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHLTfvRDq1rhhR-1b0a3TU&google_cver=1&C=1

Request Chain 140

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaIMWEwhELNaqDSuUk.tZAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHLTfvRDq1rhhR-1b0a3TU&google_cver=1&google_hm=2

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOI3p4HsitjaAk6IAQMeyJ8&google_cver=1

Request Chain 142

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4MjM2MjU5Mzk2OTU1MzMyMg%3D%3D

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELPPMJblemtg8W12jAllB6s&google_cver=1

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEMR9VIWRhXVoulKcBwBEwME&google_cver=1

Request Chain 209

https://hal90003.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=2c7a08a60f&subid=&uid=e0779d91ec7150c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUZ6RVwyiZeK_LIDv9u8PuduNuA-m5b2gaYWVnKfJD_AuEAEgsqHeeGCV4pCCoAfIAQmpAj0HElBUY7I-qAMByAObhICABKoEpgJP0JyDYKiZ69r1AS9JA8T44uTOfIDnpc_Ezt8utTes_mZEq28PbRI5rk5sjpXtIpQSR7Y56QAAoZqd06AhrD71_KFtjqrQTqX5gpdkQTr4Br5k148wFKi6ns2YYh0dKmguas-COQ1BXSDnKbI0pQ_RIrcUuX8twhlv9YbELNBuztkYLawbMY7OxXHr48ENRo-czL5uHZBfiQEg2p13-UMKtlfXLapSRXG8pt0A6j3EVdUsedSCmzYM4Op4knkJJ4-VW_Rk8mmNwxpcyZFC9gsWcwQnyl3NEvf0ilsGISM85lVUFAUEd85-DjdUxjtHK618Wl_9VoSBkSNckZ72L1GZ1Xgo0BQDCv2SQ9fV3N4HFMq5HobW0vs6i5bmSbHZPkLRNTzRFt_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYv63Wxr7ZgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_C9m2ttAdYO3mUymr6sxrzeUsQOVBf4aJ9XIC_UU3JiZ8XpqIiHx8BwPGfSoV1xuqaTdydmPwnUniF7PCpeEUIOVln1IHtKAv0xgB%26sig%3DAOD64_1u62q-E9nAHDo0UiQPdFOyrsg9iA%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQJoXBfQxZE4TeIr0BHF5uFMKX4coTJJ-plxoLJojNNJDfL1KKKeuxW4DoJbal0bej-3Dc0t-4ySdVH-4UjcKxWDtz_uFKA02G1KIPAokGaJxmZdxOuNAh6pV922o88s38d6-JdN6K6ITuzLFlKenwh7GHFP5uCMTbBPOQ_UioK4aR5Es%26cry%3D1%26dbm_d%3DAKAmf-C1T9t7mhsS_KP5NOYfBOWlPt1mrXvtEkh39iEJN9u6I4Doh2FGtYbtLmL1K9lsJGQ3rwyeB0obzhWJHZoTYKHIMqkblLz7QPadvRK1S4UY3iGZy7oghPlepnJ3F1bs5DguHggOwq9NuLJuD7tr_9kljv6OkQlnvZNQGJdSQABkehvf-hTzuZd19pDiWMjYIRPZxSzwx53Bd5IYsi345GKRcgWSKs4Fe4U0KCkpxO0tvtthMm9HHDA58dL-_773zyV_zupzDh5fewdPzrpcj1ZjN7iomKVWi4bigGzgeRxREDmsQGC3k_RRhND6PNdYESD3lJsUhFlGHsYtCHodwOrUPQyOAbI5n-0Un86kFhdyVyIGCQXXiYHoVlP0Z5UOOLDAm_KW5Ye7fT2wMSRI7HF7nVfqn9chyu4oOYfwpDEwqDB3iQlZpTFHONT_f1Z-zT3V22GfQhlIiMN4V1UidnlxBEPJp2jquuJMD7VbsZtQaxcdnlFNgjypTAmAE5AHiS_nZp7zDTyUKf0hHsSF93OsZ5lRcQ%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=2995529277394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90003.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=2c7a08a60f&subid=&uid=e0779d91ec7150c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUZ6RVwyiZeK_LIDv9u8PuduNuA-m5b2gaYWVnKfJD_AuEAEgsqHeeGCV4pCCoAfIAQmpAj0HElBUY7I-qAMByAObhICABKoEpgJP0JyDYKiZ69r1AS9JA8T44uTOfIDnpc_Ezt8utTes_mZEq28PbRI5rk5sjpXtIpQSR7Y56QAAoZqd06AhrD71_KFtjqrQTqX5gpdkQTr4Br5k148wFKi6ns2YYh0dKmguas-COQ1BXSDnKbI0pQ_RIrcUuX8twhlv9YbELNBuztkYLawbMY7OxXHr48ENRo-czL5uHZBfiQEg2p13-UMKtlfXLapSRXG8pt0A6j3EVdUsedSCmzYM4Op4knkJJ4-VW_Rk8mmNwxpcyZFC9gsWcwQnyl3NEvf0ilsGISM85lVUFAUEd85-DjdUxjtHK618Wl_9VoSBkSNckZ72L1GZ1Xgo0BQDCv2SQ9fV3N4HFMq5HobW0vs6i5bmSbHZPkLRNTzRFt_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYv63Wxr7ZgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_C9m2ttAdYO3mUymr6sxrzeUsQOVBf4aJ9XIC_UU3JiZ8XpqIiHx8BwPGfSoV1xuqaTdydmPwnUniF7PCpeEUIOVln1IHtKAv0xgB%26sig%3DAOD64_1u62q-E9nAHDo0UiQPdFOyrsg9iA%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQJoXBfQxZE4TeIr0BHF5uFMKX4coTJJ-plxoLJojNNJDfL1KKKeuxW4DoJbal0bej-3Dc0t-4ySdVH-4UjcKxWDtz_uFKA02G1KIPAokGaJxmZdxOuNAh6pV922o88s38d6-JdN6K6ITuzLFlKenwh7GHFP5uCMTbBPOQ_UioK4aR5Es%26cry%3D1%26dbm_d%3DAKAmf-C1T9t7mhsS_KP5NOYfBOWlPt1mrXvtEkh39iEJN9u6I4Doh2FGtYbtLmL1K9lsJGQ3rwyeB0obzhWJHZoTYKHIMqkblLz7QPadvRK1S4UY3iGZy7oghPlepnJ3F1bs5DguHggOwq9NuLJuD7tr_9kljv6OkQlnvZNQGJdSQABkehvf-hTzuZd19pDiWMjYIRPZxSzwx53Bd5IYsi345GKRcgWSKs4Fe4U0KCkpxO0tvtthMm9HHDA58dL-_773zyV_zupzDh5fewdPzrpcj1ZjN7iomKVWi4bigGzgeRxREDmsQGC3k_RRhND6PNdYESD3lJsUhFlGHsYtCHodwOrUPQyOAbI5n-0Un86kFhdyVyIGCQXXiYHoVlP0Z5UOOLDAm_KW5Ye7fT2wMSRI7HF7nVfqn9chyu4oOYfwpDEwqDB3iQlZpTFHONT_f1Z-zT3V22GfQhlIiMN4V1UidnlxBEPJp2jquuJMD7VbsZtQaxcdnlFNgjypTAmAE5AHiS_nZp7zDTyUKf0hHsSF93OsZ5lRcQ%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=2995529277394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 228

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1743267619023.0723 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNfWpse-2YMDFfnnOwIdBD0Ezg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1743267619023.0723

251 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
lelive.weebly.com/
Redirect Chain

http://lelive.weebly.com/
https://lelive.weebly.com/

122 KB
23 KB

594ms
231ms

Document
text/html

199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: Apache /
Resource Hash: 50c040bd4b2c4cd2ed11ef053f28199b8af7d65e71982876d6683b8e62231f37

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 22549
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jan 2024 04:06:46 GMT
ETag: W/"489303f4ff5590518e4b4a7818081149-gzip"
Keep-Alive: timeout=10, max=64
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
X-Host: blu151.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1

Redirect headers

Connection: Keep-Alive
Content-Length: 350
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Jan 2024 04:06:45 GMT
Keep-Alive: timeout=10, max=49
Location: https://lelive.weebly.com/
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: blu80.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1

GET
H2 200 sites.css
cdn2.editmysite.com/css/ 206 KB
29 KB 37ms
7ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1695407040
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b6bd64c8f7d37dd7bd34e3760cfffa93a982937376e2c02708f63c35c645a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 626, 1
date: Sat, 13 Jan 2024 04:06:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 315312
x-cache: HIT, HIT
x-host: grn61.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29663
x-served-by: cache-sjc1000123-SJC, cache-fra-eddf8230127-FRA
last-modified: Mon, 08 Jan 2024 23:21:04 GMT
server: nginx
x-timer: S1705118806.325864,VS0,VE1
etag: W/"659c8360-337f6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 23 Jan 2024 12:31:34 GMT

GET
H2 200 fancybox.css
cdn2.editmysite.com/css/old/ 4 KB
1 KB 37ms
8ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/old/fancybox.css?1695407040
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 31, 1
date: Sat, 13 Jan 2024 04:06:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 827691
x-cache: HIT, HIT
x-host: blu147.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
x-served-by: cache-sjc1000141-SJC, cache-fra-eddf8230127-FRA
last-modified: Wed, 20 Dec 2023 14:46:30 GMT
server: nginx
x-timer: S1705118806.326007,VS0,VE1
etag: "6582fe46-f47"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 17 Jan 2024 14:11:55 GMT

GET
H2 200 social-icons.css
cdn2.editmysite.com/css/ 13 KB
2 KB 11ms
10ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/social-icons.css?buildtime=1695407040
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 75287fc9ac71538e0c1a0ffb799246ce84c80678574d4f5714a9f7c9de1ef6b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 1207, 1
date: Sat, 13 Jan 2024 04:06:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 756392
x-cache: HIT, HIT
x-host: blu124.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1640
x-served-by: cache-sjc10054-SJC, cache-fra-eddf8230127-FRA
last-modified: Wed, 03 Jan 2024 22:06:59 GMT
server: nginx
x-timer: S1705118806.471982,VS0,VE1
etag: W/"6595da83-3319"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 18 Jan 2024 10:00:14 GMT

GET
H/1.1 200
OK main_style.css
lelive.weebly.com/files/ 52 KB
8 KB 196ms
182ms Stylesheet
text/css 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/files/main_style.css?1695475049
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: 3d82a30f93efc36ce7c910d93e783da263c69d71fce36b40c74bad6761e6f784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:46 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Content-Type: text/css
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Host: grn27.sf2p.intern.weebly.net
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type

GET
H2 200 font.css
cdn2.editmysite.com/fonts/Cabin/ 2 KB
516 B 8ms
7ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Cabin/font.css?2
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b4f2de5b6b0ce67eb0bdb6bdb1a0272ce6c6a17d9632ec9a090565d339836ab1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 40, 9
date: Sat, 13 Jan 2024 04:06:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 916201
x-cache: HIT, HIT
x-host: blu42.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 323
x-served-by: cache-sjc10064-SJC, cache-fra-eddf8230127-FRA
last-modified: Wed, 20 Dec 2023 14:42:55 GMT
server: nginx
x-timer: S1705118806.472007,VS0,VE0
etag: "6582fd6f-6ae"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 10 Jan 2024 00:02:09 GMT

GET
H2 200 font.css
cdn2.editmysite.com/fonts/Montserrat/ 852 B
633 B 8ms
8ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Montserrat/font.css?2
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf91769ae11889ad46b8090d0d4d58a4621f2bcea35d1d8d96ea5e38ba34ee73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 24, 1882
date: Sat, 13 Jan 2024 04:06:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 831710
x-cache: HIT, HIT
x-host: grn24.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 276
x-served-by: cache-sjc1000108-SJC, cache-fra-eddf8230127-FRA
last-modified: Wed, 20 Dec 2023 14:42:56 GMT
server: nginx
x-timer: S1705118806.471951,VS0,VE0
etag: "6582fd70-354"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 10 Jan 2024 09:08:46 GMT

GET
H/1.1 200
OK templateArtifacts.js Show response
lelive.weebly.com/files/ 7 KB
2 KB 243ms
195ms Script
application/x-javascript 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/files/templateArtifacts.js?1695475049
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: 5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:46 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Content-Type: application/x-javascript
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Host: blu135.sf2p.intern.weebly.net
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type

GET
H3 200 jquery-1.8.3.min.js Show response
cdn2.editmysite.com/js/ 91 KB
33 KB 7ms
6ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 1, 4585
date: Sat, 13 Jan 2024 04:06:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 277111
x-cache: HIT, HIT
x-host: blu27.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33467
x-served-by: cache-sjc10032-SJC, cache-fra-eddf8230070-FRA
last-modified: Tue, 09 Jan 2024 18:38:49 GMT
server: nginx
x-timer: S1705118807.619487,VS0,VE0
etag: "659d92b9-16dc4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 23 Jan 2024 23:08:15 GMT

GET
H3 200 stl.js Show response
cdn2.editmysite.com/js/lang/zh/ 174 KB
35 KB 159ms
159ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/lang/zh/stl.js?buildTime=1695407040&
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b3d6d3457ddbc28733708a97511fcd0f5ab4adfc553f667319d8a3b2c5fd9fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 19, 0
date: Sat, 13 Jan 2024 04:06:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 783099
x-cache: HIT, MISS
x-host: blu59.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 35592
x-served-by: cache-sjc1000144-SJC, cache-fra-eddf8230070-FRA
last-modified: Wed, 03 Jan 2024 22:06:41 GMT
server: nginx
x-timer: S1705118807.619973,VS0,VE152
etag: "6595da71-2b716"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 18 Jan 2024 02:35:08 GMT

GET
H3 200 main.js Show response
cdn2.editmysite.com/js/site/ 466 KB
143 KB 12ms
12ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/main.js?buildTime=1695407040
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 593fec175b00a1f118f77bb8ed378e857e9f1225f0fc019fcea508b27da53cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 11, 1
date: Sat, 13 Jan 2024 04:06:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 759295
x-cache: HIT, HIT
x-host: blu63.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146401
x-served-by: cache-sjc10053-SJC, cache-fra-eddf8230070-FRA
last-modified: Wed, 03 Jan 2024 22:07:21 GMT
server: nginx
x-timer: S1705118807.620060,VS0,VE1
etag: "6595da99-74804"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 18 Jan 2024 09:11:52 GMT

GET
H3 200 commerce-core.js Show response
cdn2.editmysite.com/js/site/ 61 KB
17 KB 20ms
19ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/commerce-core.js?buildTime=1695407040
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c92cb0522b1d208dc559aa35f8a3c3ce7b922ab57a5475691ef9b13e453d912a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 3, 1
date: Sat, 13 Jan 2024 04:06:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 295271
x-cache: HIT, HIT
x-host: blu110.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17388
x-served-by: cache-sjc1000094-SJC, cache-fra-eddf8230070-FRA
last-modified: Mon, 08 Jan 2024 23:21:36 GMT
server: nginx
x-timer: S1705118807.620352,VS0,VE1
etag: "659c8380-f57e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 23 Jan 2024 18:05:35 GMT

GET
H3 200 main-commerce-browse.js Show response
cdn2.editmysite.com/js/site/ 63 KB
17 KB 8ms
7ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/main-commerce-browse.js?buildTime=1695407040
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ea7eb2db1daff0d7aa92a53783cec476e61fd78cad5750960db0e78fe161a7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 4, 1
date: Sat, 13 Jan 2024 04:06:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 677710
x-cache: HIT, HIT
x-host: grn158.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17017
x-served-by: cache-sjc10022-SJC, cache-fra-eddf8230070-FRA
last-modified: Fri, 05 Jan 2024 01:49:09 GMT
server: nginx
x-timer: S1705118807.620340,VS0,VE1
etag: "65976015-fa44"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 19 Jan 2024 07:51:36 GMT

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
700 B 602ms
216ms Script
text/html 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=728943538380729393&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=000000&bgcolor=000000&linkcolor=FFFFFF&textcolor=CCCCCC&urlcolor=999999
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: d6ce93a92222ddec5150f9d4788ea2e4df4108d21666ed8a47a3977c8abb1363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn99.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=69
Content-Length: 304
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 574 B
703 B 607ms
215ms Script
text/html 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=505443558143390018&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 6d78ef2f662f5d46e6f413692e17f19c592a701035e01f7be6165768af75d195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn115.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=26
Content-Length: 306
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK webp-net-gifmaker.gif
lelive.weebly.com/uploads/7/7/0/3/77032051/published/ 216 KB
217 KB 387ms
192ms Image
image/gif 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/published/webp-net-gifmaker.gif?1633195245
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: 66b9bd62e2a6489437cc7b3fbcd931b99bdef0731d8abc27faae0cc7184626ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:46 GMT
X-Storage-Object: 66b9bd62e2a6489437cc7b3fbcd931b99bdef0731d8abc27faae0cc7184626ff
Last-Modified: Sat, 02 Oct 2021 17:20:51 GMT
Server: nginx
x-amz-request-id: tx00000c7149c98181a68a1-00658516b5-db1eedd-sfo1
ETag: "657ada42d48af91f73256f9885a02689"
Content-Type: image/gif
x-rgw-object-type: Normal
X-Storage-Bucket: z66b9
X-Host: grn52.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 221276

GET
H/1.1 200
OK webp-net-gifmaker-1.gif
lelive.weebly.com/uploads/7/7/0/3/77032051/published/ 364 KB
364 KB 434ms
191ms Image
image/gif 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/published/webp-net-gifmaker-1.gif?1633079891
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: 7e3f976c2c4dde40f1a02ee46c1b1fe52274e3b5504330001f430e8c49cee197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:46 GMT
X-Storage-Object: 7e3f976c2c4dde40f1a02ee46c1b1fe52274e3b5504330001f430e8c49cee197
Last-Modified: Fri, 01 Oct 2021 09:18:11 GMT
Server: nginx
x-amz-request-id: tx00000bbb032e3eafc2f9d-00658505d3-db1c716-sfo1
ETag: "23443fb7723ce8aaf7fbf969f345d849"
Content-Type: image/gif
x-rgw-object-type: Normal
X-Storage-Bucket: z7e3f
X-Host: blu90.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 372628

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
704 B 524ms
203ms Script
text/html 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=624358142503171732&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 2b6fb0ac94d87d6b40064bf2f8d3bb86b12763753c22f80a300e379a2c43a4f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: blu107.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=35
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
703 B 544ms
210ms Script
text/html 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=462033732328113390&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: blu44.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=49
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
703 B 556ms
216ms Script
text/html 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=640257324145581103&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn24.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=35
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
703 B 550ms
211ms Script
text/html 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=552702152350086236&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=234x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: e8821034e71a6846405afa2bf49ff6c54799c542462e165c0e1a722c1ecccaab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn88.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=69
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
641 B 193ms
192ms Script
text/html 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=421482100300384280&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 2b6fb0ac94d87d6b40064bf2f8d3bb86b12763753c22f80a300e379a2c43a4f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn115.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=53
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK 1847905122.png
lelive.weebly.com/uploads/7/7/0/3/77032051/editor/ 666 KB
666 KB 245ms
188ms Image
image/png 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/editor/1847905122.png?1578339909
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: 3704514135a2ee6042c185a2822cdecba0b26192fccd0f92fbae1dd383668c71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
X-Storage-Object: 3704514135a2ee6042c185a2822cdecba0b26192fccd0f92fbae1dd383668c71
Last-Modified: Mon, 06 Jan 2020 19:45:01 GMT
Server: nginx
x-amz-request-id: tx0000050638fd42f626855-006584f343-e4e0628-sfo1
ETag: "2b6ca3176300f1badc0f4c140ab43495"
Content-Type: image/png
x-rgw-object-type: Normal
X-Storage-Bucket: z3704
X-Host: blu90.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 681728

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
641 B 215ms
215ms Script
text/html 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=313710685213427552&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: blu107.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=34
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 581 B
641 B 225ms
224ms Script
text/html 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=525252718564449301&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=300x250&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 094a6590bee6ff08b4562f09ee54e0b4c0ef6ae9a0698f1e4dd82f3ad9687d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: blu107.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=50
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK 1163223583_orig.png
lelive.weebly.com/uploads/7/7/0/3/77032051/ 467 KB
467 KB 419ms
185ms Image
image/png 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/1163223583_orig.png
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: 92e5b01fdfb274bc715d8ad5a4ff8ef7262d7467a23657e88f4562c05adbffdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
X-Storage-Object: 92e5b01fdfb274bc715d8ad5a4ff8ef7262d7467a23657e88f4562c05adbffdb
Last-Modified: Mon, 06 Jan 2020 20:19:15 GMT
Server: nginx
x-amz-request-id: tx00000333cabeedb85b7f0-0065854c1f-e4e0628-sfo1
ETag: "6b816d2097076c934851bf81f7f49537"
Content-Type: image/png
x-rgw-object-type: Normal
X-Storage-Bucket: z92e5
X-Host: blu86.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 478028

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
640 B 197ms
197ms Script
text/html 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=103887850534687975&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn24.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=34
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
640 B 217ms
217ms Script
text/html 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=892243738160099283&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn24.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=75
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK 1127343908_orig.png
lelive.weebly.com/uploads/7/7/0/3/77032051/ 385 KB
385 KB 564ms
199ms Image
image/png 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/1127343908_orig.png
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: 48ea13cf7f03e447f96b6fa72496d962cdb27cd611a5b4e643354f85f800b9f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
X-Storage-Object: 48ea13cf7f03e447f96b6fa72496d962cdb27cd611a5b4e643354f85f800b9f0
Last-Modified: Tue, 09 Jul 2019 03:41:29 GMT
Server: nginx
x-amz-request-id: tx00000350806406f8589d6-0065853090-e4e0628-sfo1
ETag: "9664c8fce58495ccb5a0bc33e7d49cb8"
Content-Type: image/png
x-rgw-object-type: Normal
X-Storage-Bucket: z48ea
X-Host: blu119.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 393982

GET
H/1.1 200
OK 1029564595.jpg
lelive.weebly.com/uploads/7/7/0/3/77032051/published/ 39 KB
39 KB 180ms
179ms Image
image/jpeg 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/published/1029564595.jpg?1632845524
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: 06e9d4c0c519d72b481e8f1f427b568f5468ce0eb9cb1cc0a554ac3925970070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:48 GMT
X-Storage-Object: 06e9d4c0c519d72b481e8f1f427b568f5468ce0eb9cb1cc0a554ac3925970070
Last-Modified: Tue, 28 Sep 2021 16:12:04 GMT
Server: nginx
x-amz-request-id: tx00000660b59834e1799c7-0065851b15-e4e0628-sfo1
ETag: "69e6289b1545e8136e9fecaca1d41196"
Content-Type: image/jpeg
x-rgw-object-type: Normal
X-Storage-Bucket: z06e9
X-Host: blu86.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39724

GET
H/1.1 200
OK 1003025771.jpg
lelive.weebly.com/uploads/7/7/0/3/77032051/editor/ 27 KB
28 KB 177ms
176ms Image
image/jpeg 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/editor/1003025771.jpg?1562643759
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: a859cebdde9b57c94d1e5e9dee2c3e42aff28bb99644deef15d7e15dff566450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:48 GMT
X-Storage-Object: a859cebdde9b57c94d1e5e9dee2c3e42aff28bb99644deef15d7e15dff566450
Last-Modified: Tue, 09 Jul 2019 03:42:39 GMT
Server: nginx
x-amz-request-id: tx000006260bfb97214c3a0-0065852047-db1a051-sfo1
ETag: "51efaa7647a565dc26b1905565b9ee27"
Content-Type: image/jpeg
x-rgw-object-type: Normal
X-Storage-Bucket: za859
X-Host: grn50.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27863

GET
H/1.1 200
OK 1202643573_orig.jpg
lelive.weebly.com/uploads/7/7/0/3/77032051/ 93 KB
94 KB 196ms
196ms Image
image/jpeg 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/1202643573_orig.jpg
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: 4dc93ba28625d775dd7e9298da5dcb6f7feb5581d35ed9263b80b546b2bff072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:48 GMT
X-Storage-Object: 4dc93ba28625d775dd7e9298da5dcb6f7feb5581d35ed9263b80b546b2bff072
Last-Modified: Tue, 28 Sep 2021 16:03:11 GMT
Server: nginx
x-amz-request-id: tx0000096afd6e689ce783c-006584da0f-db1a051-sfo1
ETag: "e73478a7344bc7b777830740b0c588eb"
Content-Type: image/jpeg
x-rgw-object-type: Normal
X-Storage-Bucket: z4dc9
X-Host: grn30.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95547

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
640 B 201ms
201ms Script
text/html 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=117595008979775322&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn24.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=33
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
640 B 206ms
206ms Script
text/html 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=552573448432664685&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn24.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=23
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
640 B 213ms
213ms Script
text/html 74.115.50.109
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=885823029419344753&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.109 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn24.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=42
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H3 200 footer-toast-published-image-1.png
cdn2.editmysite.com/images/site/footer/ 9 KB
10 KB 8ms
8ms Image
image/png 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Thu, 20 Jul 2023 02:20:37 GMT
date: Sat, 13 Jan 2024 04:06:46 GMT
via: 1.1 varnish
age: 93648
x-guploader-uploadid: ADPycdvZSXUy5YkzAjp6kwAxcaKHmog-kWn2zmVdPHWotiX03Y9TzFx91SSZY_We1FX8ysPiZ1GRQRIpCMlhM-D-SevjoHI7tCVv
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9677
x-served-by: cache-fra-eddf8230070-FRA
last-modified: Tue, 12 Feb 2019 18:19:08 GMT
server: UploadServer
x-timer: S1705118807.907191,VS0,VE0
etag: "6e0f7ad31bf187e0d88fc5787573ba71"
x-goog-generation: 1549995548326466
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 9677
accept-ranges: bytes
x-cache-hits: 544

GET
H3 200 footerSignup.js Show response
cdn2.editmysite.com/js/site/ 4 KB
2 KB 8ms
7ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1705097857
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 2, 77
date: Sat, 13 Jan 2024 04:06:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 20779
x-cache: HIT, HIT
x-host: grn42.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1372
x-served-by: cache-sjc1000122-SJC, cache-fra-eddf8230070-FRA
last-modified: Fri, 12 Jan 2024 22:00:43 GMT
server: nginx
x-timer: S1705118807.906844,VS0,VE0
etag: "65a1b68b-e10"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 26 Jan 2024 22:20:26 GMT

GET
H/1.1 200
OK plugins.js Show response
lelive.weebly.com/files/theme/ 83 KB
19 KB 939ms
174ms Script
application/javascript 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/files/theme/plugins.js?1530561231
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: 2829e73e900aef1b3608efa7458c3cfc249e334cd561b2d33ecd84a6ef189cf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
X-Storage-Object: 2829e73e900aef1b3608efa7458c3cfc249e334cd561b2d33ecd84a6ef189cf8
Last-Modified: Wed, 28 Jul 2021 13:27:14 GMT
Server: nginx
x-amz-request-id: tx000000000000002837ba7-0062852026-b9fbc29-sfo1
ETag: W/"a8bf2ebe41b28e96d5d8deb2b83e0ee3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
x-rgw-object-type: Normal
X-Storage-Bucket: z2829
X-Host: blu78.sf2p.intern.weebly.net
Connection: keep-alive

GET
H/1.1 200
OK custom.js Show response
lelive.weebly.com/files/theme/ 7 KB
2 KB 186ms
186ms Script
application/javascript 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/files/theme/custom.js?1530561231
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: 5feb822d8698f127f0f85d3edf620c63ff5189509fb85992c1d74abbd25d83ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
Content-Encoding: gzip
X-Storage-Object: 5feb822d8698f127f0f85d3edf620c63ff5189509fb85992c1d74abbd25d83ee
Last-Modified: Thu, 02 Jan 2020 17:35:32 GMT
Server: nginx
x-amz-request-id: tx000001987377f927ca530-0065790395-db1c716-sfo1
ETag: W/"5da53b567e46be3a2bd71096fb2995bc"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
x-rgw-object-type: Normal
X-Storage-Bucket: z5feb
X-Host: grn86.sf2p.intern.weebly.net
Connection: keep-alive

GET
H/1.1 200
OK mobile.js Show response
lelive.weebly.com/files/theme/ 16 KB
5 KB 191ms
191ms Script
application/javascript 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/files/theme/mobile.js?1530561231
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: e35cdae965132932644d580706fba96e1b54e9affbe3abab406e54e95d17a0cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:48 GMT
Content-Encoding: gzip
X-Storage-Object: e35cdae965132932644d580706fba96e1b54e9affbe3abab406e54e95d17a0cd
Last-Modified: Tue, 23 Jul 2019 14:31:29 GMT
Server: nginx
x-amz-request-id: tx00000bc91ce6b1ec97c30-0065134e1d-db1a099-sfo1
ETag: W/"07e9e6c62f36b3d745591589ed2c0103"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
x-rgw-object-type: Normal
X-Storage-Bucket: ze35c
X-Host: grn62.sf2p.intern.weebly.net
Connection: keep-alive

GET
H3 200 main-customer-accounts-site.js Show response
cdn2.editmysite.com/js/site/ 522 KB
156 KB 10ms
9ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1695407040
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 207ec261a8530654204ada78a03b0cc6c129c09bac87013c3a8bb3bedfe84be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 2152, 1
date: Sat, 13 Jan 2024 04:06:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 739256
x-cache: HIT, HIT
x-host: blu47.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 159104
x-served-by: cache-sjc10070-SJC, cache-fra-eddf8230070-FRA
last-modified: Wed, 03 Jan 2024 22:07:21 GMT
server: nginx
x-timer: S1705118807.906970,VS0,VE1
etag: "6595da99-826d7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 18 Jan 2024 14:45:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 188 KB
68 KB 40ms
20ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-131254328-2

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee22348c74084e6a05ad12961e9c2b1e0385c396a1723aa19799b89ad1325cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69653
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jan 2024 04:06:47 GMT

GET
H/1.1 200
OK masthead-search.png
lelive.weebly.com/files/theme/images/ 1 KB
2 KB 214ms
180ms Image
image/png 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/files/theme/images/masthead-search.png?1695475049
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/files/main_style.css?1695475049
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: 73ba0f5e3000b016d82851828b4fc6ce832c3bf4cc3d65a6f9c0441ffda988ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/files/main_style.css?1695475049
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
X-Storage-Object: 73ba0f5e3000b016d82851828b4fc6ce832c3bf4cc3d65a6f9c0441ffda988ab
Last-Modified: Fri, 14 May 2021 00:21:57 GMT
Server: nginx
x-amz-request-id: tx000000f8a4f1ac4760065-00644b1085-da094b7-sfo1
ETag: "efe8ae967b2f94943e7529ef7c71d757"
Content-Type: image/png; charset=binary
x-rgw-object-type: Normal
X-Storage-Bucket: z73ba
X-Host: grn52.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1303

GET
H/1.1 200
OK 15050128.jpg
lelive.weebly.com/uploads/7/7/0/3/77032051/background-images/ 280 KB
280 KB 220ms
187ms Image
image/jpeg 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/background-images/15050128.jpg
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: e14430a71349a408afb658f0e495e5f15723da8d183ee851b98aefea80d8be14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:47 GMT
X-Storage-Object: e14430a71349a408afb658f0e495e5f15723da8d183ee851b98aefea80d8be14
Last-Modified: Mon, 18 Mar 2019 14:38:58 GMT
Server: nginx
x-amz-request-id: tx0000098418b338d2fff1a-0065851b13-db1eedd-sfo1
ETag: "902048c8c7467226e7ace064c78e99e3"
Content-Type: image/jpeg
x-rgw-object-type: Normal
X-Storage-Bucket: ze144
X-Host: blu126.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 286251

GET
H3 200 bold.woff2
cdn2.editmysite.com/fonts/Montserrat/ 13 KB
13 KB 18ms
9ms Font
font/woff2 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Montserrat/bold.woff2
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/fonts/Montserrat/font.css?2
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da

Request headers

Referer: https://cdn2.editmysite.com/fonts/Montserrat/font.css?2
Origin: https://lelive.weebly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 3, 2334
date: Sat, 13 Jan 2024 04:06:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 751419
x-cache: HIT, HIT
x-host: grn143.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12848
x-served-by: cache-sjc10033-SJC, cache-fra-eddf8230133-FRA
last-modified: Wed, 03 Jan 2024 20:49:17 GMT
server: nginx
x-timer: S1705118807.925889,VS0,VE0
etag: "6595c84d-3230"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 18 Jan 2024 11:23:08 GMT

GET
H3 200 bold.woff2
cdn2.editmysite.com/fonts/Cabin/ 15 KB
15 KB 16ms
8ms Font
font/woff2 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Cabin/bold.woff2
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/fonts/Cabin/font.css?2
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 45a8badf06824c87461905a8b1871fc3ca3eb5934cee490deadad743ebf99661

Request headers

Referer: https://cdn2.editmysite.com/fonts/Cabin/font.css?2
Origin: https://lelive.weebly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 5936, 2
date: Sat, 13 Jan 2024 04:06:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 747991
x-cache: HIT, HIT
x-host: grn31.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15168
x-served-by: cache-sjc1000138-SJC, cache-fra-eddf8230133-FRA
last-modified: Wed, 03 Jan 2024 20:49:16 GMT
server: nginx
x-timer: S1705118807.925910,VS0,VE0
etag: "6595c84c-3b40"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 18 Jan 2024 12:20:16 GMT

GET
H3 200 wsocial.woff
cdn2.editmysite.com/fonts/wSocial/ 3 KB
3 KB 15ms
7ms Font
font/woff 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/wSocial/wsocial.woff?ts=1704319619444
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/social-icons.css?buildtime=1695407040
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e8106b06fab14948098cae97983eafbe1a60643ac725b2a029e4da57d43854df

Request headers

Referer: https://cdn2.editmysite.com/css/social-icons.css?buildtime=1695407040
Origin: https://lelive.weebly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 16, 4
date: Sat, 13 Jan 2024 04:06:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 797185
x-cache: HIT, HIT
x-host: grn143.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2636
x-served-by: cache-sjc10076-SJC, cache-fra-eddf8230133-FRA
last-modified: Wed, 03 Jan 2024 20:49:18 GMT
server: nginx
x-timer: S1705118807.925855,VS0,VE0
etag: "6595c84e-a4c"
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 17 Jan 2024 22:40:22 GMT

GET
H3 200 regular.woff2
cdn2.editmysite.com/fonts/Cabin/ 15 KB
15 KB 16ms
10ms Font
font/woff2 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Cabin/regular.woff2
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/fonts/Cabin/font.css?2
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3d8afcbc68d3ae65312e50ce252f5eb4cb817d3fe39452bd37a76f896ab5921

Request headers

Referer: https://cdn2.editmysite.com/fonts/Cabin/font.css?2
Origin: https://lelive.weebly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 4, 6
date: Sat, 13 Jan 2024 04:06:46 GMT
via: 1.1 varnish, 1.1 varnish
age: 845216
x-cache: HIT, HIT
x-host: blu129.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15476
x-served-by: cache-sjc1000117-SJC, cache-fra-eddf8230133-FRA
last-modified: Wed, 20 Dec 2023 14:42:55 GMT
server: nginx
x-timer: S1705118807.925850,VS0,VE0
etag: "6582fd6f-3c74"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 17 Jan 2024 09:19:50 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 26 KB
11 KB 68ms
48ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.weebly.com
URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=728943538380729393&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=000000&bgcolor=000000&linkcolor=FFFFFF&textcolor=CCCCCC&urlcolor=999999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fe62a369d064fd1c62c7c93af1c12e2c03026c74dde488edd0800bda11a0298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10632
x-xss-protection: 0
server: cafe
etag: 7877698121489035446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 04:06:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7f22d232b51333214ebfb71482a77fcc6894e292d4234edee0c7382578d2276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51201
x-xss-protection: 0
server: cafe
etag: 6152144550154486107
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 04:06:47 GMT

GET
H2

200

embed.html Show response
widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/ Frame 35B0
Redirect Chain

https://widgetic.com/wbl/app/53f6253e09c7e204038b4567?wbl[wid]=069b0a64-e565-4ce4-8775-ddeb28af730c&wbl[uid]=77032051&wbl[sid]=693506005579234598&prod&autoscale=
https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com

50 KB
18 KB

131ms
131ms

Document
text/html

2606:4700:3033::ac43:84fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:84fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f68636d014fd5775cd35ffaf199e7d9c9c98d68d262bd5af2820212d3f96569

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600, public
cf-cache-status: DYNAMIC
cf-ray: 844ac4c2aea869a3-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 13 Jan 2024 04:06:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBy8NXjleR4TbOOw1vyMkDiqluBxG1EKQ8qEalejF9lQqaMZJsbL1RZe9rLvxVxX2RNDvyCliz3NWYSc9MFWpebDZdxS3VCjOf9YUpU%2BdpYjOrrSfx0hSh6zlXQ8656NQ8Bc6zRg5UHLqlA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 varnish-v4
x-cache: HIT
x-cache-hits: 26
x-varnish: 264415441 260653735
xkey: composition:60eaad0decb2a1062b8b4569 widget:53f6253e09c7e204038b4567 user:60eaac9eecb2a1cf2a8b4567

Redirect headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache
cf-cache-status: DYNAMIC
cf-ray: 844ac4c1de5669a3-FRA
content-type: text/html; charset=utf-8
date: Sat, 13 Jan 2024 04:06:47 GMT
location: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5EhOSHmujWATcpsMF5D7jNJlbci3gxXLltifuMhrYj7nDYunmRabfeRFk9Xc6PGNlozXfiuDaXsyPg60wTlaVu7z2PvVKFzdKEh540o8rU5GIiZh3WoZwskfSLeR7DqVcIPcmvuQ%2FbHSdM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
x-powered-by: Express
x-varnish: 235145314

GET
H3 200 sdk.js Show response
widgetic.com/wbl/js/ 39 KB
13 KB 13ms
13ms Script
application/javascript 2606:4700:3033::ac43:84fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/wbl/js/sdk.js
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:84fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1cb008aaed1aabc56491ab1f185a8e9ef880be41c28c05971875febb211ad43d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 71708
x-powered-by: Express
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 12544
last-modified: Thu, 25 Aug 2022 13:08:46 GMT
server: cloudflare
etag: W/"9ba3-206806219"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyK%2BCGKtzUJlPHUbRtHxlMe45elrN5wEVhwZ5EabqdR6SBaPa60rg9QR0GSCv138iha9oJQZTLgrLQ6yU9vIkqHRRu8gHCo15K0FjVYo3XfwU8f%2BkCPKwnJaZAwz2bWLN4WBFYegxXPGxho%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 546752708
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 844ac4c3ac1037e4-FRA
x-cache-hits: 0

GET
H3 200 regular.woff2
cdn2.editmysite.com/fonts/Montserrat/ 12 KB
13 KB 6ms
6ms Font
font/woff2 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Montserrat/regular.woff2
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/fonts/Montserrat/font.css?2
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Request headers

Referer: https://cdn2.editmysite.com/fonts/Montserrat/font.css?2
Origin: https://lelive.weebly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 13, 5300
date: Sat, 13 Jan 2024 04:06:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 920543
x-cache: HIT, HIT
x-host: blu144.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12708
x-served-by: cache-sjc1000136-SJC, cache-fra-eddf8230133-FRA
last-modified: Wed, 20 Dec 2023 14:42:56 GMT
server: nginx
x-timer: S1705118807.316035,VS0,VE0
etag: "6582fd70-31a4"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 16 Jan 2024 12:24:24 GMT

GET
H2 200 dTk3BO54_8Y Show response
www.youtube.com/embed/ Frame 24C3 93 KB
41 KB 130ms
111ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f458c138193d26bde5242ed1211f198243b52998699737acfc981ed5c7a04f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 402 KB
136 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=pub-1181746742151021&plah=lelive.weebly.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59bdf429e317602e93ab7f129143a1de99658a7bc9d3022859a2595cf95b57f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139380
x-xss-protection: 0
server: cafe
etag: 14232557406006170366
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 04:06:47 GMT

GET
H/1.1 200
OK 2082040671.jpg
lelive.weebly.com/uploads/7/7/0/3/77032051/background-images/ 172 KB
173 KB 173ms
173ms Image
image/jpeg 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/background-images/2082040671.jpg
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: nginx /
Resource Hash: 692fb6d0172aaf378428ac4cf4c73e80ae57fed66494994eb81534593117f17a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:48 GMT
X-Storage-Object: 692fb6d0172aaf378428ac4cf4c73e80ae57fed66494994eb81534593117f17a
Last-Modified: Mon, 18 Mar 2019 14:40:18 GMT
Server: nginx
x-amz-request-id: tx000009bca7bdea5ed56ce-0065853269-db1c716-sfo1
ETag: "edc8edd8d583b8d4661931a93b7d552e"
Content-Type: image/jpeg
x-rgw-object-type: Normal
X-Storage-Bucket: z692f
X-Host: grn27.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 176369

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 1263 9 KB
4 KB 27ms
6ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 8853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 01:39:14 GMT
etag: 9219409622527106327
expires: Sat, 27 Jan 2024 01:39:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 MzIH2rn72NE Show response
www.youtube.com/embed/ Frame 2428 94 KB
40 KB 81ms
80ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0d816d08f9168dcac961e98c0fb0f710db699e65b5eb4221f1020c7ba6649f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/80b90bfd/ Frame 24C3 358 KB
47 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47453
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Jan 2025 22:58:41 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/80b90bfd/ Frame 2428 358 KB
46 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47453
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Jan 2025 22:58:41 GMT

GET
H2 200 sdk.js Show response
cdn.jsdelivr.net/npm/@widgetic/sdk/lib/ Frame 35B0 49 KB
16 KB 40ms
16ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@widgetic/sdk/lib/sdk.js

Requested by

Host: widgetic.com
URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8d94874a66894f07f2a9e37b4bf6b6ecf9b0632b637105030b32bcdc40285a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 35518
x-jsd-version: 1.7.10
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230127-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"c37e-Q0dXjLRTDHxVFcSCPxxV3knKM0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mi384HLwXibmEpssMOvxl8PtxnRYIiAg1tC0cyOyfCTuqVO4bHlnEjEyNZH5qTMan6sHpQkvJAsoDEssNcLDgwmVUPAk70YsGCEv0io5YvNiycfq0W4sNu9D7xRgswSe%2BgiZA%2BEwNyrnhyiScDM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 844ac4c3a89992ab-FRA

GET
H3 200 control.js Show response
widgetic.com/bundles/blogvioapp/js/editor/ Frame 35B0 11 KB
4 KB 16ms
15ms Script
application/javascript 2606:4700:3033::ac43:84fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Requested by: Host: widgetic.com
URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:84fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f95e234907d6a21b8b3768caca177f7b4003689bdd974f1ec7c16ea96cee6c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 72674
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 3870
last-modified: Thu, 27 Jan 2022 16:03:46 GMT
server: cloudflare
etag: W/"61f2c262-2cce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pWXhlKuygv6YJiVBWQ%2FHDCAn9zyIvHvQP436lsc252t%2FMKFXOeMuWgXSlVjRv8Y4rWCchk5nwjoQn7lc7KP90soG9hkAwmFqZfDmStWRmIMSM70Kb75YpDFcW%2FnkPpFwzggJJ7K3HxgwoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 861708947
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 844ac4c38bff37e4-FRA
x-cache-hits: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 24C3 15 KB
15 KB 50ms
19ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 426897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 24C3 15 KB
16 KB 39ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 327453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 09:09:14 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 24C3 52 KB
16 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3401b7cf66d3054cd4e206cc8eb15fc6526750591846b9947baa655fc940d910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:24:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 243709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16447
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Jan 2025 08:24:58 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/ Frame 24C3 323 KB
97 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 01:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98905
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 01:59:45 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 24C3 2 MB
770 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b41e9d926f671cea3deb26ad3ddb93ae28ba5eca5f299bea5a59b482fee3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788283
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Jan 2025 13:10:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2428 15 KB
15 KB 45ms
20ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 426897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2428 15 KB
15 KB 38ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 327453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 09:09:14 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 2428 52 KB
16 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3401b7cf66d3054cd4e206cc8eb15fc6526750591846b9947baa655fc940d910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:24:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 243709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16447
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Jan 2025 08:24:58 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/ Frame 2428 323 KB
97 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 01:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98905
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 01:59:45 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 2428 2 MB
770 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b41e9d926f671cea3deb26ad3ddb93ae28ba5eca5f299bea5a59b482fee3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788283
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Jan 2025 13:10:09 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A006 746 B
533 B 225ms
225ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3728641180&adf=1460459252&w=468&lmt=1705118807&ad_type=text_image&format=468x60_as&color_bg=000000&color_border=000000&color_link=FFFFFF&color_text=CCCCCC&color_url=999999&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=000000&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807296&bpp=171&bdt=1003&idt=369&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&correlator=4322789930108&frm=20&pv=2&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=566&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=377

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_with_ama_fy2021.js?client=pub-1181746742151021&plah=lelive.weebly.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ea6f427bb43460d62ff12b1378ccece1b9086e0486816ffafb44079e4fe0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 365
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:47 GMT
expires: Sat, 13 Jan 2024 04:06:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 102D 746 B
586 B 142ms
142ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=843395539&w=468&lmt=1705118807&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807679&bpp=1&bdt=1387&idt=1&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=1&fsb=1&dtd=3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43041ddcd7eb47a6e478251953f5773b0cf8664066d7697a4cc45a0727953d53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 365
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:47 GMT
expires: Sat, 13 Jan 2024 04:06:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D6B5 91 KB
42 KB 269ms
268ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=3566803071&adf=4055878447&w=728&lmt=1705118807&ad_type=image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807304&bpp=164&bdt=1011&idt=388&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=389

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5afc688bdaf465a3dde7829c290cce065892b841b5bc7cecb89396d7dcf85970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43187
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:47 GMT
expires: Sat, 13 Jan 2024 04:06:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 core-js.shim.min.js Show response
files.widgetic.com/file/widgetic-uploads/assets/js/ Frame 35B0 82 KB
28 KB 191ms
173ms Script
application/javascript 2606:4700:3033::ac43:84fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files.widgetic.com/file/widgetic-uploads/assets/js/core-js.shim.min.js
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:84fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd8844e07a245a7492968fae4fcbd9b7d6455ae634d1919d596ebe39cd056587

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_zcab80af2fd0cc5bd57300e14_f104b15177b277c8c_d20180312_m070149_c001_v0001008_t0005
x-bz-content-sha1: ad24cc060a78fcdd30b3924615d701fb54480463
x-bz-file-name: assets/js/core-js.shim.min.js
alt-svc: h3=":443"; ma=86400
x-bz-info-src_last_modified_millis: 1520838005031
x-bz-upload-timestamp: 1520838109000
last-modified: Sat, 13 Jan 2024 03:44:43 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFm4DI%2BhV9P2w7t0B5O1c6igpy%2BaYlEjyxDPn9Jw73AiXVVTMS0TOGYZYtrhx1ZZb7BR%2FtpwUz7aWOnuSNlFAQ2DfEQ7%2BVPbMOS739p%2BvOkzxjLLZWhUuoZbWl%2BIhFcMSzX4EOgfag0pqQBPp1VfMSY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
cf-ray: 844ac4c43f5b69a3-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 core.vendor.js Show response
widgetic.com/bundles/blogvioapp/js/editor/ Frame 35B0 91 KB
32 KB 14ms
14ms Script
application/javascript 2606:4700:3033::ac43:84fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/bundles/blogvioapp/js/editor/core.vendor.js
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:84fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cfc72687bf236ba651d0aab3205c0e3cd474d5fa987f1ab1e8fe749f0680acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2435
x-cache: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 20 Dec 2019 12:56:55 GMT
server: cloudflare
etag: W/"5dfcc517-16a12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhHTEYBDfZ84iPzlrKx6eDVlQI0ERmilIS0sRnBaLqClAC5U6eFrzZzb4cXeuXpzWsLx8fRfSKivFJ7bookK2jMywblJLF%2B1biC4K%2Be%2FQ7HVzyQbHDRa9Eb7uYiscXeQeQhpTO9ZOtTxT20%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 548464458
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 844ac4c41c4f37e4-FRA
x-cache-hits: 0

GET
H3 200 require.js Show response
widgetic.com/bundles/blogvioapp/js/ Frame 35B0 2 KB
1 KB 13ms
12ms Script
application/javascript 2606:4700:3033::ac43:84fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/bundles/blogvioapp/js/require.js
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:84fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81551f948932bc38d1b9d329a865d6050adf2da9dae6ec60395c51c6af06054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80682
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 759
last-modified: Fri, 22 Oct 2021 12:54:48 GMT
server: cloudflare
etag: W/"6172b498-825"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoMWa3V99Jz%2BC5z26eaX%2F%2BtJaMpCDuj3f7roppGc0E1Eb7PtS9aZGSTSP8Jmj3TvT12%2FMV3vWq%2FON1BCh1Mt6lr3svn2Vi3pBWZqP926W2lWPmYZjQroDJKSpHX7iNWfCw4%2B5PMBUhTR8Qs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 548580752
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 844ac4c41c5237e4-FRA
x-cache-hits: 0

GET
H3 200 embed.css
widgetic.com/bundles/blogvioapp/css/ Frame 35B0 2 KB
1 KB 25ms
25ms Stylesheet
text/css 2606:4700:3033::ac43:84fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/bundles/blogvioapp/css/embed.css
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:84fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c420c2545efebcdcedd9fd7e48fe093a8c888f6726710197c0f1adff13b39cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 75843
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 617
last-modified: Fri, 22 Oct 2021 12:54:48 GMT
server: cloudflare
etag: W/"6172b498-620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLdv6ZAuPOQ8qkpIBWfdbOBMHlyQzXfwqjxTL51x1GpwS239egAhRa13iuUCtEPysf8NK9KObeEiEwLdS5A1QpOb09GW7Teg2wMcgEXu9twJdV2WQD8wDRL4pl2%2BGK07flrCzV4bGTL3Wn4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 551295169
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 844ac4c41c5337e4-FRA
x-cache-hits: 0

GET
H3 200 widget.css
widgetic.com/widgets/53f6253e09c7e204038b4567/0eb36c7/ Frame 35B0 324 B
681 B 26ms
26ms Stylesheet
text/css 2606:4700:3033::ac43:84fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/widgets/53f6253e09c7e204038b4567/0eb36c7/widget.css
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:84fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97ab411811d4436c975b63b44078385f3b31c9a09fa8d86ee05e24505ddee13b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5280294
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 163
pragma: public
last-modified: Tue, 05 Apr 2022 17:29:26 GMT
server: cloudflare
etag: W/"624c7c76-144"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgWBHinBxz712DN4G5SP5MTUJPIrVu7r6pXYW2U7NyEhZnziGYoAe6KDiyn4NZ9mnuf1nCTZx9Sat8fNlon1SUYyMGVSTEg4qrDrWgJ93b73CE1eR67nFYsBktNQR0fDSDAZ7ft8HOfw0C0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 556894215
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 844ac4c41c5537e4-FRA
x-cache-hits: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1E82 746 B
388 B 263ms
263ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=250&adk=597672501&adf=2042640218&w=300&lmt=1705118807&ad_type=text_image&format=300x250_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807701&bpp=1&bdt=1408&idt=1&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=2&fsb=1&dtd=2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

932b80926e1d1db1ec34d6c2d333c6482b9c9b1e2f787ad7b27f24b9ceb23908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 364
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:47 GMT
expires: Sat, 13 Jan 2024 04:06:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 91D4 746 B
390 B 174ms
174ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=1030568439&w=468&lmt=1705118807&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807704&bpp=1&bdt=1411&idt=1&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=4476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&btvi=3&fsb=1&dtd=2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51921678abf215c923826ee5005ece93e96b4e5a75ab0ef6019b60a63741314a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 366
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:47 GMT
expires: Sat, 13 Jan 2024 04:06:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A1A 25 KB
11 KB 204ms
204ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1705118807&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807432&bpp=36&bdt=1139&idt=281&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=4&fsb=1&dtd=283

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cb57dde3a2009442a904a01e42f5803d7c8914e1e302828a32006845e0cf02f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11256
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:47 GMT
expires: Sat, 13 Jan 2024 04:06:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C198 746 B
391 B 53ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=4027036295&w=468&lmt=1705118807&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807733&bpp=1&bdt=1441&idt=1&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as%2C728x90_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=4476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&btvi=5&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e1a2c909f8d0b72f8cc525d94768b5c158615e9c4911d9d786de8153b5ed768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 367
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:47 GMT
expires: Sat, 13 Jan 2024 04:06:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AE86 746 B
391 B 52ms
52ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=2776088540&adf=2540194251&w=468&lmt=1705118807&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807452&bpp=17&bdt=1159&idt=294&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as%2C728x90_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=919&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=6&fsb=1&dtd=295

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa8ec93ec8daee9477de8aa5ef0932a71123778ba963a1979d81541be751d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 367
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:47 GMT
expires: Sat, 13 Jan 2024 04:06:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 35B0 2 KB
979 B 35ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/css/embed.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 03:27:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 04:06:47 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 24C3
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

14ms
14ms

XHR
application/json

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1eb38841e5980b207471d7baef3359a436a904b741c9b9fc2f8fdd52852bba6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 13 Jan 2024 04:06:47 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 24C3 29 B
495 B 26ms
6ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:02:18 GMT
x-content-type-options: nosniff
age: 269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jan 2024 04:17:18 GMT

GET
H3 200 yV8FdhSmz2Y Show response
www.youtube.com/embed/ Frame DBA3 94 KB
40 KB 82ms
82ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c8fbcf623ed91a79dffbb948ebd30e91d59e59b0f81734359b76ca6cf02f32b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 2428
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

14ms
14ms

XHR
application/json

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56eb8750086909128805d5b0aed2757a5825a5b1caa6e852eacba5469fe8a6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 13 Jan 2024 04:06:47 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2428 29 B
89 B 19ms
7ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:02:18 GMT
x-content-type-options: nosniff
age: 269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jan 2024 04:17:18 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 914C 746 B
390 B 60ms
60ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=3310464510&w=468&lmt=1705118807&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807501&bpp=1&bdt=1209&idt=265&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as%2C728x90_as%2C468x60_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=7&fsb=1&dtd=267

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0844a0b1d86f6c7c30323607d02f9f0dd90daa1774a5cfb29ce12cbc2c5b77c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 366
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:47 GMT
expires: Sat, 13 Jan 2024 04:06:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 34ms
14ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 13 Jan 2024 04:06:47 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 24C3 87 KB
40 KB 23ms
23ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d78204f047c6bc407947f475c9e06be02f15d41bd3bcbf2a068823287a514dc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40754
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 24C3 117 KB
33 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b6c8a53cb4841326e9fb05b33f3aaead9cc0eb705c4de88d717bb15da0d7993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33877
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 04:04:51 GMT

GET
H2 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame 24C3 50 KB
20 KB 33ms
11ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 02:11:09 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/dTk3BO54_8Y/ Frame 24C3 129 KB
129 KB 126ms
105ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/dTk3BO54_8Y/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGEcgVChlMA8=&rs=AOn4CLCSvI6_LmxAM0ZU1YewTE0yrVh97Q

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a96107fbabc6086da1301ac2553295a823d37bdbc49c61efaab62b966b25f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132077
x-xss-protection: 0
server: sffe
etag: "1633021642"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 13 Jan 2024 06:06:47 GMT

GET
DATA 200
OK truncated
/ Frame 24C3 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AIf8zZTx5xLO6cuwGaj4TfYYnxLEkCHW_aFeUqVk8lGQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 24C3 3 KB
3 KB 504ms
485ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZTx5xLO6cuwGaj4TfYYnxLEkCHW_aFeUqVk8lGQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

974a2523a3ada9ff6508ade39f9f33bf6d01596f61b047445b650409defa1e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2924
x-xss-protection: 0
expires: Sun, 14 Jan 2024 04:06:48 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 19ms
19ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 13 Jan 2024 04:06:47 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2428 87 KB
40 KB 24ms
24ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c00734ee42d721ada6f6a46154f07e2172c2b8fe8cf394ac6453bf550d993f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40611
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 2428 117 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b6c8a53cb4841326e9fb05b33f3aaead9cc0eb705c4de88d717bb15da0d7993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 116
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33877
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 04:04:51 GMT

GET
H2 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame 2428 50 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 02:11:09 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/MzIH2rn72NE/ Frame 2428 168 KB
168 KB 104ms
103ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/MzIH2rn72NE/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGGUgSig-MA8=&rs=AOn4CLDozoRKm4aymMp3XXOWt1w8AtV1-A

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30bf665890ae0a63e4f917a03fb52d5b1c53f8c67c686ca2732c2656599cd862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172368
x-xss-protection: 0
server: sffe
etag: "1632909457"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 13 Jan 2024 06:06:47 GMT

GET
DATA 200
OK truncated
/ Frame 2428 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AIf8zZTx5xLO6cuwGaj4TfYYnxLEkCHW_aFeUqVk8lGQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2428 3 KB
3 KB 463ms
463ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZTx5xLO6cuwGaj4TfYYnxLEkCHW_aFeUqVk8lGQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

974a2523a3ada9ff6508ade39f9f33bf6d01596f61b047445b650409defa1e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2924
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 14 Jan 2024 04:06:48 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CA37 746 B
392 B 64ms
63ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=1230979907&adf=3956329256&w=234&lmt=1705118807&ad_type=text_image&format=234x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807503&bpp=1&bdt=1211&idt=356&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as%2C728x90_as%2C468x60_as%2C468x60_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=2301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=8&fsb=1&dtd=358

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad9403b1b5baed4a82677edfe45cc66ce8f4fe2bc2a86ca86f6143afa78180ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 367
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:47 GMT
expires: Sat, 13 Jan 2024 04:06:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/80b90bfd/ Frame DBA3 358 KB
46 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47453
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Jan 2025 22:58:41 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame DBA3 52 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3401b7cf66d3054cd4e206cc8eb15fc6526750591846b9947baa655fc940d910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:24:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 243709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16447
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Jan 2025 08:24:58 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/ Frame DBA3 323 KB
97 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 01:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98905
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 01:59:45 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame DBA3 2 MB
770 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b41e9d926f671cea3deb26ad3ddb93ae28ba5eca5f299bea5a59b482fee3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53798
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788283
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Jan 2025 13:10:09 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
13ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 13 Jan 2024 04:06:47 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 24C3 90 B
134 B 17ms
17ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dacecd220a567b2711f780bb5e8716cd39d403e90a4f6681f2a7c83f909dadb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 13 Jan 2024 04:06:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ABEB 746 B
387 B 59ms
58ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=2671402218&adf=898975295&w=728&lmt=1705118807&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807517&bpp=1&bdt=1225&idt=429&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as%2C728x90_as%2C468x60_as%2C468x60_as%2C468x60_as%2C234x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3064&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=9&fsb=1&dtd=431

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a35fac0bcc8a8d7537f639c0c370d57f5f136f87e0527e65c6516ba3d53c2e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 366
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
13ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 13 Jan 2024 04:06:47 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2428 90 B
134 B 19ms
18ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c02760cd8b64cd5252dafe2c3a3680327ac16dd2c28d061c3ab7c72763363699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DBA3 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 426898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DBA3 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 327454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 09:09:14 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A1A 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-wzkNW3KHCISUKSMLW0XR5tqHAP5e5527aZeDCcjJBqWKShQDJzPAW9H8xCFJ4Mj_J6u_62INXT_mUXpgJS2ExGvixACz6AdUYsI5MKO8w19vrFE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1705118807&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807432&bpp=36&bdt=1139&idt=281&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=4&fsb=1&dtd=283

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8A1A 89 KB
31 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 04:06:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8A1A 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 17:58:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8A1A 20 KB
9 KB 46ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 19:20:11 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8A1A 205 KB
62 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c33412ba91028feec6a26b56c72f3ce03a24512785c25247447c2d1e81c8ff13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 03:55:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63127
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 13 Jan 2024 04:55:26 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D6B5 42 B
63 B 40ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BPxnowGXpzQtmI-ZYXGB1ZHDpYr9CDxGPE684HaJx13WuobJtJ0CKpjQYiNqtw3FcNsCf5chUyajfd1ppX8eybXZokW-LYrljYgy0kPZKqU2EGhEs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=3566803071&adf=4055878447&w=728&lmt=1705118807&ad_type=image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807304&bpp=164&bdt=1011&idt=388&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=389

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame D6B5 3 KB
1 KB 18ms
11ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 17:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 17:58:07 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame D6B5 20 KB
8 KB 15ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D6B5 205 KB
65 KB 37ms
17ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 13 Jan 2024 04:06:48 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9900 624 B
245 B 47ms
47ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNU0MbD7qEcd_f7B5tKU5ZuheP6rObQ0Ao1Pq4XtrMiuaaYcKNmhYOIkbfR0HWbbvRAMZfPUhGw8SSowLojJbcXacZsoWcQ96TPYfbgvnXOyCATBc3tCLQM8ZKvKZDRJKL_3GcLx6PefHvqqsZ4MWbI-29ylszIVaR43-OwvQQKBn3zrKeM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1705118807&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807432&bpp=36&bdt=1139&idt=281&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=4&fsb=1&dtd=283
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:48 GMT
expires: Sat, 13 Jan 2024 04:06:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 StpFz8qbB44 Show response
www.youtube.com/embed/ Frame 8274 94 KB
40 KB 96ms
96ms Document
text/html 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d937fe37ba1936860c25f23bc45e1e87932efb615c30751b561a2900db8177e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DAB1 640 B
265 B 61ms
60ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiP9b7cATAB&v=APEucNXE21CmRWMpsfcbaUiYrH-Lx1anZ-E_kX6i-EJyrCe2JT-hxRwWO1ACHW8Rs_VIabl1UVtxKEDGCxUNwYg5H_nOxgZ563cV2Cfl_NIxUYAoLAQVBJFz__DJfx2m9JXjklbnXud3BSL8b43IslhRW6zVFL2p3tm7K0Cu0ia8VZruk0nC4h4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=3566803071&adf=4055878447&w=728&lmt=1705118807&ad_type=image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807304&bpp=164&bdt=1011&idt=388&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=389
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:48 GMT
expires: Sat, 13 Jan 2024 04:06:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame D6B5 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 00:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14727
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 00:01:21 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame D6B5 7 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 00:01:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 00:01:20 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D6B5 0
0 178ms
52ms Fetch
image/gif 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstLIwh0-uv8nNwDBHscxmq200HP0mBOt1hB1P3PxFo389Bz5N40N9ra-vbslC0erLbaTtPXAjrzoEvocv7kAsnVYAf0mhufXQPxR0WDnqDhs2Jt-ZaJbXs8OU2MrPJBz5QhwIGYY4t2PVRsZPVdOdSTg7pCWvm07TvPlKIJ5ZlR0RIwwCKkv7stEoRdFbDzCz2ZwLlDz9pP13-K3ZqOcwNw_MCys8EPdOSg4VGoALJeCo4kMG7XaWRHZAlwmGYSTnsZRcPqgakuLj_N6YZd9xgmuum3itl7rJVjPhd-GU6Z97rZjUISoWX49QWQdhttE33oFcyOeg2vqY7reu_WKWY9UxRwnTFgUGuTuQYSb5I_bl5rmB4KYWukpaRQbg1ulvyAwgxz_IZj4zrupEd2djWaGLUFNvqmFmFKSbmNzMxFQVEtJevgG1S4HmozT4NRtyhGhxzo-1lhf7g8V3G9ji8o8QwwJcefh86rvv1ARC1W9LIUmh-kJYShB_ZsSWn3aP6a2VJYoJls4tru2Mt87i7Ec09PGM_Y_3-FJEYqf4bRmc4ows4IcwgZcB0CC8JRvlbAB4_MpMNgmGVZhngeUkhj-vooKEXfr5-pV5OEwGv_0mawNarOMPfXX6a4AsbwymOKLZzPH-WokvTSZkYcdy0FoxSXTaTZcNmicXhhfk4M0Isi-2ieyjkyqLxllBPDa3Mn_tMTR_tc3eKHyDU4f4if9afUUKxYHVgOKuYC52tDksxirnMuAnf-B_8msaVLijn6VNMdzvweNn5WmskEiq3dnJRvaSNvDsMEmRvMLJ6ZzqaR7lirxDPFfHZbxukOVrZaiPyOOHD4IEjzUnrTI-hnPyUlPnTLFuSzMC-rkzhTCrn0A-Y4niIYfG-vPrhsZuJHk-X8_RkGFtrbN1UsVLMC4M2vhYtXcz63zZS2Jys7n0jaSug1wwzExMQmekfyVeOcD-vNUnw1HNQf-kZn6H_D5YwIIiq4NKZyO7r70FtciLK6qpeghc7WrmMqm855jcbgOe-K7wHEi_xPMQv7HRuv_3rcUw3FlKHBLZYwiAnjQ-mICPU59NlwEg4-9X0LaK3i3mmh5ZVRyPRevNr-0kRphp-wF1Fkm7Likp_8vg6RJQdRTP8Hdd07gca6huYmd_CRatA7Rm1SAe7gC-FfB5XZFG-tcsH6xJLWDhyqZGJk9uExm6Y_F-rnP_B0ZoaFBYntvqnd_TGpSOUbOjjfJr3CYatXHvFiyslfcREb0533tilfGg4eQsLztkzLDDOIcQ1bI2Vl1xGQXINhsPZEebrYYApNqsaADZgWNkoatSWVkHs95aUEM2pBATVBC-l4pDreQ9Hr4nYrnPthQCpNB9yQLRmJVOoVyyAwv94ppoOBwCp9RwrcVchta8wsx8PGMdSU0ioIJo0dis_o&sai=AMfl-YRI5v8P_JAL05420aNxN47cMoPTYpOrkNDv5t8EUt-cTNT_7LmmeCNoz7hPs-cowrqMcZtvekHoL9_K0OEJtwjrS13xRlnG5IqA0Ryr6o3xw5a12Ks9r1YuyrndsaLbIXbrx7NNn4PDrJq_M9emUbw1LFhu2PagBAPZot0q7RiOiaKspqa6C5ipCE5GsBSqdW-cl6WECt_WUzPXD-DXTZpoXM8RgQRmz8vdpdBW81fgsJrkWRGNv-QG2hLQV-Lf_Xc0VmIqsCjUjmBW3QU_J3xMNhn3_cZaeyvb66vYLGEsECWi1JpcFNEh53-nt-wQ1uvIxUYtZtB_CmK6qqVSAon5c3FBIKsFEMKaLDx8f_hapD4SCmi9BUAbRzQWFqcJEoPmC3a7YHAGlNIwChXkX1IggyuaK2aL88ZPcN1MT0Ccg1wl72mwj9LPv_1N9cdlU96E0fs_YRjDNPPKHEuDAH4nOQ3bCAkNevzaTJXh9TDfOg65nrHO5IYZ_DmNF5DmRFBqyxWIFbyC&sig=Cg0ArKJSzO9bvTlEqsHDEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maXZlcnIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240109.29036&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D6B5 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
H2 200 3311704122601845403
s0.2mdn.net/simgad/ Frame D6B5 19 KB
20 KB 132ms
6ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3311704122601845403

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9a623e55aedb7563d96a2bd367237c17bc7d9493bae1300cae0e4e3af8af52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 11 Jan 2025 14:44:10 GMT
date: Fri, 12 Jan 2024 14:44:10 GMT
x-content-type-options: nosniff
age: 48158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19533
x-xss-protection: 0
last-modified: Sun, 11 Dec 2022 07:06:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 24C3 4 KB
2 KB 121ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 04:06:48 GMT

GET
H2 200 nr-full-1.250.0.min.js Show response
js-agent.newrelic.com/ Frame 35B0 71 KB
24 KB 103ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-full-1.250.0.min.js

Requested by

Host: widgetic.com
URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

78d22628b565c4de185a53bd4eaf1f34a9f604fc04900d7533574d90db443a18

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://widgetic.com/
Origin: https://widgetic.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: qs9n_ILKatHMtlxFOHQji1VJgUvP683D
content-encoding: br
via: 1.1 varnish
date: Sat, 13 Jan 2024 04:06:48 GMT
strict-transport-security: max-age=300
x-amz-request-id: FNQRZVN5V05EY6BB
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 24206
x-amz-id-2: 0T025pSVvWelZhaP1yFGgxZSpLmAcoI3da1h6JPWwVsPL/SjaYREb9dJ11vKriulTHvsLJQkkCE=
x-served-by: cache-fra-eddf8230113-FRA
last-modified: Tue, 09 Jan 2024 19:15:56 GMT
server: AmazonS3
x-timer: S1705118808.218766,VS0,VE0
etag: "5ebd0f7d438a3335d147eacbf5902667"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 18607

GET
H3 200 spine.js Show response
widgetic.com/bundles/blogvioapp/js/ Frame 35B0 32 KB
9 KB 15ms
15ms Script
application/javascript 2606:4700:3033::ac43:84fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/bundles/blogvioapp/js/spine.js
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:84fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec55a4bf94cf9d4245ea503b57dc7fdd599f25cb0031d0387d4bc44117138c6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78673
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8487
last-modified: Fri, 22 Oct 2021 12:54:48 GMT
server: cloudflare
etag: W/"6172b498-8108"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdCtXWzhS08g6hivJyd4Qw%2B1zAanfBVB0HXlfc4ZcReh4UqHeBpAZHAhfQ34KZX%2Bjbp5is9Yw3tIzGQ5fCX0qPWVj7K0JvtuHA6IFOajmLERlwuhufary6cZO%2FpLdsNm4%2FUTxHj6kXrwbbI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 549069545
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 844ac4c6cdaf37e4-FRA
x-cache-hits: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2428 4 KB
2 KB 120ms
22ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 04:06:48 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 24C3 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?ebXfJA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9900
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHLTfvRDq1rhhR-1b0a3TU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHLTfvRDq1rhhR-1b0a3TU&google_cver=1&C=1

43 B
773 B

35ms
33ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHLTfvRDq1rhhR-1b0a3TU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNU0MbD7qEcd_f7B5tKU5ZuheP6rObQ0Ao1Pq4XtrMiuaaYcKNmhYOIkbfR0HWbbvRAMZfPUhGw8SSowLojJbcXacZsoWcQ96TPYfbgvnXOyCATBc3tCLQM8ZKvKZDRJKL_3GcLx6PefHvqqsZ4MWbI-29ylszIVaR43-OwvQQKBn3zrKeM
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b09mPv7gL95lkE8FPPRVaMl%2FOlid2TY5gMgXhO%2Bgrha63N%2FCpnSyPcs%2BvUShto7WkPVaEIHQjfpn%2FI7POKJ%2FuiaBvVPhYo5IvXSk9o0uoCPWT60twBpYYJWyqZeOaU4Fon%2BmflO61j6kXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844ac4c7b8f437f5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRiGE85sHBA3UHgNqlWXAYKpr9auROT0uUvCq0CaXcu1Nk%2FRopSF%2B3UOVHoLYUIIyU2UZGSlKc7iLBSkyVHUZJh8L0c5sGUt1lbMEMahgZ2CN%2FTg7xF8inwJGP8apMKNT3IYjvJdB7Prbg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEBHLTfvRDq1rhhR-1b0a3TU&google_cver=1&C=1
cache-control: no-cache
cf-ray: 844ac4c78d3a9b6e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9900
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaIMWEwhELNaqDSuUk.tZAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHLTfvRDq1rhhR-1b0a3TU&google_cver=1&google_hm=2

43 B
732 B

22ms
21ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHLTfvRDq1rhhR-1b0a3TU&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNU0MbD7qEcd_f7B5tKU5ZuheP6rObQ0Ao1Pq4XtrMiuaaYcKNmhYOIkbfR0HWbbvRAMZfPUhGw8SSowLojJbcXacZsoWcQ96TPYfbgvnXOyCATBc3tCLQM8ZKvKZDRJKL_3GcLx6PefHvqqsZ4MWbI-29ylszIVaR43-OwvQQKBn3zrKeM
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5Pu%2BRFGdqFEOekI0bUmPbW9ZBQLKqGwfNTdX084xZx98qKWoeS4s6cxeufFbldAMtrYrE5PaZHuWdY%2Fi2uyeAlUeDpxZx6vPYRN1ssnoPjPYpRROqQ%2FvQPTJeL9yuwipUB7Mt98lkBQbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 844ac4c8197e37f5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBHLTfvRDq1rhhR-1b0a3TU&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 9900
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOI3p4HsitjaAk6IAQMeyJ8&google_cver=1

43 B
1010 B

6ms
6ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOI3p4HsitjaAk6IAQMeyJ8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNU0MbD7qEcd_f7B5tKU5ZuheP6rObQ0Ao1Pq4XtrMiuaaYcKNmhYOIkbfR0HWbbvRAMZfPUhGw8SSowLojJbcXacZsoWcQ96TPYfbgvnXOyCATBc3tCLQM8ZKvKZDRJKL_3GcLx6PefHvqqsZ4MWbI-29ylszIVaR43-OwvQQKBn3zrKeM

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
an-x-request-uuid: 79d14c8e-cfe3-45b5-b000-426a4ffb1d80
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOI3p4HsitjaAk6IAQMeyJ8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9900
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4MjM2MjU5Mzk2OTU1MzMyMg%3D%3D

170 B
243 B

16ms
16ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4MjM2MjU5Mzk2OTU1MzMyMg%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
an-x-request-uuid: 9379c870-4095-48d5-9a6e-4bbb2252a2e8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU4MjM2MjU5Mzk2OTU1MzMyMg%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 2428 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?AOshyw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 861F 461 B
240 B 65ms
64ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=2127476350&adf=3363419344&w=468&lmt=1705118808&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807759&bpp=1&bdt=1466&idt=1&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&cookie=ID%3D482594ecf4059e21%3AT%3D1705118807%3ART%3D1705118807%3AS%3DALNI_MY1NxPkLgaWQaJesmeZLp8FPY2fvQ&gpic=UID%3D00000d40837e7a92%3AT%3D1705118807%3ART%3D1705118807%3AS%3DALNI_Mbw3RC9pVgYUeHgEn4FKAPluw1s3w&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as%2C728x90_as%2C468x60_as%2C468x60_as%2C468x60_as%2C234x60_as%2C728x90_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=5189&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&btvi=10&fsb=1&dtd=453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb586fa5466efda7cc10c16c97d93b99d072924853d53e026c5c4bb8abbab4e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 219
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame DBA3 113 B
159 B 14ms
14ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc32c0e17481e95cd287e4e9950393c58fcdfdad68f571df2a8a394b86a6c363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame DBA3 29 B
92 B 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:02:18 GMT
x-content-type-options: nosniff
age: 270
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jan 2024 04:17:18 GMT

GET
DATA 200
OK truncated
/ Frame D6B5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ce68a3f9b50e25cf5521f9d29510095c2488f9e12584b4ad8bdf1c30bee4dcb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A1A 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6175419652614&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A1A 0
20 B 41ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6175419652614&version=m202309260101&ct=77&x=1&cor=11917634550238618000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8A1A 20 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLQswXFEk6LTgSr1bPNaeXpCz1uBfqimBj4ba7Un0Y8Ic9o74CErMgGCho06gvi-aSLGOLMr9RLKqYDlfh77ENBzsp8pGXfcvquitUji6RXQSVdpNy9VoZNvEptOgH8eJ-pVfcmHk_Vc32MVwwBd7KdAT1xd5Zg3AufhMBuY0mEOJUXk4&cry=1&dbm_d=AKAmf-Dap8wxPjyRL2WOv5RwbSB7YCrZmBzDRfZ-_KQ1kn02IvjL8y2nECcV8C5V-FgvkdYjvhWO3naWjELQ06H31HvdAoP9LgmE4SJguR17rePVg-paQ1_ltaunAULIElsr4Oo8e4dIwX-hyzoun90PaI9Vo_ALEYyA1lkrWB8MKlJ5OoDB6iv-3SdQ8iJrHTGD0uKgHt6zAMchWTIiqnq1CoCKHht7Igm-zr7eBJAzHFJOXuXczg1P6sV1pkaXo21C9_AR5nWDMXZjVl3Ctk536yvTGyWKjuDeIHd54u14dYwxPjlulPPmplNGM0ArvyV0e-J1xYVjejiQzdeYBU_obT1wEMDbHz3E4S3GAAbDKBL8HuC3yyIkI6r0ezYx2S7kjKJ6ny62v5d_V3lDFwyMu44gBxOg93zBhMENQRSGrIy8sTI89eQkTOsN2AuZaDtec9p7yP92xIo2jK0iSI86CU6ambWKnUUqZp5jHRqGB3NkHEwTbikSnNDEzP2XWh2xwf6-UBjKMG5uVeJPznO_xykdpER3HWywU2iUWqf5goXpaKyES-aTnm3AvKiGK7TKlIFNnjqR29d03YPz3R2xm1NW1V3BaJ5H5zxLgeVPXkQbl2CFOroP7RXSb4KptP-AkQrIJL3Fx1eChUuX785D859H4A64_5HXF8GTp3gYfIbX7nhcXAQl0hB8TGQxHowkCMgUKJmkXHeDAzCl77fuq3vti-_MGxjIyJaDxt458y9e0dlqxZlHOaQO7mNGXPctP4nI3yiRk3-TlkTe8OPrQS1vYMRPU9Wor3YsnAM3PPZxAu56IZjboJaL87SuqfCv3CDxHhBmgOqp3_tJLZw0LhDOpiWq0GcIPjbhxhBO_xYVlGfAxH8hm6FqxuT7EqMDFlLtPJBBkfUf9FE0k8J3viIOPRl70K8n7NkDYXaON87LuYjnAKOP5utTOgTiVnOmXaFr8rb3wYC7_TdRW7djyjT3l0p122ZXLHpH7CJbrlSuM5hIM0Fvs7iU12HquNmyFg0iwjtpDLxPfXbTUIUePnhcM1QNLOvJroOiY--iYfwXFkkcDxBrGra67PGgxyaq-ZkWHx3PVZJNdW9rb-FCpC6Q_HyzAdPYoBRngqeDeYfNCHhkQdrkSA-x4blViscDZTB98Ojw0C2d_-_V3faelDF7KSogpnfIS3nfh2Ix73w-hHerF8HRaoKZNk7QWtjzITgIEmB1gwsbGKruJiL3qt-NfPx_Y9Qw0tM2lCqsIA_PcDN7Y084BfCiAJhwiNG_nyGNjkX-Z1dfNywW2QPmvwUqksE9eNyNlZajjIO_81K3SsXnDzAycHLp5UCtKMf8ZTbTZlgM_SnILmMfbhjCpcvhrHyo5wKfQyxaLgcxduMegSeKZHXMC8Yf_U5A4zTCxoVmoiIpdFs9fG2R8vpf28pnJF9xXY2E-ajEbOM1r4r6qvVqhBEgkGdnYfAh8RKvCSxQ7J5_IvNvXv_GdOxFV-xii_EqDF645GLBHJAf2xnAvU6sfxvzLW5tfdpseRLn2t6Y775YLecSTAud0uZaBDSUA05ZxL9RxKjhaLACEdMafGPSAdsWfAlv13IJMGnMjpt_0RtDu2OI5T2b7YZRK1IX8Gm6RMUZjP2a8Esp7YUq2C0FQ1G-_koOpU-ihyXN-uW0pqNrewxgB6dPbOHy4vZNThjuw3KvrALmlO2BkjFXYKh33c1WNa7NFRWJgJpxd1d_q6prg6mxDjSqInw4Nlz_9Es8acW5giQYtQKuRzhzZ2N1JGQwMZZWl8MoHHkgluhbOKtQ5VtNITjpCO4-dRzogjGMtHrBr__DOd6MDucafus0bqt8DXznC4NvMNpkKlkm1s7E43ZMbqzXVr57LPwo2KgZaQMCwZB7o8gvnd7cEXeTRH_vS05D_a4Ron6qiY4IVewtvwUaE52sR3uRckTBIboed7TNkP3dADdy2OySbUL0VJCPmrjSQIc-GyuAe0mCI59MvGCy5hNpXt_iSwOxMMtYk5FVpzM4mSJdgkdwEv6fmJ-XTsupUUSDoYijvg0UgyOtiB1TBottBffxa1USdZ4ieb-4I22ToxVxRnvUgiGlV53T724lmAl5U_4fUaZbvjwyZgnm_dtLouc25OMoGCb0Af8WZvws9DeiGdLeakNLAQvVbqfDS1PxaJ0LoBuItVG81PAVLy8eb_zWjeCCZKMB8i9z-VrYUYMqa5jIP57_eiUlIUKjzIhASiniGs9QLAbldNnty5MF3kYzjPwn8y4iAw80N3WLXccZ78BcpDJ7Cicedto0o6m_x8DFQ78hipuC_2M2gX0BW93NaG7SjgSGho-fUl7_9L3fXFfBq_hbqhd9aYdjRRM9rgdz1gufyBmNfyTb2FTnWpBEnpBsVy7xYt8Owj5pJlghBOeD2me2dD2E_NyRzb7kGi4qDWHFPVeTyrbY_uDgM8xw7pOHyR6soVqgcTJTnGK2xPilYyks_2eT4I_0825FPP4CCH7h4yntnm8Nt0GrdO9OGz4GMhB2FhO06VGHkx0t7KysY6CKS0ECgVJFYjAtZS_jxiBx63wIZ6bBQoqFl4LXcvTAM452kT0IAz7RvgxB8rzutKPFJJoi7j6LLBPKitDM1BjbmLazK5IUvd-DgyAGqpXRZs9AlsupU8HYtyEu9ns5uMb1qJhJMm1kvr3UoC262nuIv8ZYrvJYVnsBCnENIMI46pMwmcOOG_fx45gdrJYOYHlBr4cE1VpvbWQOyM6lV6lz2iJ1SrtYuz-VSfOQ9cn5fWlM-jbtR_5dy-H4TibC4zNMy3IAGialweu7JkB2lzzTeEMSJFmPEPFfnkezw-AO_zYTaI8Rg0XHdI2tx4xZPzzVtMq1Po7gPaHaQa6SlBrT-KxPMqaG1GBmq0qp5REjc7vWLSSWTNM-kxNA9cU2BVf2o-X1xZ8M5A6vp-Jccl3zXfkwnpnPA34M1nghFYTQGFj71PYihpjcPdOLBUgN8VBRFryHtihQtK-A0irV80q1VFkXkZ42CKy8B4a_UPVFPWPTD1hzzndiqCu78qbTcIS-tRO8dFC0Wpig-58nPx9jhLUHt7YF9eIOmDqIY_bu46zAefvNP6l_HHOLs78nhVhP3xRcJHUqcvETniKbOTvnz60fgOF0xUARLLk7eBBIY68078bjBo_1UZiWqXijWwiiXMDVYV1EXpPiQETAo4qEAho3M3gEJVxDoIpTBOMhIcQWJnN1jByRWW8DY1XIWX-270Mu1C6iYsRdru0sU8GmlUMMVHxQZ08NIgI9D0gaWCRxhP1ZP-m_dF0TJfX-AY16n3KKs4T2COrfBAHTcLlysKlTqmZ4MbYk19o97bb1NsneWXyO53hycDIK3A-OOuwdUxsyGMijkSzQYy8CvHkHiH8RMY99JFY7l5cvizs73kAlNcxS6pB8fqlh830pF45JlJ9VMdKepJHn_-mE8VVAnceSW6MLYD7nscBrY_vqLeF-_ZJw3HvrkgJIgRkHiczbdDhgKWaXmVO01eGtXqo4qIghvyC8AzB0018XWgu7v0Dw413lpo16edP3wdmr6inHxI3hm2RQdLPp0iZOkMFL6jvSheLeOv0eWc_5Sbdm8sPtBDvmSNciIlLmdmn6OTbjNqO40f97Ad0-RjYSdhTVp9s4mt_3v4qUx0YKk5E5VI2ePBp59a1enH28zL0IB4aE_AKCoNCcvkVhYZRugCgmgTCrrk_n1_awCeN9WFra_yuBZcMy33FfhoI8V_cqyamIdGJ9_sIBAYwTZnUtlXxQNEUj-TCpcBp91wRqXx6w2LKTpW6GUp_NFSbFT9I32ek9kB2NgnqKvWnWKvmgu6_NP14YKJopQjzhm0zmkWP3x0VOdw&cid=CAQSTgAvHhf_C9m2ttAdYO3mUymr6sxrzeUsQOVBf4aJ9XIC_UU3JiZ8XpqIiHx8BwPGfSoV1xuqaTdydmPwnUniF7PCpeEUIOVln1IHtKAv0xgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Flelive.weebly.com%2F&ds=l&xdt=1&iif=1&cor=11917634550238618000&adk=3944675603&idt=142&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a19322964cc86a29d7090a60d9703c044d641eeb2a0d1afcd121e273caad22db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1705118807&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807432&bpp=36&bdt=1139&idt=281&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=4&fsb=1&dtd=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13593
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame DAB1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELPPMJblemtg8W12jAllB6s&google_cver=1

43 B
105 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELPPMJblemtg8W12jAllB6s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiP9b7cATAB&v=APEucNXE21CmRWMpsfcbaUiYrH-Lx1anZ-E_kX6i-EJyrCe2JT-hxRwWO1ACHW8Rs_VIabl1UVtxKEDGCxUNwYg5H_nOxgZ563cV2Cfl_NIxUYAoLAQVBJFz__DJfx2m9JXjklbnXud3BSL8b43IslhRW6zVFL2p3tm7K0Cu0ia8VZruk0nC4h4
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELPPMJblemtg8W12jAllB6s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame DAB1 43 B
295 B 52ms
15ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiP9b7cATAB&v=APEucNXE21CmRWMpsfcbaUiYrH-Lx1anZ-E_kX6i-EJyrCe2JT-hxRwWO1ACHW8Rs_VIabl1UVtxKEDGCxUNwYg5H_nOxgZ563cV2Cfl_NIxUYAoLAQVBJFz__DJfx2m9JXjklbnXud3BSL8b43IslhRW6zVFL2p3tm7K0Cu0ia8VZruk0nC4h4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame DAB1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMR9VIWRhXVoulKcBwBEwME&google_cver=1

23 B
163 B

53ms
36ms

Image
image/gif

104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMR9VIWRhXVoulKcBwBEwME&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiP9b7cATAB&v=APEucNXE21CmRWMpsfcbaUiYrH-Lx1anZ-E_kX6i-EJyrCe2JT-hxRwWO1ACHW8Rs_VIabl1UVtxKEDGCxUNwYg5H_nOxgZ563cV2Cfl_NIxUYAoLAQVBJFz__DJfx2m9JXjklbnXud3BSL8b43IslhRW6zVFL2p3tm7K0Cu0ia8VZruk0nC4h4
Protocol: H2
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 13 Jan 2024 04:06:48 GMT
pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEMR9VIWRhXVoulKcBwBEwME&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame DAB1 23 B
163 B 71ms
32ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiP9b7cATAB&v=APEucNXE21CmRWMpsfcbaUiYrH-Lx1anZ-E_kX6i-EJyrCe2JT-hxRwWO1ACHW8Rs_VIabl1UVtxKEDGCxUNwYg5H_nOxgZ563cV2Cfl_NIxUYAoLAQVBJFz__DJfx2m9JXjklbnXud3BSL8b43IslhRW6zVFL2p3tm7K0Cu0ia8VZruk0nC4h4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Sat, 13 Jan 2024 04:06:48 GMT
pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3 200 www-player.css
www.youtube.com/s/player/80b90bfd/ Frame 8274 358 KB
46 KB 6ms
6ms Stylesheet
text/css 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 22:58:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18487
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47453
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Jan 2025 22:58:41 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 8274 52 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3401b7cf66d3054cd4e206cc8eb15fc6526750591846b9947baa655fc940d910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:24:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 243710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16447
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Jan 2025 08:24:58 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/ Frame 8274 323 KB
97 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 01:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98905
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 01:59:45 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 8274 2 MB
770 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b41e9d926f671cea3deb26ad3ddb93ae28ba5eca5f299bea5a59b482fee3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 13:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788283
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Jan 2025 13:10:09 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D6B5 0
0 44ms
44ms Fetch
image/gif 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstLIwh0-uv8nNwDBHscxmq200HP0mBOt1hB1P3PxFo389Bz5N40N9ra-vbslC0erLbaTtPXAjrzoEvocv7kAsnVYAf0mhufXQPxR0WDnqDhs2Jt-ZaJbXs8OU2MrPJBz5QhwIGYY4t2PVRsZPVdOdSTg7pCWvm07TvPlKIJ5ZlR0RIwwCKkv7stEoRdFbDzCz2ZwLlDz9pP13-K3ZqOcwNw_MCys8EPdOSg4VGoALJeCo4kMG7XaWRHZAlwmGYSTnsZRcPqgakuLj_N6YZd9xgmuum3itl7rJVjPhd-GU6Z97rZjUISoWX49QWQdhttE33oFcyOeg2vqY7reu_WKWY9UxRwnTFgUGuTuQYSb5I_bl5rmB4KYWukpaRQbg1ulvyAwgxz_IZj4zrupEd2djWaGLUFNvqmFmFKSbmNzMxFQVEtJevgG1S4HmozT4NRtyhGhxzo-1lhf7g8V3G9ji8o8QwwJcefh86rvv1ARC1W9LIUmh-kJYShB_ZsSWn3aP6a2VJYoJls4tru2Mt87i7Ec09PGM_Y_3-FJEYqf4bRmc4ows4IcwgZcB0CC8JRvlbAB4_MpMNgmGVZhngeUkhj-vooKEXfr5-pV5OEwGv_0mawNarOMPfXX6a4AsbwymOKLZzPH-WokvTSZkYcdy0FoxSXTaTZcNmicXhhfk4M0Isi-2ieyjkyqLxllBPDa3Mn_tMTR_tc3eKHyDU4f4if9afUUKxYHVgOKuYC52tDksxirnMuAnf-B_8msaVLijn6VNMdzvweNn5WmskEiq3dnJRvaSNvDsMEmRvMLJ6ZzqaR7lirxDPFfHZbxukOVrZaiPyOOHD4IEjzUnrTI-hnPyUlPnTLFuSzMC-rkzhTCrn0A-Y4niIYfG-vPrhsZuJHk-X8_RkGFtrbN1UsVLMC4M2vhYtXcz63zZS2Jys7n0jaSug1wwzExMQmekfyVeOcD-vNUnw1HNQf-kZn6H_D5YwIIiq4NKZyO7r70FtciLK6qpeghc7WrmMqm855jcbgOe-K7wHEi_xPMQv7HRuv_3rcUw3FlKHBLZYwiAnjQ-mICPU59NlwEg4-9X0LaK3i3mmh5ZVRyPRevNr-0kRphp-wF1Fkm7Likp_8vg6RJQdRTP8Hdd07gca6huYmd_CRatA7Rm1SAe7gC-FfB5XZFG-tcsH6xJLWDhyqZGJk9uExm6Y_F-rnP_B0ZoaFBYntvqnd_TGpSOUbOjjfJr3CYatXHvFiyslfcREb0533tilfGg4eQsLztkzLDDOIcQ1bI2Vl1xGQXINhsPZEebrYYApNqsaADZgWNkoatSWVkHs95aUEM2pBATVBC-l4pDreQ9Hr4nYrnPthQCpNB9yQLRmJVOoVyyAwv94ppoOBwCp9RwrcVchta8wsx8PGMdSU0ioIJo0dis_o&sai=AMfl-YRI5v8P_JAL05420aNxN47cMoPTYpOrkNDv5t8EUt-cTNT_7LmmeCNoz7hPs-cowrqMcZtvekHoL9_K0OEJtwjrS13xRlnG5IqA0Ryr6o3xw5a12Ks9r1YuyrndsaLbIXbrx7NNn4PDrJq_M9emUbw1LFhu2PagBAPZot0q7RiOiaKspqa6C5ipCE5GsBSqdW-cl6WECt_WUzPXD-DXTZpoXM8RgQRmz8vdpdBW81fgsJrkWRGNv-QG2hLQV-Lf_Xc0VmIqsCjUjmBW3QU_J3xMNhn3_cZaeyvb66vYLGEsECWi1JpcFNEh53-nt-wQ1uvIxUYtZtB_CmK6qqVSAon5c3FBIKsFEMKaLDx8f_hapD4SCmi9BUAbRzQWFqcJEoPmC3a7YHAGlNIwChXkX1IggyuaK2aL88ZPcN1MT0Ccg1wl72mwj9LPv_1N9cdlU96E0fs_YRjDNPPKHEuDAH4nOQ3bCAkNevzaTJXh9TDfOg65nrHO5IYZ_DmNF5DmRFBqyxWIFbyC&sig=Cg0ArKJSzO9bvTlEqsHDEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maXZlcnIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=165&vt=11&dtpt=164&dett=2&cstd=0&cisv=r20240109.29036&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6675 38 KB
13 KB 8ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14158
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
14ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 13 Jan 2024 04:06:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DBA3 87 KB
40 KB 22ms
21ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1b6fdc96d4b03543bb763c33a4c5339bd417864567c30cb80d09c934871db6d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40593
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame DBA3 117 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b6c8a53cb4841326e9fb05b33f3aaead9cc0eb705c4de88d717bb15da0d7993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33877
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 04:04:51 GMT

GET
H3 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame DBA3 50 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 02:11:09 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/yV8FdhSmz2Y/ Frame DBA3 153 KB
153 KB 127ms
125ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/yV8FdhSmz2Y/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGEEgUihyMA8=&rs=AOn4CLDWJ3uFCGLCVxIAFT4xaUH7RDaa4g

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6a292094eb84a9196e1e8aa4f09104f08848ad4ba6001ad1157252f1ca81b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156329
x-xss-protection: 0
server: sffe
etag: "1633922984"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 13 Jan 2024 06:06:48 GMT

GET
DATA 200
OK truncated
/ Frame DBA3 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AIf8zZTx5xLO6cuwGaj4TfYYnxLEkCHW_aFeUqVk8lGQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame DBA3 3 KB
3 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZTx5xLO6cuwGaj4TfYYnxLEkCHW_aFeUqVk8lGQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

974a2523a3ada9ff6508ade39f9f33bf6d01596f61b047445b650409defa1e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2924
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 14 Jan 2024 04:06:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8274 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 426898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 05:31:50 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8274 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 327454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 09:09:14 GMT

GET
H3 200 core.js Show response
widgetic.com/bundles/blogvioapp/js/editor/ Frame 35B0 21 KB
6 KB 13ms
13ms Script
application/javascript 2606:4700:3033::ac43:84fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/bundles/blogvioapp/js/editor/core.js
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:84fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 320242e458ff727cf119b25be7eed579317dad053ffe30beb9ca473f9c2eaf8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80881
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 5959
last-modified: Thu, 27 May 2021 10:10:28 GMT
server: cloudflare
etag: W/"60af7014-5464"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZSKtXPbF08VoCrCpQXLs6uPxqFtcjZClW4VIrhDCNXBYuqpSlEjaoRvk5PqwkrypwZrD1e51YtGtDL6XhjVTOagbhxvILPzsMoj3E0klXl4mvqJ18s2Fq8sECBTvJdr3CNhr6RuWy2FD%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 697666193
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 844ac4c82e7f37e4-FRA
x-cache-hits: 0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Jan 2024 03:49:56 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1012
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sat, 13 Jan 2024 05:49:56 GMT

GET
H3 200 snowday262.js Show response
cdn2.editmysite.com/js/wsnbn/ 73 KB
26 KB 7ms
7ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 22, 19071
date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 760634
x-cache: HIT, HIT
x-host: blu78.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
x-served-by: cache-sjc10061-SJC, cache-fra-eddf8230070-FRA
last-modified: Wed, 03 Jan 2024 22:06:50 GMT
server: nginx
x-timer: S1705118808.355270,VS0,VE0
etag: "6595da7a-124fe"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 18 Jan 2024 08:49:34 GMT

POST
H/1.1 200
OK / Show response
lelive.weebly.com/ajax/api/JsonRPC/CustomerAccounts/ 375 B
748 B 235ms
234ms XHR
application/json 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: Apache /
Resource Hash: 8bc12ea7d68fffddf5dc2f7ac10a44c78087b1e7f7fe046fcfb7d3c77198d3f4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://lelive.weebly.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sat, 13 Jan 2024 04:06:48 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Content-Type: application/json
X-Host: grn103.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=60
Content-Length: 375
X-UA-Compatible: IE=edge,chrome=1

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame DBA3 90 B
134 B 17ms
17ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1cab42efc65e3c8278a4a4386c7076455f9b3a3b28666342b545b5d489141f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8A1A 41 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DLQswXFEk6LTgSr1bPNaeXpCz1uBfqimBj4ba7Un0Y8Ic9o74CErMgGCho06gvi-aSLGOLMr9RLKqYDlfh77ENBzsp8pGXfcvquitUji6RXQSVdpNy9VoZNvEptOgH8eJ-pVfcmHk_Vc32MVwwBd7KdAT1xd5Zg3AufhMBuY0mEOJUXk4&cry=1&dbm_d=AKAmf-Dap8wxPjyRL2WOv5RwbSB7YCrZmBzDRfZ-_KQ1kn02IvjL8y2nECcV8C5V-FgvkdYjvhWO3naWjELQ06H31HvdAoP9LgmE4SJguR17rePVg-paQ1_ltaunAULIElsr4Oo8e4dIwX-hyzoun90PaI9Vo_ALEYyA1lkrWB8MKlJ5OoDB6iv-3SdQ8iJrHTGD0uKgHt6zAMchWTIiqnq1CoCKHht7Igm-zr7eBJAzHFJOXuXczg1P6sV1pkaXo21C9_AR5nWDMXZjVl3Ctk536yvTGyWKjuDeIHd54u14dYwxPjlulPPmplNGM0ArvyV0e-J1xYVjejiQzdeYBU_obT1wEMDbHz3E4S3GAAbDKBL8HuC3yyIkI6r0ezYx2S7kjKJ6ny62v5d_V3lDFwyMu44gBxOg93zBhMENQRSGrIy8sTI89eQkTOsN2AuZaDtec9p7yP92xIo2jK0iSI86CU6ambWKnUUqZp5jHRqGB3NkHEwTbikSnNDEzP2XWh2xwf6-UBjKMG5uVeJPznO_xykdpER3HWywU2iUWqf5goXpaKyES-aTnm3AvKiGK7TKlIFNnjqR29d03YPz3R2xm1NW1V3BaJ5H5zxLgeVPXkQbl2CFOroP7RXSb4KptP-AkQrIJL3Fx1eChUuX785D859H4A64_5HXF8GTp3gYfIbX7nhcXAQl0hB8TGQxHowkCMgUKJmkXHeDAzCl77fuq3vti-_MGxjIyJaDxt458y9e0dlqxZlHOaQO7mNGXPctP4nI3yiRk3-TlkTe8OPrQS1vYMRPU9Wor3YsnAM3PPZxAu56IZjboJaL87SuqfCv3CDxHhBmgOqp3_tJLZw0LhDOpiWq0GcIPjbhxhBO_xYVlGfAxH8hm6FqxuT7EqMDFlLtPJBBkfUf9FE0k8J3viIOPRl70K8n7NkDYXaON87LuYjnAKOP5utTOgTiVnOmXaFr8rb3wYC7_TdRW7djyjT3l0p122ZXLHpH7CJbrlSuM5hIM0Fvs7iU12HquNmyFg0iwjtpDLxPfXbTUIUePnhcM1QNLOvJroOiY--iYfwXFkkcDxBrGra67PGgxyaq-ZkWHx3PVZJNdW9rb-FCpC6Q_HyzAdPYoBRngqeDeYfNCHhkQdrkSA-x4blViscDZTB98Ojw0C2d_-_V3faelDF7KSogpnfIS3nfh2Ix73w-hHerF8HRaoKZNk7QWtjzITgIEmB1gwsbGKruJiL3qt-NfPx_Y9Qw0tM2lCqsIA_PcDN7Y084BfCiAJhwiNG_nyGNjkX-Z1dfNywW2QPmvwUqksE9eNyNlZajjIO_81K3SsXnDzAycHLp5UCtKMf8ZTbTZlgM_SnILmMfbhjCpcvhrHyo5wKfQyxaLgcxduMegSeKZHXMC8Yf_U5A4zTCxoVmoiIpdFs9fG2R8vpf28pnJF9xXY2E-ajEbOM1r4r6qvVqhBEgkGdnYfAh8RKvCSxQ7J5_IvNvXv_GdOxFV-xii_EqDF645GLBHJAf2xnAvU6sfxvzLW5tfdpseRLn2t6Y775YLecSTAud0uZaBDSUA05ZxL9RxKjhaLACEdMafGPSAdsWfAlv13IJMGnMjpt_0RtDu2OI5T2b7YZRK1IX8Gm6RMUZjP2a8Esp7YUq2C0FQ1G-_koOpU-ihyXN-uW0pqNrewxgB6dPbOHy4vZNThjuw3KvrALmlO2BkjFXYKh33c1WNa7NFRWJgJpxd1d_q6prg6mxDjSqInw4Nlz_9Es8acW5giQYtQKuRzhzZ2N1JGQwMZZWl8MoHHkgluhbOKtQ5VtNITjpCO4-dRzogjGMtHrBr__DOd6MDucafus0bqt8DXznC4NvMNpkKlkm1s7E43ZMbqzXVr57LPwo2KgZaQMCwZB7o8gvnd7cEXeTRH_vS05D_a4Ron6qiY4IVewtvwUaE52sR3uRckTBIboed7TNkP3dADdy2OySbUL0VJCPmrjSQIc-GyuAe0mCI59MvGCy5hNpXt_iSwOxMMtYk5FVpzM4mSJdgkdwEv6fmJ-XTsupUUSDoYijvg0UgyOtiB1TBottBffxa1USdZ4ieb-4I22ToxVxRnvUgiGlV53T724lmAl5U_4fUaZbvjwyZgnm_dtLouc25OMoGCb0Af8WZvws9DeiGdLeakNLAQvVbqfDS1PxaJ0LoBuItVG81PAVLy8eb_zWjeCCZKMB8i9z-VrYUYMqa5jIP57_eiUlIUKjzIhASiniGs9QLAbldNnty5MF3kYzjPwn8y4iAw80N3WLXccZ78BcpDJ7Cicedto0o6m_x8DFQ78hipuC_2M2gX0BW93NaG7SjgSGho-fUl7_9L3fXFfBq_hbqhd9aYdjRRM9rgdz1gufyBmNfyTb2FTnWpBEnpBsVy7xYt8Owj5pJlghBOeD2me2dD2E_NyRzb7kGi4qDWHFPVeTyrbY_uDgM8xw7pOHyR6soVqgcTJTnGK2xPilYyks_2eT4I_0825FPP4CCH7h4yntnm8Nt0GrdO9OGz4GMhB2FhO06VGHkx0t7KysY6CKS0ECgVJFYjAtZS_jxiBx63wIZ6bBQoqFl4LXcvTAM452kT0IAz7RvgxB8rzutKPFJJoi7j6LLBPKitDM1BjbmLazK5IUvd-DgyAGqpXRZs9AlsupU8HYtyEu9ns5uMb1qJhJMm1kvr3UoC262nuIv8ZYrvJYVnsBCnENIMI46pMwmcOOG_fx45gdrJYOYHlBr4cE1VpvbWQOyM6lV6lz2iJ1SrtYuz-VSfOQ9cn5fWlM-jbtR_5dy-H4TibC4zNMy3IAGialweu7JkB2lzzTeEMSJFmPEPFfnkezw-AO_zYTaI8Rg0XHdI2tx4xZPzzVtMq1Po7gPaHaQa6SlBrT-KxPMqaG1GBmq0qp5REjc7vWLSSWTNM-kxNA9cU2BVf2o-X1xZ8M5A6vp-Jccl3zXfkwnpnPA34M1nghFYTQGFj71PYihpjcPdOLBUgN8VBRFryHtihQtK-A0irV80q1VFkXkZ42CKy8B4a_UPVFPWPTD1hzzndiqCu78qbTcIS-tRO8dFC0Wpig-58nPx9jhLUHt7YF9eIOmDqIY_bu46zAefvNP6l_HHOLs78nhVhP3xRcJHUqcvETniKbOTvnz60fgOF0xUARLLk7eBBIY68078bjBo_1UZiWqXijWwiiXMDVYV1EXpPiQETAo4qEAho3M3gEJVxDoIpTBOMhIcQWJnN1jByRWW8DY1XIWX-270Mu1C6iYsRdru0sU8GmlUMMVHxQZ08NIgI9D0gaWCRxhP1ZP-m_dF0TJfX-AY16n3KKs4T2COrfBAHTcLlysKlTqmZ4MbYk19o97bb1NsneWXyO53hycDIK3A-OOuwdUxsyGMijkSzQYy8CvHkHiH8RMY99JFY7l5cvizs73kAlNcxS6pB8fqlh830pF45JlJ9VMdKepJHn_-mE8VVAnceSW6MLYD7nscBrY_vqLeF-_ZJw3HvrkgJIgRkHiczbdDhgKWaXmVO01eGtXqo4qIghvyC8AzB0018XWgu7v0Dw413lpo16edP3wdmr6inHxI3hm2RQdLPp0iZOkMFL6jvSheLeOv0eWc_5Sbdm8sPtBDvmSNciIlLmdmn6OTbjNqO40f97Ad0-RjYSdhTVp9s4mt_3v4qUx0YKk5E5VI2ePBp59a1enH28zL0IB4aE_AKCoNCcvkVhYZRugCgmgTCrrk_n1_awCeN9WFra_yuBZcMy33FfhoI8V_cqyamIdGJ9_sIBAYwTZnUtlXxQNEUj-TCpcBp91wRqXx6w2LKTpW6GUp_NFSbFT9I32ek9kB2NgnqKvWnWKvmgu6_NP14YKJopQjzhm0zmkWP3x0VOdw&cid=CAQSTgAvHhf_C9m2ttAdYO3mUymr6sxrzeUsQOVBf4aJ9XIC_UU3JiZ8XpqIiHx8BwPGfSoV1xuqaTdydmPwnUniF7PCpeEUIOVln1IHtKAv0xgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Flelive.weebly.com%2F&ds=l&xdt=1&iif=1&cor=11917634550238618000&adk=3944675603&idt=142&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 20:07:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 20:07:48 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTExODgwODI2ODY1MQogIHNlcnZlcl9pcDogMTM0MDU4MTg3CiAgcHJvY2Vzc19pZDogNjcyMjYwNDAKfQpmbG9vZGxpZ2h0X2NvbmZpZ19pZDogMTE4Njg5NDMK...
ad.doubleclick.net/ddm/activity/ Frame 8A1A 0
596 B 45ms
44ms Image
image/png 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNTExODgwODI2ODY1MQogIHNlcnZlcl9pcDogMTM0MDU4MTg3CiAgcHJvY2Vzc19pZDogNjcyMjYwNDAKfQpmbG9vZGxpZ2h0X2NvbmZpZ19pZDogMTE4Njg5NDMKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTc2Njg0MDk1MTc3NzYxMDQwNjYKZGVidWdfa2V5OiA4MDU5OTkwODg0NDAyMDczNzAyCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMS0xMyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc0ODQwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMDg2MzgKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xc9660b809db0c3e80000000000000000","13":"0x39618bd77c528c060000000000000000","14":"0xaf9854490562e68a0000000000000000","15":"0xab989c8ed482c0550000000000000000"},"debug_key":"8059990884402073702","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"17668409517776104066"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 24C3 50 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 13 Jan 2024 18:16:11 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 2428 50 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 13 Jan 2024 18:16:11 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B1C1 0
16 B 18ms
18ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&adk=1812271804&adf=3025194257&lmt=1705118808&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118808437&bpp=1&bdt=2145&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D482594ecf4059e21%3AT%3D1705118807%3ART%3D1705118807%3AS%3DALNI_MY1NxPkLgaWQaJesmeZLp8FPY2fvQ&gpic=UID%3D00000d40837e7a92%3AT%3D1705118807%3ART%3D1705118807%3AS%3DALNI_Mbw3RC9pVgYUeHgEn4FKAPluw1s3w&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as%2C728x90_as%2C468x60_as%2C468x60_as%2C468x60_as%2C234x60_as%2C728x90_as%2C468x60_as&nras=1&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&psts=AOrYGslP53SU3kHd5VdXfk3C3xmIZf4-DQ3cF60UD73UhFH_cfsdpDtSNR9NlonobG9qJSYwUZxpazWyLWKnmXDPgCfnOpTa&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=15&uci=a!f&fsb=1&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 free-footer-v3.css
cdn2.editmysite.com/css/ 3 KB
1 KB 7ms
6ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1705097857
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 251a983a1b4b2cc76542aa398ae6b3499978a788860b54a8081d35d7a843303c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 2, 59
date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 20781
x-cache: HIT, HIT
x-host: blu120.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 886
x-served-by: cache-sjc10025-SJC, cache-fra-eddf8230070-FRA
last-modified: Fri, 12 Jan 2024 22:00:15 GMT
server: nginx
x-timer: S1705118808.449310,VS0,VE0
etag: "65a1b66f-a49"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 26 Jan 2024 22:20:27 GMT

POST
H/1.1 200 c31f92a57d Show response
bam.nr-data.net/1/ Frame 35B0 40 B
400 B 150ms
115ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/c31f92a57d?a=20304440&v=1.250.0&to=MlwHMUdRW0FXBURQWwsWJAZBWVpcGQdAUGsTCzoCUERqUVkLQFZHDE0MCltvUF9UA1Q%3D&rst=1150&ck=0&s=fbb2b1a8a8148e3e&ref=https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html&hr=0&af=err,xhr,stn,ins&ap=48&be=289&fe=530&dc=125&at=HhsERw9LSE8%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1705118807301,%22n%22:0,%22r%22:0,%22re%22:158,%22f%22:158,%22dn%22:158,%22dne%22:158,%22c%22:158,%22s%22:158,%22ce%22:158,%22rq%22:159,%22rp%22:290,%22rpe%22:292,%22di%22:414,%22ds%22:414,%22de%22:414,%22dc%22:819,%22l%22:819,%22le%22:819%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=405
Requested by: Host: widgetic.com
URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee

Request headers

Referer: https://widgetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://widgetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230105-FRA

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 8A1A 11 KB
4 KB 55ms
14ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1705118807729058&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUZ6RVwyiZeK_LIDv9u8PuduNuA-m5b2gaYWVnKfJD_AuEAEgsqHeeGCV4pCCoAfIAQmpAj0HElBUY7I-qAMByAObhICABKoEpgJP0JyDYKiZ69r1AS9JA8T44uTOfIDnpc_Ezt8utTes_mZEq28PbRI5rk5sjpXtIpQSR7Y56QAAoZqd06AhrD71_KFtjqrQTqX5gpdkQTr4Br5k148wFKi6ns2YYh0dKmguas-COQ1BXSDnKbI0pQ_RIrcUuX8twhlv9YbELNBuztkYLawbMY7OxXHr48ENRo-czL5uHZBfiQEg2p13-UMKtlfXLapSRXG8pt0A6j3EVdUsedSCmzYM4Op4knkJJ4-VW_Rk8mmNwxpcyZFC9gsWcwQnyl3NEvf0ilsGISM85lVUFAUEd85-DjdUxjtHK618Wl_9VoSBkSNckZ72L1GZ1Xgo0BQDCv2SQ9fV3N4HFMq5HobW0vs6i5bmSbHZPkLRNTzRFt_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYv63Wxr7ZgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_C9m2ttAdYO3mUymr6sxrzeUsQOVBf4aJ9XIC_UU3JiZ8XpqIiHx8BwPGfSoV1xuqaTdydmPwnUniF7PCpeEUIOVln1IHtKAv0xgB%26sig%3DAOD64_1u62q-E9nAHDo0UiQPdFOyrsg9iA%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQJoXBfQxZE4TeIr0BHF5uFMKX4coTJJ-plxoLJojNNJDfL1KKKeuxW4DoJbal0bej-3Dc0t-4ySdVH-4UjcKxWDtz_uFKA02G1KIPAokGaJxmZdxOuNAh6pV922o88s38d6-JdN6K6ITuzLFlKenwh7GHFP5uCMTbBPOQ_UioK4aR5Es%26cry%3D1%26dbm_d%3DAKAmf-C1T9t7mhsS_KP5NOYfBOWlPt1mrXvtEkh39iEJN9u6I4Doh2FGtYbtLmL1K9lsJGQ3rwyeB0obzhWJHZoTYKHIMqkblLz7QPadvRK1S4UY3iGZy7oghPlepnJ3F1bs5DguHggOwq9NuLJuD7tr_9kljv6OkQlnvZNQGJdSQABkehvf-hTzuZd19pDiWMjYIRPZxSzwx53Bd5IYsi345GKRcgWSKs4Fe4U0KCkpxO0tvtthMm9HHDA58dL-_773zyV_zupzDh5fewdPzrpcj1ZjN7iomKVWi4bigGzgeRxREDmsQGC3k_RRhND6PNdYESD3lJsUhFlGHsYtCHodwOrUPQyOAbI5n-0Un86kFhdyVyIGCQXXiYHoVlP0Z5UOOLDAm_KW5Ye7fT2wMSRI7HF7nVfqn9chyu4oOYfwpDEwqDB3iQlZpTFHONT_f1Z-zT3V22GfQhlIiMN4V1UidnlxBEPJp2jquuJMD7VbsZtQaxcdnlFNgjypTAmAE5AHiS_nZp7zDTyUKf0hHsSF93OsZ5lRcQ%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1705118807&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807432&bpp=36&bdt=1139&idt=281&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=4&fsb=1&dtd=283
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: a8087c5c4664c741205200f5e4fce9de11b9844291b609ba1752fe8d1dc0bc62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4196
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6ELBCSBKW3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131254328-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c1e77bfe3f47e0948ba01d19871d90790115ed0db3763b6f4cf7f3f03da769e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79896
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Jan 2024 04:06:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131254328-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Jan 2024 03:48:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1113
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 13 Jan 2024 05:48:15 GMT

POST
H/1.1 200
OK / Show response
lelive.weebly.com/ajax/api/JsonRPC/Commerce/ 2 KB
2 KB 431ms
409ms XHR
application/json 199.34.228.53
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart]
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.53 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-1.weebly.com
Software: Apache /
Resource Hash: 72c08283066d0cfa8e04e210801ea9d8f9975cc7f45f77c16c3085f246424378

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://lelive.weebly.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Sat, 13 Jan 2024 04:06:48 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Content-Type: application/json
X-Host: blu9.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=69
Content-Length: 2065
X-UA-Compatible: IE=edge,chrome=1

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 13 Jan 2024 04:06:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 8274 113 B
159 B 17ms
16ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6d7b42b04319e2d2016aae8f9fd62562a9aefcfbb70a4bff02a2077ed8a0ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 8274 29 B
54 B 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:02:18 GMT
x-content-type-options: nosniff
age: 270
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Jan 2024 04:17:18 GMT

GET
H3 200 sqmarket-medium.woff2
cdn2.editmysite.com/fonts/SQ_Market/ 30 KB
30 KB 8ms
8ms Font
font/woff2 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/SQ_Market/sqmarket-medium.woff2
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7

Request headers

Referer: https://lelive.weebly.com/
Origin: https://lelive.weebly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits: 1, 5721
date: Sat, 13 Jan 2024 04:06:48 GMT
via: 1.1 varnish, 1.1 varnish
age: 402065
x-cache: HIT, HIT
x-host: blu72.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30768
x-served-by: cache-sjc1000119-SJC, cache-fra-eddf8230133-FRA
last-modified: Fri, 05 Jan 2024 17:28:57 GMT
server: nginx
x-timer: S1705118808.493867,VS0,VE0
etag: "65983c59-7830"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Mon, 22 Jan 2024 12:25:43 GMT

GET
H3 200 logotype.svg
cdn2.editmysite.com/images/landing-pages/global/ 3 KB
2 KB 9ms
9ms Image
image/svg+xml 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/landing-pages/global/logotype.svg
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1705097857
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e8fce53e602b22e525d06ba31b166bb4ff461319bc9ae53caad095d185a4d15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1705097857
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Fri, 27 Oct 2023 05:02:23 GMT
date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
via: 1.1 varnish
age: 72919
x-guploader-uploadid: ABPtcPrbw-AbC4RwqUPtZ2B2M0xe3rGYFOaLqP-_394rFyodgYR8gzvONnEAvc_i7pqvvr0NluF8ScdvXgzXrDIfWwmk
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1488
x-served-by: cache-fra-eddf8230070-FRA
last-modified: Wed, 10 Oct 2018 21:37:00 GMT
server: UploadServer
x-timer: S1705118808.493887,VS0,VE0
etag: "bc61dcb431a14c508075eeff4f74523a"
vary: Accept-Encoding
x-goog-generation: 1539207420450301
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=vgUlyw==, md5=vGHctDGhTFCAde7/T3RSOg==
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 3507
accept-ranges: bytes
x-cache-hits: 371

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6675 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 16:01:33 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.16/ Frame 35B0 13 KB
6 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js

Requested by

Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:53:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 328400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5480
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:53:28 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 15ms
15ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 13 Jan 2024 04:06:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8274 86 KB
40 KB 20ms
20ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae869686825bfe691c59651f120721728a8c2b6e856578eaef7b23058e193c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40564
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/ Frame 8274 117 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b6c8a53cb4841326e9fb05b33f3aaead9cc0eb705c4de88d717bb15da0d7993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:04:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33877
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 02:46:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Jan 2025 04:04:51 GMT

GET
H3 200 UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js Show response
www.google.com/js/th/ Frame 8274 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/UhAHYkQc59SMm3ILQvX2LV9pHtXm_t6HT06w3DJ-zT8.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6939
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19757
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 02:11:09 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/StpFz8qbB44/ Frame 8274 173 KB
173 KB 94ms
93ms Image
image/jpeg 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/StpFz8qbB44/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGHIgTShCMA8=&rs=AOn4CLD8Upz0VHq7BCtfLlgnqjui5fLCVg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d92b423128d6db2e717ad525bbda8e0ae7a3f9ac71701ae75bb509332d0df68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177438
x-xss-protection: 0
server: sffe
etag: "1632976809"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 13 Jan 2024 06:06:48 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame DBA3 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 04:06:48 GMT

GET
DATA 200
OK truncated
/ Frame 8274 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AIf8zZTx5xLO6cuwGaj4TfYYnxLEkCHW_aFeUqVk8lGQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 8274 3 KB
3 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AIf8zZTx5xLO6cuwGaj4TfYYnxLEkCHW_aFeUqVk8lGQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

974a2523a3ada9ff6508ade39f9f33bf6d01596f61b047445b650409defa1e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2924
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 14 Jan 2024 04:06:48 GMT

OPTIONS
H2 200 tp2
ec.editmysite.com/com.snowplowanalytics.snowplow/ Frame 0
0 576ms
181ms Preflight 54.189.77.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.189.77.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-77-43.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://lelive.weebly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://lelive.weebly.com
access-control-max-age: 600
content-length: 0
date: Sat, 13 Jan 2024 04:06:49 GMT
server: nginx

POST
H2 200 tp2 Show response
ec.editmysite.com/com.snowplowanalytics.snowplow/ 2 B
322 B 548ms
182ms XHR
text/plain 54.189.77.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.189.77.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-77-43.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://lelive.weebly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://lelive.weebly.com
date: Sat, 13 Jan 2024 04:06:49 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H3 200 data Show response
widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed/ Frame 35B0 6 KB
2 KB 110ms
110ms XHR
application/json 2606:4700:3033::ac43:84fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed/data
Requested by: Host: widgetic.com
URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:84fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00bc898536e62eab25b322796c857ef52795743d66b8dda139ae8894dfe118e1

Request headers

X-NewRelic-ID: VgEPUVFVGwEAV1FWAwUH
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
xkey: composition:60eaad0decb2a1062b8b4569 widget:53f6253e09c7e204038b4567 skin:60eaae81ecb2a1c02b8b456b user:60eaac9eecb2a1cf2a8b4567
age: 0
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1755
x-newrelic-app-data: PxQFVl5TDwUTVlFRBwUDUlQTGhE1AwE2QgNWEVlbQFtcC2VOcAJHCwtYa04HE1FsRlY+BVJFaAULXEZcEQ8XC18MZwdVWlFWbAFYFVBDH1JKBgdRVlMUAx5VVlIACRtLVR0UB1dVUlIAUV0HC10AUFJdD0MdB1IOF1Nq
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPPPTfZkW6vdiPzGT0HGlhsE5X2QcY5aAzSD9R2sy7cf4eYyeY0oC9PYwYUo3yaiP%2FqvHjMhwYXP9brhW%2B9n6T4NXeYpgLtf19yMATBsY9cGYZjBjYVc%2FqAODgSPKaPtiO9gApT1nSB0lv0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-varnish: 235145333 260653751
cache-control: no-cache
accept-ranges: bytes
cf-ray: 844ac4c98f7137e4-FRA
x-cache-hits: 19

GET
H3 200 widget.js Show response
widgetic.com/widgets/53f6253e09c7e204038b4567/0eb36c7/ Frame 35B0 9 KB
4 KB 16ms
16ms Script
application/javascript 2606:4700:3033::ac43:84fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/widgets/53f6253e09c7e204038b4567/0eb36c7/widget.js
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:84fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 115f8c95a42cff5953894d4caebab4a0a743ece7b38f3a9b225d094eae5e37f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5187425
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 3304
pragma: public
last-modified: Tue, 05 Apr 2022 17:29:26 GMT
server: cloudflare
etag: W/"624c7c76-2492"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wahTUCAMokAVNEcxtAyAfMkEK3f9Sdn%2FRoq4AISNw1cYLKGfsMNlA2M5G95qyUb2OMOn0ZY5%2F2mmlBSqyJHjlp4Z%2B7ozVlCOecjSAJicgxgFjX9ocqJ95un6kkUSRFqyDWzS7zyjmepBmzw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 564434642
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 844ac4c98f7337e4-FRA
x-cache-hits: 0

GET
H3 204 generate_204
www.youtube.com/ Frame DBA3 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?YC_BUg
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8274 90 B
134 B 17ms
17ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bedfe637399b5cb2edd6d657ea884c8e5cb1bb187b76af8b75a5ef21e97c151f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 14ms
14ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 13 Jan 2024 04:06:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2BB6 38 KB
13 KB 7ms
6ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14158
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 00:10:50 GMT
expires: Sun, 12 Jan 2025 00:10:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal90003.redintelligence.net/ Frame 8A1A
Redirect Chain

https://hal90003.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=2c7a08a60f&subid=&uid=e0779d91ec7150c9&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90003.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=2c7a08a60f&subid=&uid=e0779d91ec7150c9&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

129ms
108ms

Script
application/x-javascript

138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=2c7a08a60f&subid=&uid=e0779d91ec7150c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUZ6RVwyiZeK_LIDv9u8PuduNuA-m5b2gaYWVnKfJD_AuEAEgsqHeeGCV4pCCoAfIAQmpAj0HElBUY7I-qAMByAObhICABKoEpgJP0JyDYKiZ69r1AS9JA8T44uTOfIDnpc_Ezt8utTes_mZEq28PbRI5rk5sjpXtIpQSR7Y56QAAoZqd06AhrD71_KFtjqrQTqX5gpdkQTr4Br5k148wFKi6ns2YYh0dKmguas-COQ1BXSDnKbI0pQ_RIrcUuX8twhlv9YbELNBuztkYLawbMY7OxXHr48ENRo-czL5uHZBfiQEg2p13-UMKtlfXLapSRXG8pt0A6j3EVdUsedSCmzYM4Op4knkJJ4-VW_Rk8mmNwxpcyZFC9gsWcwQnyl3NEvf0ilsGISM85lVUFAUEd85-DjdUxjtHK618Wl_9VoSBkSNckZ72L1GZ1Xgo0BQDCv2SQ9fV3N4HFMq5HobW0vs6i5bmSbHZPkLRNTzRFt_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYv63Wxr7ZgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_C9m2ttAdYO3mUymr6sxrzeUsQOVBf4aJ9XIC_UU3JiZ8XpqIiHx8BwPGfSoV1xuqaTdydmPwnUniF7PCpeEUIOVln1IHtKAv0xgB%26sig%3DAOD64_1u62q-E9nAHDo0UiQPdFOyrsg9iA%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQJoXBfQxZE4TeIr0BHF5uFMKX4coTJJ-plxoLJojNNJDfL1KKKeuxW4DoJbal0bej-3Dc0t-4ySdVH-4UjcKxWDtz_uFKA02G1KIPAokGaJxmZdxOuNAh6pV922o88s38d6-JdN6K6ITuzLFlKenwh7GHFP5uCMTbBPOQ_UioK4aR5Es%26cry%3D1%26dbm_d%3DAKAmf-C1T9t7mhsS_KP5NOYfBOWlPt1mrXvtEkh39iEJN9u6I4Doh2FGtYbtLmL1K9lsJGQ3rwyeB0obzhWJHZoTYKHIMqkblLz7QPadvRK1S4UY3iGZy7oghPlepnJ3F1bs5DguHggOwq9NuLJuD7tr_9kljv6OkQlnvZNQGJdSQABkehvf-hTzuZd19pDiWMjYIRPZxSzwx53Bd5IYsi345GKRcgWSKs4Fe4U0KCkpxO0tvtthMm9HHDA58dL-_773zyV_zupzDh5fewdPzrpcj1ZjN7iomKVWi4bigGzgeRxREDmsQGC3k_RRhND6PNdYESD3lJsUhFlGHsYtCHodwOrUPQyOAbI5n-0Un86kFhdyVyIGCQXXiYHoVlP0Z5UOOLDAm_KW5Ye7fT2wMSRI7HF7nVfqn9chyu4oOYfwpDEwqDB3iQlZpTFHONT_f1Z-zT3V22GfQhlIiMN4V1UidnlxBEPJp2jquuJMD7VbsZtQaxcdnlFNgjypTAmAE5AHiS_nZp7zDTyUKf0hHsSF93OsZ5lRcQ%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=2995529277394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1705118807&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807432&bpp=36&bdt=1139&idt=281&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=4&fsb=1&dtd=283
Protocol: HTTP/1.1
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: dcacce2cf4b379bbc34c2d74396a09ed9cd36a5523144875cac9132d6cee86d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jan 2024 04:06:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 64126200008893804444550012568003
Connection: close
Content-Length: 1353
Expires: Sat, 13 Jan 2024 04:06:48 +0100

Redirect headers

Pragma: no-cache
Date: Sat, 13 Jan 2024 04:06:48 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=2c7a08a60f&subid=&uid=e0779d91ec7150c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUZ6RVwyiZeK_LIDv9u8PuduNuA-m5b2gaYWVnKfJD_AuEAEgsqHeeGCV4pCCoAfIAQmpAj0HElBUY7I-qAMByAObhICABKoEpgJP0JyDYKiZ69r1AS9JA8T44uTOfIDnpc_Ezt8utTes_mZEq28PbRI5rk5sjpXtIpQSR7Y56QAAoZqd06AhrD71_KFtjqrQTqX5gpdkQTr4Br5k148wFKi6ns2YYh0dKmguas-COQ1BXSDnKbI0pQ_RIrcUuX8twhlv9YbELNBuztkYLawbMY7OxXHr48ENRo-czL5uHZBfiQEg2p13-UMKtlfXLapSRXG8pt0A6j3EVdUsedSCmzYM4Op4knkJJ4-VW_Rk8mmNwxpcyZFC9gsWcwQnyl3NEvf0ilsGISM85lVUFAUEd85-DjdUxjtHK618Wl_9VoSBkSNckZ72L1GZ1Xgo0BQDCv2SQ9fV3N4HFMq5HobW0vs6i5bmSbHZPkLRNTzRFt_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYv63Wxr7ZgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_C9m2ttAdYO3mUymr6sxrzeUsQOVBf4aJ9XIC_UU3JiZ8XpqIiHx8BwPGfSoV1xuqaTdydmPwnUniF7PCpeEUIOVln1IHtKAv0xgB%26sig%3DAOD64_1u62q-E9nAHDo0UiQPdFOyrsg9iA%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQJoXBfQxZE4TeIr0BHF5uFMKX4coTJJ-plxoLJojNNJDfL1KKKeuxW4DoJbal0bej-3Dc0t-4ySdVH-4UjcKxWDtz_uFKA02G1KIPAokGaJxmZdxOuNAh6pV922o88s38d6-JdN6K6ITuzLFlKenwh7GHFP5uCMTbBPOQ_UioK4aR5Es%26cry%3D1%26dbm_d%3DAKAmf-C1T9t7mhsS_KP5NOYfBOWlPt1mrXvtEkh39iEJN9u6I4Doh2FGtYbtLmL1K9lsJGQ3rwyeB0obzhWJHZoTYKHIMqkblLz7QPadvRK1S4UY3iGZy7oghPlepnJ3F1bs5DguHggOwq9NuLJuD7tr_9kljv6OkQlnvZNQGJdSQABkehvf-hTzuZd19pDiWMjYIRPZxSzwx53Bd5IYsi345GKRcgWSKs4Fe4U0KCkpxO0tvtthMm9HHDA58dL-_773zyV_zupzDh5fewdPzrpcj1ZjN7iomKVWi4bigGzgeRxREDmsQGC3k_RRhND6PNdYESD3lJsUhFlGHsYtCHodwOrUPQyOAbI5n-0Un86kFhdyVyIGCQXXiYHoVlP0Z5UOOLDAm_KW5Ye7fT2wMSRI7HF7nVfqn9chyu4oOYfwpDEwqDB3iQlZpTFHONT_f1Z-zT3V22GfQhlIiMN4V1UidnlxBEPJp2jquuJMD7VbsZtQaxcdnlFNgjypTAmAE5AHiS_nZp7zDTyUKf0hHsSF93OsZ5lRcQ%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=2995529277394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sat, 13 Jan 2024 04:06:48 +0100

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 34ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6ELBCSBKW3&gtm=45je41a0v9111845681&_p=1705118808353&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=492612603.1705118808&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1705118808&sct=1&seg=0&dl=https%3A%2F%2Flelive.weebly.com%2F&dt=Sidsupertool%20-%20Sid%E8%B6%85%E7%B4%9A%E6%B5%81%E4%BA%A1%E8%BC%94%E5%8A%A9&en=page_view&_fv=1&_ss=1&tfd=3387
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6ELBCSBKW3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lelive.weebly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 c31f92a57d Show response
bam.nr-data.net/resources/1/ Frame 35B0 36 B
352 B 226ms
226ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/c31f92a57d?a=20304440&v=1.250.0&to=MlwHMUdRW0FXBURQWwsWJAZBWVpcGQdAUGsTCzoCUERqUVkLQFZHDE0MCltvUF9UA1Q%3D&rst=1428&ck=0&s=fbb2b1a8a8148e3e&ref=https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html&st=1705118807301&hr=0&fts=1705118807301&n=26&fsh=1
Requested by: Host: widgetic.com
URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f12e8ab0ffaf518b6fa82a0c21843dca105d383ff5c419a4d384a708792ba433

Request headers

Referer: https://widgetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://widgetic.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 36
x-served-by: cache-fra-eddf8230105-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1276611037&t=pageview&_s=1&dl=https%3A%2F%2Flelive.weebly.com%2F&ul=en-us&de=UTF-8&dt=Sidsupertool%20-%20Sid%E8%B6%85%E7%B4%9A%E6%B5%81%E4%BA%A1%E8%BC%94%E5%8A%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1598210417&gjid=955346745&cid=492612603.1705118808&tid=UA-131254328-2&_gid=2147340477.1705118809&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=857582287

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lelive.weebly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lelive.weebly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame DBA3 50 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 13 Jan 2024 18:16:11 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 8274 4 KB
2 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 04:06:48 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 8274 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?PpTb1A
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2BB6 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 16:01:33 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 8274 50 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 18:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Sat, 13 Jan 2024 18:16:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6675 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BoQ6KVwyiZde0K9ng9u8PqI67gAUAAAAAOAHgBAI&bg=!pqWlperNAAaumcC-jpk7ADQBe5WfOENUWOsaS8WGEpRLkV0kZhNppexVPrFmn2JLkCJUix1rMfQiXckgmKzPB79fpxXsAgAAAIBSAAAAAWgBB5kC6sZljvmlZ28PqJAkfQa6iXI5sWIoA4vbJik0NQvnLMFsfVLbT9jRnHXN5vTUrAl43SjiSh2egPVxqd0bVvG7Z4WXG9MVzEmMOdxijTnVxSDe_bWfFg5MyxcciLwSp6UAWE284aVfIpBdv_qyyNppJRns_cJR61897Gb-erkO5RVzIGPf-fSf_gVcDa00g-OsxCUbVYqySK3OmvbLnDRuQnqqnCcW3-iL25nZbVG5B5foKXAe6eRd_X9bfHSbiQKDj2n3Z_TduaOuuShit5ZNt48FIV9g_abO7sURHmbFCU3W7NMv274Pxf7nRdgmZkZX27WhJEUL0FP7vXdeg4Xez_vedbPLEZ-jAV6XxeyHvKVXmei9UdArqX3UmomszI8JKY5fRs-DBy9Eh7T_e4-RzVj8_1Z1K3W3kPpLLGla7WRKH15xOn_D_brh7hqMx5coh3TjnqeKsZ0T93O0ChVpFCXkAJ1D56wthtQGf4rK57u6fUwK2HVClSU7OmFiGMdtf1mLXcGPAVybnUEUJFJdgMW23gooE65EggRyu2NTN2xV86RiwxB-2Mesv4UB8__aaRmNt2MFpb2TaYTAssuPJzYpe7EcZr-Ip5uZ0KDsUPfy0FcFGq_dU9iAreRuJs_MaLXeLF834_Xr8I6qXTPEfBQXiGLZTRtDZBVUOlZm09TpcFwaRhg_n71r8DmTjSIEUw-mvdrGuWhe0rgGs-dsv0CewouH1-VJGYCy3ya2uXvumWiG2t4i45X43vrNSww6UlUSk_8yF4WwiBRgHLu32fTkCrrPF0KfuJovKDWMy79rXhMtbymXzRYop_q5LzXsCt2aTfX4y89zu35JS46ZLRLg6TDQBUNy8JJqqeMdIrOKBJFXmfz1ssqfwMu9ZWMTgG6qDq5axxR199ox-UchTFSxxGUYemVQH-TNENeMkGUZEtpxd077jh69maNHqfyDTL7zvJzViKmWtx4ISW-fLnH1ETYMR8FI_IVg

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame F98C 0
326 B 69ms
16ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=64126200008893804444550012568003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=2c7a08a60f&subid=&uid=e0779d91ec7150c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUZ6RVwyiZeK_LIDv9u8PuduNuA-m5b2gaYWVnKfJD_AuEAEgsqHeeGCV4pCCoAfIAQmpAj0HElBUY7I-qAMByAObhICABKoEpgJP0JyDYKiZ69r1AS9JA8T44uTOfIDnpc_Ezt8utTes_mZEq28PbRI5rk5sjpXtIpQSR7Y56QAAoZqd06AhrD71_KFtjqrQTqX5gpdkQTr4Br5k148wFKi6ns2YYh0dKmguas-COQ1BXSDnKbI0pQ_RIrcUuX8twhlv9YbELNBuztkYLawbMY7OxXHr48ENRo-czL5uHZBfiQEg2p13-UMKtlfXLapSRXG8pt0A6j3EVdUsedSCmzYM4Op4knkJJ4-VW_Rk8mmNwxpcyZFC9gsWcwQnyl3NEvf0ilsGISM85lVUFAUEd85-DjdUxjtHK618Wl_9VoSBkSNckZ72L1GZ1Xgo0BQDCv2SQ9fV3N4HFMq5HobW0vs6i5bmSbHZPkLRNTzRFt_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYv63Wxr7ZgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_C9m2ttAdYO3mUymr6sxrzeUsQOVBf4aJ9XIC_UU3JiZ8XpqIiHx8BwPGfSoV1xuqaTdydmPwnUniF7PCpeEUIOVln1IHtKAv0xgB%26sig%3DAOD64_1u62q-E9nAHDo0UiQPdFOyrsg9iA%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQJoXBfQxZE4TeIr0BHF5uFMKX4coTJJ-plxoLJojNNJDfL1KKKeuxW4DoJbal0bej-3Dc0t-4ySdVH-4UjcKxWDtz_uFKA02G1KIPAokGaJxmZdxOuNAh6pV922o88s38d6-JdN6K6ITuzLFlKenwh7GHFP5uCMTbBPOQ_UioK4aR5Es%26cry%3D1%26dbm_d%3DAKAmf-C1T9t7mhsS_KP5NOYfBOWlPt1mrXvtEkh39iEJN9u6I4Doh2FGtYbtLmL1K9lsJGQ3rwyeB0obzhWJHZoTYKHIMqkblLz7QPadvRK1S4UY3iGZy7oghPlepnJ3F1bs5DguHggOwq9NuLJuD7tr_9kljv6OkQlnvZNQGJdSQABkehvf-hTzuZd19pDiWMjYIRPZxSzwx53Bd5IYsi345GKRcgWSKs4Fe4U0KCkpxO0tvtthMm9HHDA58dL-_773zyV_zupzDh5fewdPzrpcj1ZjN7iomKVWi4bigGzgeRxREDmsQGC3k_RRhND6PNdYESD3lJsUhFlGHsYtCHodwOrUPQyOAbI5n-0Un86kFhdyVyIGCQXXiYHoVlP0Z5UOOLDAm_KW5Ye7fT2wMSRI7HF7nVfqn9chyu4oOYfwpDEwqDB3iQlZpTFHONT_f1Z-zT3V22GfQhlIiMN4V1UidnlxBEPJp2jquuJMD7VbsZtQaxcdnlFNgjypTAmAE5AHiS_nZp7zDTyUKf0hHsSF93OsZ5lRcQ%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=2995529277394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Sat, 13 Jan 2024 04:06:48 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame FFB8 930 B
923 B 60ms
6ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=2c7a08a60f&subid=&uid=e0779d91ec7150c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUZ6RVwyiZeK_LIDv9u8PuduNuA-m5b2gaYWVnKfJD_AuEAEgsqHeeGCV4pCCoAfIAQmpAj0HElBUY7I-qAMByAObhICABKoEpgJP0JyDYKiZ69r1AS9JA8T44uTOfIDnpc_Ezt8utTes_mZEq28PbRI5rk5sjpXtIpQSR7Y56QAAoZqd06AhrD71_KFtjqrQTqX5gpdkQTr4Br5k148wFKi6ns2YYh0dKmguas-COQ1BXSDnKbI0pQ_RIrcUuX8twhlv9YbELNBuztkYLawbMY7OxXHr48ENRo-czL5uHZBfiQEg2p13-UMKtlfXLapSRXG8pt0A6j3EVdUsedSCmzYM4Op4knkJJ4-VW_Rk8mmNwxpcyZFC9gsWcwQnyl3NEvf0ilsGISM85lVUFAUEd85-DjdUxjtHK618Wl_9VoSBkSNckZ72L1GZ1Xgo0BQDCv2SQ9fV3N4HFMq5HobW0vs6i5bmSbHZPkLRNTzRFt_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYv63Wxr7ZgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_C9m2ttAdYO3mUymr6sxrzeUsQOVBf4aJ9XIC_UU3JiZ8XpqIiHx8BwPGfSoV1xuqaTdydmPwnUniF7PCpeEUIOVln1IHtKAv0xgB%26sig%3DAOD64_1u62q-E9nAHDo0UiQPdFOyrsg9iA%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQJoXBfQxZE4TeIr0BHF5uFMKX4coTJJ-plxoLJojNNJDfL1KKKeuxW4DoJbal0bej-3Dc0t-4ySdVH-4UjcKxWDtz_uFKA02G1KIPAokGaJxmZdxOuNAh6pV922o88s38d6-JdN6K6ITuzLFlKenwh7GHFP5uCMTbBPOQ_UioK4aR5Es%26cry%3D1%26dbm_d%3DAKAmf-C1T9t7mhsS_KP5NOYfBOWlPt1mrXvtEkh39iEJN9u6I4Doh2FGtYbtLmL1K9lsJGQ3rwyeB0obzhWJHZoTYKHIMqkblLz7QPadvRK1S4UY3iGZy7oghPlepnJ3F1bs5DguHggOwq9NuLJuD7tr_9kljv6OkQlnvZNQGJdSQABkehvf-hTzuZd19pDiWMjYIRPZxSzwx53Bd5IYsi345GKRcgWSKs4Fe4U0KCkpxO0tvtthMm9HHDA58dL-_773zyV_zupzDh5fewdPzrpcj1ZjN7iomKVWi4bigGzgeRxREDmsQGC3k_RRhND6PNdYESD3lJsUhFlGHsYtCHodwOrUPQyOAbI5n-0Un86kFhdyVyIGCQXXiYHoVlP0Z5UOOLDAm_KW5Ye7fT2wMSRI7HF7nVfqn9chyu4oOYfwpDEwqDB3iQlZpTFHONT_f1Z-zT3V22GfQhlIiMN4V1UidnlxBEPJp2jquuJMD7VbsZtQaxcdnlFNgjypTAmAE5AHiS_nZp7zDTyUKf0hHsSF93OsZ5lRcQ%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=2995529277394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sat, 13 Jan 2024 04:06:48 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sat, 20 Jan 2024 04:06:48 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame 8A1A 0
327 B 68ms
16ms Script
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=64126200008893804444550012568003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=2c7a08a60f&subid=&uid=e0779d91ec7150c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUZ6RVwyiZeK_LIDv9u8PuduNuA-m5b2gaYWVnKfJD_AuEAEgsqHeeGCV4pCCoAfIAQmpAj0HElBUY7I-qAMByAObhICABKoEpgJP0JyDYKiZ69r1AS9JA8T44uTOfIDnpc_Ezt8utTes_mZEq28PbRI5rk5sjpXtIpQSR7Y56QAAoZqd06AhrD71_KFtjqrQTqX5gpdkQTr4Br5k148wFKi6ns2YYh0dKmguas-COQ1BXSDnKbI0pQ_RIrcUuX8twhlv9YbELNBuztkYLawbMY7OxXHr48ENRo-czL5uHZBfiQEg2p13-UMKtlfXLapSRXG8pt0A6j3EVdUsedSCmzYM4Op4knkJJ4-VW_Rk8mmNwxpcyZFC9gsWcwQnyl3NEvf0ilsGISM85lVUFAUEd85-DjdUxjtHK618Wl_9VoSBkSNckZ72L1GZ1Xgo0BQDCv2SQ9fV3N4HFMq5HobW0vs6i5bmSbHZPkLRNTzRFt_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYv63Wxr7ZgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_C9m2ttAdYO3mUymr6sxrzeUsQOVBf4aJ9XIC_UU3JiZ8XpqIiHx8BwPGfSoV1xuqaTdydmPwnUniF7PCpeEUIOVln1IHtKAv0xgB%26sig%3DAOD64_1u62q-E9nAHDo0UiQPdFOyrsg9iA%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQJoXBfQxZE4TeIr0BHF5uFMKX4coTJJ-plxoLJojNNJDfL1KKKeuxW4DoJbal0bej-3Dc0t-4ySdVH-4UjcKxWDtz_uFKA02G1KIPAokGaJxmZdxOuNAh6pV922o88s38d6-JdN6K6ITuzLFlKenwh7GHFP5uCMTbBPOQ_UioK4aR5Es%26cry%3D1%26dbm_d%3DAKAmf-C1T9t7mhsS_KP5NOYfBOWlPt1mrXvtEkh39iEJN9u6I4Doh2FGtYbtLmL1K9lsJGQ3rwyeB0obzhWJHZoTYKHIMqkblLz7QPadvRK1S4UY3iGZy7oghPlepnJ3F1bs5DguHggOwq9NuLJuD7tr_9kljv6OkQlnvZNQGJdSQABkehvf-hTzuZd19pDiWMjYIRPZxSzwx53Bd5IYsi345GKRcgWSKs4Fe4U0KCkpxO0tvtthMm9HHDA58dL-_773zyV_zupzDh5fewdPzrpcj1ZjN7iomKVWi4bigGzgeRxREDmsQGC3k_RRhND6PNdYESD3lJsUhFlGHsYtCHodwOrUPQyOAbI5n-0Un86kFhdyVyIGCQXXiYHoVlP0Z5UOOLDAm_KW5Ye7fT2wMSRI7HF7nVfqn9chyu4oOYfwpDEwqDB3iQlZpTFHONT_f1Z-zT3V22GfQhlIiMN4V1UidnlxBEPJp2jquuJMD7VbsZtQaxcdnlFNgjypTAmAE5AHiS_nZp7zDTyUKf0hHsSF93OsZ5lRcQ%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=2995529277394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 8A1A 43 B
360 B 69ms
17ms Image
image/gif 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=64126200008893804444550012568003&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=2c7a08a60f&subid=&uid=e0779d91ec7150c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUZ6RVwyiZeK_LIDv9u8PuduNuA-m5b2gaYWVnKfJD_AuEAEgsqHeeGCV4pCCoAfIAQmpAj0HElBUY7I-qAMByAObhICABKoEpgJP0JyDYKiZ69r1AS9JA8T44uTOfIDnpc_Ezt8utTes_mZEq28PbRI5rk5sjpXtIpQSR7Y56QAAoZqd06AhrD71_KFtjqrQTqX5gpdkQTr4Br5k148wFKi6ns2YYh0dKmguas-COQ1BXSDnKbI0pQ_RIrcUuX8twhlv9YbELNBuztkYLawbMY7OxXHr48ENRo-czL5uHZBfiQEg2p13-UMKtlfXLapSRXG8pt0A6j3EVdUsedSCmzYM4Op4knkJJ4-VW_Rk8mmNwxpcyZFC9gsWcwQnyl3NEvf0ilsGISM85lVUFAUEd85-DjdUxjtHK618Wl_9VoSBkSNckZ72L1GZ1Xgo0BQDCv2SQ9fV3N4HFMq5HobW0vs6i5bmSbHZPkLRNTzRFt_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYv63Wxr7ZgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_C9m2ttAdYO3mUymr6sxrzeUsQOVBf4aJ9XIC_UU3JiZ8XpqIiHx8BwPGfSoV1xuqaTdydmPwnUniF7PCpeEUIOVln1IHtKAv0xgB%26sig%3DAOD64_1u62q-E9nAHDo0UiQPdFOyrsg9iA%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQJoXBfQxZE4TeIr0BHF5uFMKX4coTJJ-plxoLJojNNJDfL1KKKeuxW4DoJbal0bej-3Dc0t-4ySdVH-4UjcKxWDtz_uFKA02G1KIPAokGaJxmZdxOuNAh6pV922o88s38d6-JdN6K6ITuzLFlKenwh7GHFP5uCMTbBPOQ_UioK4aR5Es%26cry%3D1%26dbm_d%3DAKAmf-C1T9t7mhsS_KP5NOYfBOWlPt1mrXvtEkh39iEJN9u6I4Doh2FGtYbtLmL1K9lsJGQ3rwyeB0obzhWJHZoTYKHIMqkblLz7QPadvRK1S4UY3iGZy7oghPlepnJ3F1bs5DguHggOwq9NuLJuD7tr_9kljv6OkQlnvZNQGJdSQABkehvf-hTzuZd19pDiWMjYIRPZxSzwx53Bd5IYsi345GKRcgWSKs4Fe4U0KCkpxO0tvtthMm9HHDA58dL-_773zyV_zupzDh5fewdPzrpcj1ZjN7iomKVWi4bigGzgeRxREDmsQGC3k_RRhND6PNdYESD3lJsUhFlGHsYtCHodwOrUPQyOAbI5n-0Un86kFhdyVyIGCQXXiYHoVlP0Z5UOOLDAm_KW5Ye7fT2wMSRI7HF7nVfqn9chyu4oOYfwpDEwqDB3iQlZpTFHONT_f1Z-zT3V22GfQhlIiMN4V1UidnlxBEPJp2jquuJMD7VbsZtQaxcdnlFNgjypTAmAE5AHiS_nZp7zDTyUKf0hHsSF93OsZ5lRcQ%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=2995529277394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 8A1A 43 B
702 B 88ms
60ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=64126200008893804444550012568003&pv=1

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=2c7a08a60f&subid=&uid=e0779d91ec7150c9&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCUZ6RVwyiZeK_LIDv9u8PuduNuA-m5b2gaYWVnKfJD_AuEAEgsqHeeGCV4pCCoAfIAQmpAj0HElBUY7I-qAMByAObhICABKoEpgJP0JyDYKiZ69r1AS9JA8T44uTOfIDnpc_Ezt8utTes_mZEq28PbRI5rk5sjpXtIpQSR7Y56QAAoZqd06AhrD71_KFtjqrQTqX5gpdkQTr4Br5k148wFKi6ns2YYh0dKmguas-COQ1BXSDnKbI0pQ_RIrcUuX8twhlv9YbELNBuztkYLawbMY7OxXHr48ENRo-czL5uHZBfiQEg2p13-UMKtlfXLapSRXG8pt0A6j3EVdUsedSCmzYM4Op4knkJJ4-VW_Rk8mmNwxpcyZFC9gsWcwQnyl3NEvf0ilsGISM85lVUFAUEd85-DjdUxjtHK618Wl_9VoSBkSNckZ72L1GZ1Xgo0BQDCv2SQ9fV3N4HFMq5HobW0vs6i5bmSbHZPkLRNTzRFt_ABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYv63Wxr7ZgwOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTgAvHhf_C9m2ttAdYO3mUymr6sxrzeUsQOVBf4aJ9XIC_UU3JiZ8XpqIiHx8BwPGfSoV1xuqaTdydmPwnUniF7PCpeEUIOVln1IHtKAv0xgB%26sig%3DAOD64_1u62q-E9nAHDo0UiQPdFOyrsg9iA%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQJoXBfQxZE4TeIr0BHF5uFMKX4coTJJ-plxoLJojNNJDfL1KKKeuxW4DoJbal0bej-3Dc0t-4ySdVH-4UjcKxWDtz_uFKA02G1KIPAokGaJxmZdxOuNAh6pV922o88s38d6-JdN6K6ITuzLFlKenwh7GHFP5uCMTbBPOQ_UioK4aR5Es%26cry%3D1%26dbm_d%3DAKAmf-C1T9t7mhsS_KP5NOYfBOWlPt1mrXvtEkh39iEJN9u6I4Doh2FGtYbtLmL1K9lsJGQ3rwyeB0obzhWJHZoTYKHIMqkblLz7QPadvRK1S4UY3iGZy7oghPlepnJ3F1bs5DguHggOwq9NuLJuD7tr_9kljv6OkQlnvZNQGJdSQABkehvf-hTzuZd19pDiWMjYIRPZxSzwx53Bd5IYsi345GKRcgWSKs4Fe4U0KCkpxO0tvtthMm9HHDA58dL-_773zyV_zupzDh5fewdPzrpcj1ZjN7iomKVWi4bigGzgeRxREDmsQGC3k_RRhND6PNdYESD3lJsUhFlGHsYtCHodwOrUPQyOAbI5n-0Un86kFhdyVyIGCQXXiYHoVlP0Z5UOOLDAm_KW5Ye7fT2wMSRI7HF7nVfqn9chyu4oOYfwpDEwqDB3iQlZpTFHONT_f1Z-zT3V22GfQhlIiMN4V1UidnlxBEPJp2jquuJMD7VbsZtQaxcdnlFNgjypTAmAE5AHiS_nZp7zDTyUKf0hHsSF93OsZ5lRcQ%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=2995529277394&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Jan 2024 04:06:48 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BB6 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BRPD-WAyiZeuyEMuh9u8PuJOHIAAAAAA4AeAEAg&bg=!-_il-LfNAAaumcC-jpk7ADQBe5WfOAg9vvyCpeE8EOSezH7WaSpEhwN-TNhBl2Qgtr8E5Xk8W7HRURHEvwyr3X0lAq0mAgAAAE5SAAAAAWgBB5kC38OZoGU-OgwbKEvkDF0okn-4LA8bQUHvuouDBQct6V4HjlnpF0KT96oCy1k4DIJh_rAwAmOgAnCEVNjJPL6oZ2klaMVHEy1EWxp3CvuIfGcLKn-WmvweUiavT4-SLOVg62T38kxUxxmr9N4D00ju4BRYgA1JkhPsCSqAs2eeypfD499nmg093vEvnTPE1-gzdpytiBtCg26Lh5_SPpy1yaUx31ZIUgTDjcmwBLPVvX8LEo6zaYljMEDmGVYhwNQPUXcxu5rtWx7XZG-0a-Zz0inaw0Fze1Dpzbk5j0ycj1lMJxw0QPgi5u77QvaFcKQ7EzNLHDu5cNmnv4mc_6EJ90rS6tn9qvvCIB5dXooDejl7fpq-Wqk6g3PondCab7sOobCnivawqWd2H2kMOajISIZZPfDDg3pGWvJWpyMonXPVRO3awIVP9ERXUbsZQETUeS8Ouvp35Kq-UF4UppO51Wel3kXDXhOk2kh3GT5jW8RtKi65gWFfOiuIaZl1kgrTvY47MeGyadXtdbhcWgMEXI-gHSDbSPCES1J6Rdi3Bgqs3Yr-RArC61C0bMyWcBJQZEDyzqngqDbWW8nvqI3ldqcNxptSuuJ_xDoZaiSLepaAZJt4an-xai9JgCCHPHColX2GSRB2qApExqA0q7DMLkuRq8L39Shx8x0vs7EPXtnsD5kyg_51cKq_gO1cezy4mlf4hHCYFW7GyoSxOCKQi16W_Eh70v-xDZOCOJ7Cu_tfmkQobHGYEKPGXzQCL7wOICIdK-VJJcI1SoXn1fs7PZY3b1UE5nbYks3hFM54U86Vr791MMVa4eYs1t6JNRsTmIomGkbexr4RA7J2-AaFmV1ndfu7dxap3oERRH45f8BCeOp4_eB2JB3gZdUQlcCiz8TG5yP7xd_5N3jH8aNtjTKwUtJMGRAMU3WjzgXl5jYtM8vh_N89POSyoSTI0A0sXwrFbbQK3NwoF1SXhHlbKA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 80C7 0
2 KB 51ms
37ms Document
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/talksometingshit&width&layout=button_count&action=like&show_faces=false&share=false&height=80

Requested by

Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/core.vendor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://widgetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 13 Jan 2024 04:06:48 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: dORWOu/7L8tRNGJ7XqcPbok7qmhB1qWcoyVHTsiYktoHbPaz+D1s8uVB5WPXhROoIetQ2+faGnxcl5CUz89ccA==
x-xss-protection: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame FFB8 177 KB
63 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e071efe04b422a6c372bae4008b0bfcf14c3e6a3223a9c622f055be77260ed35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64564
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Jan 2024 04:06:48 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame 8A1A 2 KB
2 KB 128ms
57ms Script
text/html 13.41.85.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=64126200008893804444550012568003&nw=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1705118807&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807432&bpp=36&bdt=1139&idt=281&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=4&fsb=1&dtd=283
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.41.85.159 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-41-85-159.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 10a4113d212915774fe64a8b2fb6438462f55736682e8a9d6773ef741f89ffc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:49 GMT
last-modified: Sat, 13 Jan 2024 04:06:49 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 13 Jan 2024 04:07:49 GMT

GET
H2

200

activityi;dc_pre=CNfWpse-2YMDFfnnOwIdBD0Ezg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1743267619023.0723 Show response
5994599.fls.doubleclick.net/ Frame 6184
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1743267619023.0723?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNfWpse-2YMDFfnnOwIdBD0Ezg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1743267619023.0723?

392 B
327 B

50ms
49ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CNfWpse-2YMDFfnnOwIdBD0Ezg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1743267619023.0723?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

9ef5d833beee6d3f2043893b3cb6dc3865403cfe6251c9a2aec826e8f4e41bd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:49 GMT
expires: Sat, 13 Jan 2024 04:06:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNfWpse-2YMDFfnnOwIdBD0Ezg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1743267619023.0723?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90003.redintelligence.net/ Frame A81D 7 KB
2 KB 33ms
11ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request_content.php?s=64126200008893804444550012568003&a=76507fbf
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1705118807&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807432&bpp=36&bdt=1139&idt=281&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=4&fsb=1&dtd=283
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 80ffc1fd202add9784189f57c11748d75b0d69016d4ab910a74652a7b36923ff

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2099
Content-Type: text/html; charset=utf-8
Date: Sat, 13 Jan 2024 04:06:48 GMT
Expires: Sat, 13 Jan 2024 04:06:48 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 8A1A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3f5b926895697666d8e1845998e4f3367573bdb769babdca65c5026a57bb387

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame A81D 2 KB
530 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=64126200008893804444550012568003&a=76507fbf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Jan 2024 04:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Jan 2024 03:52:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Jan 2024 04:06:49 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame A81D 10 KB
10 KB 132ms
109ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-627x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=64126200008893804444550012568003&a=76507fbf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b477fe4f245180f5b64eb227704b265e4e111c53746ce3f81dd473f4e091548a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9891
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame A81D 9 KB
9 KB 124ms
102ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=64126200008893804444550012568003&a=76507fbf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c13c1b5faeea901a5a226c757d579e804af6ab5c309e16e8d27d8192dd260800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9249
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame A81D 10 KB
10 KB 122ms
99ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-627x627.jpg
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=64126200008893804444550012568003&a=76507fbf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: bedb7756004f0aadf96495748c7629ae3d959372f9f913045f367bbaa08ad2e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9719
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame FFB8 276 KB
91 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da3c1b26dfe84271c6c34e204c025eade8b6ba6bb88dbe12fcfd16f598cea96c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93407
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Jan 2024 04:06:49 GMT

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame A81D 0
150 B 33ms
12ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=64126200008893804444550012568003&a=5ab39bee&vb=m
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=64126200008893804444550012568003&a=76507fbf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=64126200008893804444550012568003&a=76507fbf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sat, 13 Jan 2024 04:06:49 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 8A1A 54 KB
19 KB 72ms
7ms Script
application/javascript 18.66.147.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=64126200008893804444550012568003&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:24:12 GMT
content-encoding: gzip
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jan 2024 16:01:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 42158
x-amz-server-side-encryption: AES256
etag: W/"1885e2f5560c2347761a6db4984ea717"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -W8Jp8uhWTMVD153_fuLzb1grPY2wB6z34X7HiwBrFgL0quAbwVZ5g==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 8A1A 3 KB
3 KB 43ms
7ms Image
image/png 99.86.4.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1705119109&Signature=jt~OJcm1QoocCaLX0IzL5M3BR8-g2JtV9X7LKV8lSSdkwSgaT~Y4zN2e08F0KyGvIi9TmqwbiwZaQanwqy2SolGlsnQn5O3~w0ol1HLnfsMx9FAIhS~kBWa~KVw0beS98dMqcce6nQ7pDm2dyJN4CVrvehpBvKnNccLeKAiiuZPDvnU43Hk-pgKBhWw0YTTqhcqcGq95GnScehbH2EFq3AHRVUYSjuuJZVBs0UZJUpRM0UARVu7znm~mGZWaAFolBiUzGZ7QcIFUvWC1XFDksaeGVlC9QmeTbhLuUrES6CD3cAlQANJZlZ~xWtsEF3pmMgWoII9TjlbyOAkc-mCaHQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1705118807&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705118807432&bpp=36&bdt=1139&idt=281&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C468x60_as%2C728x90_as%2C300x250_as%2C468x60_as&correlator=4322789930108&frm=20&pv=1&ga_vid=492612603.1705118808&ga_sid=1705118808&ga_hid=1276611037&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C95320238%2C31080266%2C42532524%2C95321957%2C95320893%2C95321627&oid=2&pvsid=1352197277043373&tmod=1849012420&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=4&fsb=1&dtd=283
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-52.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id: null
date: Fri, 12 Jan 2024 09:14:47 GMT
via: 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 67923
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: 6HJCLEuNCNwBoEP6pnz32W52nDdE7OfIScdGJPUW-Dua0wsqPaBqPQ==

GET
H2 200 dc_pre=CNfWpse-2YMDFfnnOwIdBD0Ezg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1743267619023.0723
adservice.google.com/ddm/fls/z/ Frame 6184 42 B
401 B 63ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNfWpse-2YMDFfnnOwIdBD0Ezg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1743267619023.0723

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNfWpse-2YMDFfnnOwIdBD0Ezg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1743267619023.0723?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 68ms
54ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1771b5160ed3a2a359affa06e7d0c657ebb86956a0479c402c466408a3a9e12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12253
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Jan 2024 04:06:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8187 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jan 2024 18:49:56 GMT
expires: Sat, 11 Jan 2025 18:49:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EA71 829 B
559 B 17ms
16ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cd99ff739e2486c405deb3673117c104bb4cd0a00c821fb579454e1f776d428a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TryrFYGXykho1k4M2FOeOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-TryrFYGXykho1k4M2FOeOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 04:06:49 GMT
expires: Sat, 13 Jan 2024 04:06:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8187 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 16:01:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43516
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 16:01:33 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D6B5 42 B
64 B 49ms
48ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuOxX3s_60EZqqYTs-WQywhVfBAluFFwxgCSFxd3_X5TMHkI8g0IUp6VPNM3_5RR4oSLgn7VnnC5csCwjmcTDc6hoUfVnU6rrbl4rVodlplyeX38GPo_f2z8NITVN2Oo-wmg8ZcY7iHCmUZGbdWBYQalMr6&sai=AMfl-YRwDeDgFBH9C1Mlz_od7Hf9WAeI3rYgWTKh3bXWnajWJlGm5BRgmYvZVDRCztT8OuaGAMG7WWGCLFnqSlbdVyT4x2mhFIGt_qYEFD8AZhTQP9fdRZpKQG2jsoKUs2gjewYOcMwzx1TX8ej6SE21FA&sig=Cg0ArKJSzGd20osBeJioEAE&cid=CAQSTwAvHhf_aV_iEBnrdHqiyWG2pok_Prmk2FKGLqJ8qyqgxfGPgmmP7ijIqrhpiin_4R7el46ZCRZSeTyhS1oj4rnChrzaJgVPMQOwEVlLjYcYAQ&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3566803071&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705118807694&rpt=570&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EA71 0
0 47ms
47ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=1352197277043373&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8187 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?amYTKg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 04:06:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 8A1A 16 B
209 B 82ms
82ms Fetch
application/json 13.42.80.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-42-80-79.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 13 Jan 2024 04:06:49 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 89ms
25ms Preflight 13.42.80.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.80.79 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-80-79.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 13 Jan 2024 04:06:49 GMT
server: nginx

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 24C3 28 B
54 B 21ms
20ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-Goog-Request-Time: 1705118809831
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtoMGhuTUYtWXZOUSjXmIitBjIKCgJERRIEEgAgUA%3D%3D
X-YouTube-Ad-Signals: dt=1705118807657&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1080%2C638&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 13 Jan 2024 04:06:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 13 Jan 2024 04:06:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=1352197277043373&bg=!6eql6qXNAAaumcC-jpk7ADQBe5WfODMIcepJQbNp8YGzP0X_4UArKnxxpkvx3Ob3zcReQBfZ4Wdz8HCXLeagNswhzBjjAgAAAGdSAAAAAmgBB5kCwgYtp1txKPjSzExHcCY8HJpLRjAAay2-18zmRrJ9iTK9Newjkb2zvhZtJvOvBev_NAa62PK8Q_78TqikeryqKiUyLs7F_QvwvVHSYVjpw6FabB1niszanjT_gSz5ttGHnZ0vTHp59ms2ALtclmZIQfgvRUVN5fAe3o7RBdsxVIFJhoNGyEAh5Blnq1ZKgIRiCj-KMIcoFrt8_QiBPTspAcAp8bpxPHVeryFZJhcOeMyPFtsnta-ZkRncY92WEyHXjWC45o2CquCKZulPlBVm7gshzpyzjCFAGLmUfmqhXrnFZiswcLlQhK9BUUOEntlljQ8T-aimYdSSi0gFgg-zsQhvYOQ_i460A-KrtPFZuKLwXnT31SkTAYzDzSHNaB0_53vyJ8iIL_1DhvMRPhureJODpd1bx7lhki1XWQOjHiN0oyHZOTH3H1fQgmboklwWBV-ndwSlTTyJKwg511czQtYeiAbS2KG2BvlIfItRjNZ_DxgFB__c8FGwNXvJQ9h3QT4rmKs8pCP_uXku_0KtBcTzKYNJkExI8yLQYHFC4bnHcevCschiMCeND6-GWr1dFv6KBiRFt5Hk4U7zzUoVic43gzLb1KKNuarldnbCtvcfdKT80E809tN7TN5C1CiKJV1W8Oa_ZXHPkY7yWk7hJo6JGLkBZiLFBbmoYCLP90h5gu1izI4_5yqKE1SAsY5QJP1HwpKFvGZMWUgWrrvdJHWe0gpbhtsKbpbwT4NesbJzGOVGSfOuTPT0dArIufpebp6avJLxNtjYzCHpLU6HNPV_51R9yq0hSbrsq71e6wRFBMQWzcEySuiw6Unl7uGoztiWUvZZKUn7_WRWixMnnS5uyc52PWdl5w-kJjNgYmCOvWaWDofwLbp0JfvaxC60z6XhIKuZTNRvuVet2X_VY8qK5cPM9p8U1avLBbf7BK7GyKU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2428 28 B
54 B 21ms
21ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-Goog-Request-Time: 1705118810082
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtNbFZvMS1fN1hEOCjXmIitBjIKCgJERRIEEgAgYA%3D%3D
X-YouTube-Ad-Signals: dt=1705118807685&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1080%2C638&vis=1&wgl=true&ca_type=image

Response headers

date: Sat, 13 Jan 2024 04:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 13 Jan 2024 04:06:50 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A1A 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6175419652614&version=m202309260101&ct=77&x=1&cor=11917634550238618000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Jan 2024 04:06:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame DBA3 28 B
54 B 21ms
21ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-Goog-Request-Time: 1705118810313
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtNbFZvMS1fN1hEOCjXmIitBjIKCgJERRIEEgAgYA%3D%3D
X-YouTube-Ad-Signals: dt=1705118808112&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1080%2C638&vis=1&wgl=true&ca_type=image&bid=ANyPxKqB-WXKqbq32bARRhxgVpj0sr68VDuz1lafreWn7VJjXD1_Ybm88qABOjHp4G40bvOCczGr8KFiXYLdp_GeZDXLObCWEQ

Response headers

date: Sat, 13 Jan 2024 04:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 13 Jan 2024 04:06:50 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 8274 28 B
54 B 22ms
21ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/80b90bfd/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
X-Goog-Request-Time: 1705118810769
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
X-YouTube-Client-Version: 1.20240109.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtNbFZvMS1fN1hEOCjYmIitBjIKCgJERRIEEgAgYA%3D%3D
X-YouTube-Ad-Signals: dt=1705118808455&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1080%2C638&vis=1&wgl=true&ca_type=image&bid=ANyPxKorjyH4aj5A3UA2dv0-lDXmR3f7NCdx5Ikw62MuaTmJC2IvdHN8LF2_ycYV4wh-HjFctLCHJJX8BO3FiiWS2wLPbPtTrg

Response headers

date: Sat, 13 Jan 2024 04:06:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Sat, 13 Jan 2024 04:06:50 GMT

Verdicts & Comments Add Verdict or Comment

282 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lelive.weebly.com/	1969-12-31 23:59:59	Name: is_mobile Value: 0
lelive.weebly.com/	1970-01-20 17:58:48	Name: language Value: de_DE
.weebly.com/	1969-12-31 23:59:59	Name: sto-id-editor Value: IEGJBMAK
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: hM0z3a0vnPA
.youtube.com/	1970-01-20 21:57:50	Name: VISITOR_INFO1_LIVE Value: MlVo1-_7XD8
.doubleclick.net/	1970-01-21 03:00:14	Name: IDE Value: AHWqTUlQRtLi3eELpEDjvRoDgZq3O7-BYPUbKh4o9ZAt_b7xA4AKQDsgQC0JYjTJMzI
.weebly.com/	1970-01-21 03:00:14	Name: __gads Value: ID=482594ecf4059e21:T=1705118807:RT=1705118807:S=ALNI_MY1NxPkLgaWQaJesmeZLp8FPY2fvQ
.weebly.com/	1970-01-21 03:00:14	Name: __gpi Value: UID=00000d40837e7a92:T=1705118807:RT=1705118807:S=ALNI_Mbw3RC9pVgYUeHgEn4FKAPluw1s3w
.adnxs.com/	1970-01-20 19:48:14	Name: uuid2 Value: 7582362593969553322
.adnxs.com/	1970-01-21 03:14:38	Name: XANDR_PANID Value: asJGdNoVPJ_M-jrVUkRwa485Wps5HNZFHnlqhNKkdz7x5aVdw5hnD_PsHFJtzwZB8i58dd64x25Yfrz2DNOjFup_adLoctOYq9PTfz5TdbQ.
.adnxs.com/	1970-01-20 19:48:14	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTso.P[!!]tbPl1M>e)ZlrFUfJ+tGXxpWZkD=I:we07@mf-7VE]TkHjh/<Oyw_h-KfAVbpRzqF1`*b^tI)uWg!
.casalemedia.com/	1970-01-20 19:48:14	Name: CMPS Value: 3205
.doubleclick.net/	1970-01-20 21:57:50	Name: APC Value: AfxxVi4X18C0-tIbIKV4fOcgrOyjRKGNWZWw6l6407AEy5UL9ricWA
.casalemedia.com/	1970-01-21 02:24:14	Name: CMID Value: ZaIMWB8B48nU4ig91BF03wAA
.casalemedia.com/	1970-01-20 19:48:14	Name: CMPRO Value: 3205
.doubleclick.net/	1970-01-20 18:21:50	Name: ar_debug Value: 1
lelive.weebly.com/	1970-01-20 17:38:40	Name: _snow_ses.db5b Value: *
lelive.weebly.com/	1970-01-21 03:14:38	Name: _snow_id.db5b Value: 80e8a6b5-7297-483f-971b-a01f905e4a10.1705118809.1.1705118809.1705118809.ee0ddfa6-c763-4559-9f38-36575e02ef69
.weebly.com/	1970-01-21 03:14:38	Name: _ga_6ELBCSBKW3 Value: GS1.1.1705118808.1.0.1705118808.0.0.0
.redintelligence.net/	1970-01-20 19:48:14	Name: 8lcfmzhxc8d6_uid Value: 2c20209be0a6a3fa
.weebly.com/	1970-01-21 03:14:38	Name: _ga Value: GA1.2.492612603.1705118808
.weebly.com/	1970-01-20 17:40:05	Name: _gid Value: GA1.2.2147340477.1705118809
.weebly.com/	1970-01-20 17:38:38	Name: _gat_gtag_UA_131254328_2 Value: 1
.awin1.com/	1970-01-20 17:41:31	Name: awpv22610 Value: 296283\|1705118808\|2c95ed30-b1c9-11ee-94b4-2233c304522e
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 408799:2874697
.office-partner.de/	1970-01-21 03:14:38	Name: source Value: {"webgains_webgains":{"timestamp":1705118809023,"clickCookie":false}}
ec.editmysite.com/	1970-01-21 02:24:14	Name: sp Value: ba9f63f0-7c2e-4fff-b33e-9da751d647d5

29 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=728943538380729393&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=000000&bgcolor=000000&linkcolor=FFFFFF&textcolor=CCCCCC&urlcolor=999999(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=728943538380729393&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=000000&bgcolor=000000&linkcolor=FFFFFF&textcolor=CCCCCC&urlcolor=999999(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=505443558143390018&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=505443558143390018&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=624358142503171732&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=624358142503171732&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=462033732328113390&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=462033732328113390&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=640257324145581103&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=640257324145581103&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=552702152350086236&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=234x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=552702152350086236&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=234x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=421482100300384280&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=421482100300384280&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=313710685213427552&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=313710685213427552&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=525252718564449301&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=300x250&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=525252718564449301&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=300x250&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=103887850534687975&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=103887850534687975&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=892243738160099283&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=892243738160099283&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=117595008979775322&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=117595008979775322&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=552573448432664685&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=552573448432664685&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=885823029419344753&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=885823029419344753&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
deprecation	warning	URL: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js(Line 1) Message: Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
bam.nr-data.net
cdn.jsdelivr.net
cdn.track.production.webgains.team
cdn2.editmysite.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
ec.editmysite.com
files.widgetic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90003.redintelligence.net
i.ytimg.com
ib.adnxs.com
jnn-pa.googleapis.com
js-agent.newrelic.com
lelive.weebly.com
pagead2.googlesyndication.com
pv.medialead.de
region1.google-analytics.com
s0.2mdn.net
ssl.google-analytics.com
static.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
us-u.openx.net
widgetic.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.weebly.com
www.youtube.com
yt3.ggpht.com
104.75.89.75
13.41.85.159
13.42.80.79
138.201.220.30
138.201.63.117
142.250.181.226
142.250.186.166
151.101.194.137
162.247.243.29
172.64.151.101
18.66.147.52
199.34.228.53
2001:4860:4802:34::36
216.58.212.134
2606:4700:3033::ac43:84fa
2606:4700::6810:5614
2a00:1450:4001:802::2001
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:811::2016
2a00:1450:4001:813::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::302
2a0b:4d07:101::1
34.98.64.218
37.252.171.85
54.189.77.43
74.115.50.109
91.121.248.44
92.123.148.9
99.86.4.52
00bc898536e62eab25b322796c857ef52795743d66b8dda139ae8894dfe118e1
06e9d4c0c519d72b481e8f1f427b568f5468ce0eb9cb1cc0a554ac3925970070
094a6590bee6ff08b4562f09ee54e0b4c0ef6ae9a0698f1e4dd82f3ad9687d5e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cfc72687bf236ba651d0aab3205c0e3cd474d5fa987f1ab1e8fe749f0680acf
10a4113d212915774fe64a8b2fb6438462f55736682e8a9d6773ef741f89ffc3
115f8c95a42cff5953894d4caebab4a0a743ece7b38f3a9b225d094eae5e37f1
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1ae869686825bfe691c59651f120721728a8c2b6e856578eaef7b23058e193c6
1b6fdc96d4b03543bb763c33a4c5339bd417864567c30cb80d09c934871db6d9
1cab42efc65e3c8278a4a4386c7076455f9b3a3b28666342b545b5d489141f05
1cb008aaed1aabc56491ab1f185a8e9ef880be41c28c05971875febb211ad43d
1ea6f427bb43460d62ff12b1378ccece1b9086e0486816ffafb44079e4fe0a11
207ec261a8530654204ada78a03b0cc6c129c09bac87013c3a8bb3bedfe84be6
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee
251a983a1b4b2cc76542aa398ae6b3499978a788860b54a8081d35d7a843303c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2829e73e900aef1b3608efa7458c3cfc249e334cd561b2d33ecd84a6ef189cf8
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2b6fb0ac94d87d6b40064bf2f8d3bb86b12763753c22f80a300e379a2c43a4f8
2c1e77bfe3f47e0948ba01d19871d90790115ed0db3763b6f4cf7f3f03da769e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
30bf665890ae0a63e4f917a03fb52d5b1c53f8c67c686ca2732c2656599cd862
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320242e458ff727cf119b25be7eed579317dad053ffe30beb9ca473f9c2eaf8f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3401b7cf66d3054cd4e206cc8eb15fc6526750591846b9947baa655fc940d910
3704514135a2ee6042c185a2822cdecba0b26192fccd0f92fbae1dd383668c71
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3cb57dde3a2009442a904a01e42f5803d7c8914e1e302828a32006845e0cf02f
3d82a30f93efc36ce7c910d93e783da263c69d71fce36b40c74bad6761e6f784
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
43041ddcd7eb47a6e478251953f5773b0cf8664066d7697a4cc45a0727953d53
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
45a8badf06824c87461905a8b1871fc3ca3eb5934cee490deadad743ebf99661
45b41e9d926f671cea3deb26ad3ddb93ae28ba5eca5f299bea5a59b482fee3d9
48ea13cf7f03e447f96b6fa72496d962cdb27cd611a5b4e643354f85f800b9f0
4a96107fbabc6086da1301ac2553295a823d37bdbc49c61efaab62b966b25f1a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dc93ba28625d775dd7e9298da5dcb6f7feb5581d35ed9263b80b546b2bff072
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50c040bd4b2c4cd2ed11ef053f28199b8af7d65e71982876d6683b8e62231f37
51921678abf215c923826ee5005ece93e96b4e5a75ab0ef6019b60a63741314a
52100762441ce7d48c9b720b42f5f62d5f691ed5e6fede874f4eb0dc327ecd3f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56eb8750086909128805d5b0aed2757a5825a5b1caa6e852eacba5469fe8a6aa
580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd
593fec175b00a1f118f77bb8ed378e857e9f1225f0fc019fcea508b27da53cf0
59bdf429e317602e93ab7f129143a1de99658a7bc9d3022859a2595cf95b57f1
5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5afc688bdaf465a3dde7829c290cce065892b841b5bc7cecb89396d7dcf85970
5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef
5b6bd64c8f7d37dd7bd34e3760cfffa93a982937376e2c02708f63c35c645a07
5ca4b5260e5b7a45b242e3c117e96451cb1d43563baee057f0d609548a112db7
5f68636d014fd5775cd35ffaf199e7d9c9c98d68d262bd5af2820212d3f96569
5feb822d8698f127f0f85d3edf620c63ff5189509fb85992c1d74abbd25d83ee
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3
66b9bd62e2a6489437cc7b3fbcd931b99bdef0731d8abc27faae0cc7184626ff
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
681a187d0cb0a97d9b58ebe82409396f2d4cbb5f797c0de299e4e3f23f8c1724
692fb6d0172aaf378428ac4cf4c73e80ae57fed66494994eb81534593117f17a
6b6c8a53cb4841326e9fb05b33f3aaead9cc0eb705c4de88d717bb15da0d7993
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d78ef2f662f5d46e6f413692e17f19c592a701035e01f7be6165768af75d195
6d92b423128d6db2e717ad525bbda8e0ae7a3f9ac71701ae75bb509332d0df68
6fe62a369d064fd1c62c7c93af1c12e2c03026c74dde488edd0800bda11a0298
72c08283066d0cfa8e04e210801ea9d8f9975cc7f45f77c16c3085f246424378
73ba0f5e3000b016d82851828b4fc6ce832c3bf4cc3d65a6f9c0441ffda988ab
75287fc9ac71538e0c1a0ffb799246ce84c80678574d4f5714a9f7c9de1ef6b1
78d22628b565c4de185a53bd4eaf1f34a9f604fc04900d7533574d90db443a18
7e1a2c909f8d0b72f8cc525d94768b5c158615e9c4911d9d786de8153b5ed768
7e3f976c2c4dde40f1a02ee46c1b1fe52274e3b5504330001f430e8c49cee197
7ea7eb2db1daff0d7aa92a53783cec476e61fd78cad5750960db0e78fe161a7b
80ffc1fd202add9784189f57c11748d75b0d69016d4ab910a74652a7b36923ff
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a
899192d31cbdaa61c8bab2e4e28c1118b1a2404ea87bc3e4854a53bea37b94ed
8bc12ea7d68fffddf5dc2f7ac10a44c78087b1e7f7fe046fcfb7d3c77198d3f4
8ce68a3f9b50e25cf5521f9d29510095c2488f9e12584b4ad8bdf1c30bee4dcb
92e5b01fdfb274bc715d8ad5a4ff8ef7262d7467a23657e88f4562c05adbffdb
932b80926e1d1db1ec34d6c2d333c6482b9c9b1e2f787ad7b27f24b9ceb23908
974a2523a3ada9ff6508ade39f9f33bf6d01596f61b047445b650409defa1e95
97ab411811d4436c975b63b44078385f3b31c9a09fa8d86ee05e24505ddee13b
9a35fac0bcc8a8d7537f639c0c370d57f5f136f87e0527e65c6516ba3d53c2e0
9c8fbcf623ed91a79dffbb948ebd30e91d59e59b0f81734359b76ca6cf02f32b
9ef5d833beee6d3f2043893b3cb6dc3865403cfe6251c9a2aec826e8f4e41bd7
9f95e234907d6a21b8b3768caca177f7b4003689bdd974f1ec7c16ea96cee6c0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d816d08f9168dcac961e98c0fb0f710db699e65b5eb4221f1020c7ba6649f1
a19322964cc86a29d7090a60d9703c044d641eeb2a0d1afcd121e273caad22db
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
a3d8afcbc68d3ae65312e50ce252f5eb4cb817d3fe39452bd37a76f896ab5921
a8087c5c4664c741205200f5e4fce9de11b9844291b609ba1752fe8d1dc0bc62
a81551f948932bc38d1b9d329a865d6050adf2da9dae6ec60395c51c6af06054
a859cebdde9b57c94d1e5e9dee2c3e42aff28bb99644deef15d7e15dff566450
a8d94874a66894f07f2a9e37b4bf6b6ecf9b0632b637105030b32bcdc40285a7
aa8ec93ec8daee9477de8aa5ef0932a71123778ba963a1979d81541be751d806
ad9403b1b5baed4a82677edfe45cc66ce8f4fe2bc2a86ca86f6143afa78180ae
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d6d3457ddbc28733708a97511fcd0f5ab4adfc553f667319d8a3b2c5fd9fa7
b477fe4f245180f5b64eb227704b265e4e111c53746ce3f81dd473f4e091548a
b4f2de5b6b0ce67eb0bdb6bdb1a0272ce6c6a17d9632ec9a090565d339836ab1
bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7
bedb7756004f0aadf96495748c7629ae3d959372f9f913045f367bbaa08ad2e4
bedfe637399b5cb2edd6d657ea884c8e5cb1bb187b76af8b75a5ef21e97c151f
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
c00734ee42d721ada6f6a46154f07e2172c2b8fe8cf394ac6453bf550d993f73
c02760cd8b64cd5252dafe2c3a3680327ac16dd2c28d061c3ab7c72763363699
c13c1b5faeea901a5a226c757d579e804af6ab5c309e16e8d27d8192dd260800
c33412ba91028feec6a26b56c72f3ce03a24512785c25247447c2d1e81c8ff13
c3f5b926895697666d8e1845998e4f3367573bdb769babdca65c5026a57bb387
c420c2545efebcdcedd9fd7e48fe093a8c888f6726710197c0f1adff13b39cf0
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c92cb0522b1d208dc559aa35f8a3c3ce7b922ab57a5475691ef9b13e453d912a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb586fa5466efda7cc10c16c97d93b99d072924853d53e026c5c4bb8abbab4e0
cd99ff739e2486c405deb3673117c104bb4cd0a00c821fb579454e1f776d428a
cf91769ae11889ad46b8090d0d4d58a4621f2bcea35d1d8d96ea5e38ba34ee73
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d6ce93a92222ddec5150f9d4788ea2e4df4108d21666ed8a47a3977c8abb1363
d6d7b42b04319e2d2016aae8f9fd62562a9aefcfbb70a4bff02a2077ed8a0ed5
d78204f047c6bc407947f475c9e06be02f15d41bd3bcbf2a068823287a514dc3
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d937fe37ba1936860c25f23bc45e1e87932efb615c30751b561a2900db8177e5
da3c1b26dfe84271c6c34e204c025eade8b6ba6bb88dbe12fcfd16f598cea96c
dacecd220a567b2711f780bb5e8716cd39d403e90a4f6681f2a7c83f909dadb1
dc32c0e17481e95cd287e4e9950393c58fcdfdad68f571df2a8a394b86a6c363
dc9a623e55aedb7563d96a2bd367237c17bc7d9493bae1300cae0e4e3af8af52
dcacce2cf4b379bbc34c2d74396a09ed9cd36a5523144875cac9132d6cee86d1
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96
e071efe04b422a6c372bae4008b0bfcf14c3e6a3223a9c622f055be77260ed35
e0844a0b1d86f6c7c30323607d02f9f0dd90daa1774a5cfb29ce12cbc2c5b77c
e14430a71349a408afb658f0e495e5f15723da8d183ee851b98aefea80d8be14
e35cdae965132932644d580706fba96e1b54e9affbe3abab406e54e95d17a0cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f22d232b51333214ebfb71482a77fcc6894e292d4234edee0c7382578d2276
e8106b06fab14948098cae97983eafbe1a60643ac725b2a029e4da57d43854df
e8821034e71a6846405afa2bf49ff6c54799c542462e165c0e1a722c1ecccaab
e8fce53e602b22e525d06ba31b166bb4ff461319bc9ae53caad095d185a4d15b
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec55a4bf94cf9d4245ea503b57dc7fdd599f25cb0031d0387d4bc44117138c6d
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee22348c74084e6a05ad12961e9c2b1e0385c396a1723aa19799b89ad1325cd5
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12e8ab0ffaf518b6fa82a0c21843dca105d383ff5c419a4d384a708792ba433
f1771b5160ed3a2a359affa06e7d0c657ebb86956a0479c402c466408a3a9e12
f1eb38841e5980b207471d7baef3359a436a904b741c9b9fc2f8fdd52852bba6
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
f458c138193d26bde5242ed1211f198243b52998699737acfc981ed5c7a04f6b
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f6a292094eb84a9196e1e8aa4f09104f08848ad4ba6001ad1157252f1ca81b13
fd8844e07a245a7492968fae4fcbd9b7d6455ae634d1919d596ebe39cd056587

lelive.weebly.com Open in urlscan Pro 199.34.228.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

251 Requests

96 %HTTPS

55 %IPv6

30 Domains

46 Subdomains

45 IPs

5 Countries

9606 kBTransfer

22965 kBSize

27 Cookies

6 Outgoing links

Page URL History

Redirected requests

251 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lelive.weebly.com Open in urlscan Pro
199.34.228.53 Public Scan

Screenshot
Live screenshot

Full Image

251
Requests

96 %
HTTPS

55 %
IPv6

30
Domains

46
Subdomains

45
IPs

5
Countries

9606 kB
Transfer

22965 kB
Size

27
Cookies

251 HTTP transactions
6 data transactions