Submitted URL: https://clbmarketing.com/dien-dan/members/tomysonblanket.209914/
Effective URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Submission: On February 06 via manual from VN — Scanned from CH

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 56 HTTP transactions. The main IP is 103.83.156.4, located in Singapore and belongs to CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG. The main domain is diendan.clbmarketing.com.
TLS certificate: Issued by R3 on December 29th 2023. Valid for: 3 months.
This is the only time diendan.clbmarketing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 103.83.156.4 17831 (CENTERHOP...)
16 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
56 7
Apex Domain
Subdomains
Transfer
22 clbmarketing.com
clbmarketing.com
diendan.clbmarketing.com
960 KB
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
258 KB
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
www.google.com — Cisco Umbrella Rank: 2
71 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
8 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
251 B
56 5
Domain Requested by
21 diendan.clbmarketing.com diendan.clbmarketing.com
16 pagead2.googlesyndication.com diendan.clbmarketing.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 www.google-analytics.com diendan.clbmarketing.com
1 clbmarketing.com 1 redirects
56 8

This site contains links to these domains. Also see Links.

Domain
clbmarketing.com
Subject Issuer Validity Valid
diendan.clbmarketing.com
R3
2023-12-29 -
2024-03-28
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.google.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
www.google.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh

This page contains 6 frames:

Primary Page: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Frame ID: 6F90E6D1308C026E7376A0C31CC2BF9C
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619117776081563&output=html&adk=85976724&adf=3412083302&lmt=1707181382&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fdiendan.clbmarketing.com%2Fmembers%2Ftomysonblanket.209914%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6~9~14&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707181384222&bpp=3&bdt=703&idt=230&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3731092070546&frm=20&pv=2&ga_vid=680736436.1707181384&ga_sid=1707181384&ga_hid=1452858504&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266&oid=2&pvsid=3471605171602479&tmod=1465893455&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=242
Frame ID: 484954D620790942B6BF85931EF6C569
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619117776081563&output=html&slotname=5029576301&adk=2205993315&adf=3044487438&pi=t.ma~as.5029576301&w=0&fwrn=4&fwrnh=100&lmt=1707181382&rafmt=12&format=0xnull&url=https%3A%2F%2Fdiendan.clbmarketing.com%2Fmembers%2Ftomysonblanket.209914%2F&fwr=0&fwrattr=true&rh=0&rw=0&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707181384225&bpp=1&bdt=706&idt=244&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3731092070546&frm=20&pv=1&ga_vid=680736436.1707181384&ga_sid=1707181384&ga_hid=1452858504&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266&oid=2&pvsid=3471605171602479&tmod=1465893455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEr%7C&abl=CS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=247
Frame ID: C758306857ED7E5DF6543A3300ABAEBE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3619117776081563&output=html&h=280&adk=1210504359&adf=4254417425&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707181382&rafmt=1&to=qs&pwprc=5209607554&format=1200x280&url=https%3A%2F%2Fdiendan.clbmarketing.com%2Fmembers%2Ftomysonblanket.209914%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707181384729&bpp=1&bdt=1209&idt=1&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ed8ae82dd928466%3AT%3D1707181384%3ART%3D1707181384%3AS%3DALNI_MayIU8lzlHT_DbrDM5tOtCH7L_oLQ&gpic=UID%3D00000d51e898a3a7%3AT%3D1707181384%3ART%3D1707181384%3AS%3DALNI_MY3ZcTr17Alv2v1pAjg9_wslJc0lQ&eo_id_str=ID%3D6451aeb716829b12%3AT%3D1707181384%3ART%3D1707181384%3AS%3DAA-AfjZC21H29343fM8iligUslVg&prev_fmts=0x0%2C0xnull&nras=2&correlator=3731092070546&frm=20&pv=1&ga_vid=680736436.1707181384&ga_sid=1707181384&ga_hid=1452858504&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266&oid=2&pvsid=3471605171602479&tmod=1465893455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=173
Frame ID: BF25E1959D04353D7089EE8E092302C8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 47E0B1EEC9FE59869FC9CB16ECF49C76
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A9D2253E8C05E839A39FC7045F4CF01A
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

tomysonblanket | Diễn đàn Marketing (thảo luận, chia sẻ, hỏi đáp)

Page URL History Show full URLs

  1. https://clbmarketing.com/dien-dan/members/tomysonblanket.209914/ HTTP 301
    https://diendan.clbmarketing.com/members/tomysonblanket.209914/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

100 %
HTTPS

86 %
IPv6

5
Domains

8
Subdomains

7
IPs

2
Countries

1297 kB
Transfer

2699 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clbmarketing.com/dien-dan/members/tomysonblanket.209914/ HTTP 301
    https://diendan.clbmarketing.com/members/tomysonblanket.209914/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
diendan.clbmarketing.com/members/tomysonblanket.209914/
Redirect Chain
  • https://clbmarketing.com/dien-dan/members/tomysonblanket.209914/
  • https://diendan.clbmarketing.com/members/tomysonblanket.209914/
43 KB
13 KB
Document
General
Full URL
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed / PHP/8.1.22
Resource Hash
9629fc8a7b137d6c0ea7e7d8ab6fee38ca8ead719e9c6906cc6b4c250df2c1f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
private, no-cache, max-age=0
content-encoding
gzip
content-length
13294
content-type
text/html; charset=utf-8
date
Tue, 06 Feb 2024 01:03:02 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
last-modified
Tue, 06 Feb 2024 01:03:02 GMT
onsuccess
unset X-Content-Type-Options
server
LiteSpeed
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.1.22

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
private, no-cache, max-age=0
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 06 Feb 2024 01:03:02 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
last-modified
Tue, 06 Feb 2024 01:03:01 GMT
location
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
onsuccess
unset X-Content-Type-Options
server
LiteSpeed
vary
User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.1.22
fa-light-300.woff2
diendan.clbmarketing.com/styles/fonts/fa/
180 KB
180 KB
Font
General
Full URL
https://diendan.clbmarketing.com/styles/fonts/fa/fa-light-300.woff2?_v=5.15.3
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Origin
https://diendan.clbmarketing.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Jan 2024 08:34:27 GMT
server
LiteSpeed
vary
User-Agent
content-type
font/woff2
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
184144
expires
Tue, 13 Feb 2024 01:03:02 GMT
fa-solid-900.woff2
diendan.clbmarketing.com/styles/fonts/fa/
134 KB
134 KB
Font
General
Full URL
https://diendan.clbmarketing.com/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Origin
https://diendan.clbmarketing.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Jan 2024 08:34:27 GMT
server
LiteSpeed
vary
User-Agent
content-type
font/woff2
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
136824
expires
Tue, 13 Feb 2024 01:03:02 GMT
fa-brands-400.woff2
diendan.clbmarketing.com/styles/fonts/fa/
75 KB
75 KB
Font
General
Full URL
https://diendan.clbmarketing.com/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Origin
https://diendan.clbmarketing.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Jan 2024 08:34:27 GMT
server
LiteSpeed
vary
User-Agent
content-type
font/woff2
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
76740
expires
Tue, 13 Feb 2024 01:03:02 GMT
css.php
diendan.clbmarketing.com/
402 KB
86 KB
Stylesheet
General
Full URL
https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed / PHP/8.1.22
Resource Hash
7ce8d26aabf34b87940bc532c457b1bc59e8d61824f4ea7535419ea75676b0a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Jan 2024 02:51:09 GMT
server
LiteSpeed
x-powered-by
PHP/8.1.22
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css; charset=utf-8
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=31536000
content-length
87551
expires
Wed, 05 Feb 2025 01:03:02 GMT
css.php
diendan.clbmarketing.com/
7 KB
2 KB
Stylesheet
General
Full URL
https://diendan.clbmarketing.com/css.php?css=public%3Amember.less%2Cpublic%3Anotices.less%2Cpublic%3Aextra.less&s=20&l=3&d=1705632669&k=a95614810b0aa034317be3c90a06b24696ec6248
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed / PHP/8.1.22
Resource Hash
c8bba43e6dd09d2c5e0e1d4e878ca177eb9ed18a9800285f21cf1d81008b29c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Jan 2024 02:51:09 GMT
server
LiteSpeed
x-powered-by
PHP/8.1.22
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/css; charset=utf-8
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=31536000
content-length
2038
expires
Wed, 05 Feb 2025 01:03:02 GMT
preamble.min.js
diendan.clbmarketing.com/js/xf/
4 KB
2 KB
Script
General
Full URL
https://diendan.clbmarketing.com/js/xf/preamble.min.js?_v=1da989c0
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:02 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 04 Jan 2024 08:34:29 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1567
expires
Tue, 13 Feb 2024 01:03:02 GMT
gtm.js
diendan.clbmarketing.com/jc/
264 KB
91 KB
Script
General
Full URL
https://diendan.clbmarketing.com/jc/gtm.js?_v=1da989c0
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed / PHP/8.1.22
Resource Hash
da8fee71dafbf28001e102acf63c7e785e50e2a8d641f024e75252be637b4f41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 06 Feb 2024 01:03:03 GMT
server
LiteSpeed
x-powered-by
PHP/8.1.22
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
application/javascript; charset=utf-8
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=31536000
expires
Thu, 07 Mar 2024 01:03:03 GMT
logo_131x60.png
diendan.clbmarketing.com/data/assets/logo/
3 KB
3 KB
Image
General
Full URL
https://diendan.clbmarketing.com/data/assets/logo/logo_131x60.png
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
169bb31b432f4d2fe2edf2c11f842887024125fe199ca7a8ed475e740859d5cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:03 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Jan 2024 02:36:03 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3059
expires
Tue, 13 Feb 2024 01:03:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
155 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619117776081563
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc620a5409c0d0f2f7726edaf9202d07cb54747c39a2e500c825dcc4420ab039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://diendan.clbmarketing.com/
Origin
https://diendan.clbmarketing.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51936
x-xss-protection
0
server
cafe
etag
6559386372624868122
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 06 Feb 2024 01:03:04 GMT
jquery-3.5.1.min.js
diendan.clbmarketing.com/js/vendor/jquery/
87 KB
30 KB
Script
General
Full URL
https://diendan.clbmarketing.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=1da989c0
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:02 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 04 Jan 2024 08:34:29 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
30280
expires
Tue, 13 Feb 2024 01:03:02 GMT
vendor-compiled.js
diendan.clbmarketing.com/js/vendor/
43 KB
12 KB
Script
General
Full URL
https://diendan.clbmarketing.com/js/vendor/vendor-compiled.js?_v=1da989c0
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:02 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 04 Jan 2024 08:34:31 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
12298
expires
Tue, 13 Feb 2024 01:03:02 GMT
core-compiled.js
diendan.clbmarketing.com/js/xf/
211 KB
58 KB
Script
General
Full URL
https://diendan.clbmarketing.com/js/xf/core-compiled.js?_v=1da989c0
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
9b3ac0feea940572935c876792af52347e06b26900eb88c4c479448fa319a937
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 04 Jan 2024 08:34:28 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
59547
expires
Tue, 13 Feb 2024 01:03:03 GMT
inline_mod.min.js
diendan.clbmarketing.com/js/xf/
6 KB
2 KB
Script
General
Full URL
https://diendan.clbmarketing.com/js/xf/inline_mod.min.js?_v=1da989c0
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
50dd71cf1cba64856357e62f4999a34c5b7952632efbe186ed3195ce4792612e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 04 Jan 2024 08:34:27 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2123
expires
Tue, 13 Feb 2024 01:03:03 GMT
notice.min.js
diendan.clbmarketing.com/js/xf/
4 KB
1 KB
Script
General
Full URL
https://diendan.clbmarketing.com/js/xf/notice.min.js?_v=1da989c0
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 04 Jan 2024 08:34:28 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1408
expires
Tue, 13 Feb 2024 01:03:03 GMT
topright.svg
diendan.clbmarketing.com/styles/turbo/img/
1 KB
798 B
Image
General
Full URL
https://diendan.clbmarketing.com/styles/turbo/img/topright.svg
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
996279be78f9fae0b0b916f198587f435e7fa8422d4a6c0bc9cac5ee5dfdcd08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2023 02:35:42 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
738
expires
Tue, 13 Feb 2024 01:03:03 GMT
bottomright.svg
diendan.clbmarketing.com/styles/turbo/img/
1 KB
758 B
Image
General
Full URL
https://diendan.clbmarketing.com/styles/turbo/img/bottomright.svg
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
996279be78f9fae0b0b916f198587f435e7fa8422d4a6c0bc9cac5ee5dfdcd08
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2023 02:35:42 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
738
expires
Tue, 13 Feb 2024 01:03:03 GMT
footer-city.png
diendan.clbmarketing.com/styles/turbo/img/
15 KB
15 KB
Image
General
Full URL
https://diendan.clbmarketing.com/styles/turbo/img/footer-city.png
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
72bf496f15b29c8e002f7d525dbc784606d871241d05a28b37792d4a710d4b3f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2023 02:35:42 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/png
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
15433
expires
Tue, 13 Feb 2024 01:03:03 GMT
ProximaSoft-Regular.woff2
diendan.clbmarketing.com/styles/turbo/font/
41 KB
41 KB
Font
General
Full URL
https://diendan.clbmarketing.com/styles/turbo/font/ProximaSoft-Regular.woff2
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
6e8ee6996fb3309039f67043a7075390ba0fa4154cda8dfc866fac473fc17abb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
Origin
https://diendan.clbmarketing.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2023 02:35:42 GMT
server
LiteSpeed
vary
User-Agent
content-type
font/woff2
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
42200
expires
Tue, 13 Feb 2024 01:03:03 GMT
fa-regular-400.woff2
diendan.clbmarketing.com/styles/fonts/fa/
165 KB
165 KB
Font
General
Full URL
https://diendan.clbmarketing.com/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
Origin
https://diendan.clbmarketing.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 04 Jan 2024 08:34:27 GMT
server
LiteSpeed
vary
User-Agent
content-type
font/woff2
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
168768
expires
Tue, 13 Feb 2024 01:03:03 GMT
ProximaSoft-Bold.woff2
diendan.clbmarketing.com/styles/turbo/font/
42 KB
42 KB
Font
General
Full URL
https://diendan.clbmarketing.com/styles/turbo/font/ProximaSoft-Bold.woff2
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
0a1ff215c6cfc0cc869f4d905aa6c5d55e237996ec92bb47169d7f6bb4ec7dc0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
Origin
https://diendan.clbmarketing.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 27 Apr 2023 02:35:42 GMT
server
LiteSpeed
vary
User-Agent
content-type
font/woff2
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
42560
expires
Tue, 13 Feb 2024 01:03:03 GMT
209914.jpg
diendan.clbmarketing.com/data/avatars/l/209/
5 KB
5 KB
Image
General
Full URL
https://diendan.clbmarketing.com/data/avatars/l/209/209914.jpg?1664270476
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , CHACHA20_POLY1305
Server
103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),
Reverse DNS
share01.centerhop.com
Software
LiteSpeed /
Resource Hash
8c186ad9490cc543132d5c3489dbd7606f687bae9d247f22df67096d49047631
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/members/tomysonblanket.209914/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 27 Sep 2022 09:21:16 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/jpeg
onsuccess
unset X-Content-Type-Options
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5296
expires
Tue, 13 Feb 2024 01:03:03 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/
406 KB
138 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619117776081563
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef11b81e50962b3403a1934aef96d05dd392826ef7706831a4e1d2be9f7692fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140924
x-xss-protection
0
server
cafe
etag
4876905354173811297
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 01:03:04 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4849
34 KB
7 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619117776081563&output=html&adk=85976724&adf=3412083302&lmt=1707181382&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fdiendan.clbmarketing.com%2Fmembers%2Ftomysonblanket.209914%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6~9~14&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707181384222&bpp=3&bdt=703&idt=230&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3731092070546&frm=20&pv=2&ga_vid=680736436.1707181384&ga_sid=1707181384&ga_hid=1452858504&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266&oid=2&pvsid=3471605171602479&tmod=1465893455&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=242
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a7580c600cf3da4d902b44ea5dcfa2e7a3b8aa43ce6ae00d98d489ec3e3c78e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://diendan.clbmarketing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
6374
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Feb 2024 01:03:04 GMT
expires
Tue, 06 Feb 2024 01:03:04 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C758
862 B
580 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619117776081563&output=html&slotname=5029576301&adk=2205993315&adf=3044487438&pi=t.ma~as.5029576301&w=0&fwrn=4&fwrnh=100&lmt=1707181382&rafmt=12&format=0xnull&url=https%3A%2F%2Fdiendan.clbmarketing.com%2Fmembers%2Ftomysonblanket.209914%2F&fwr=0&fwrattr=true&rh=0&rw=0&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707181384225&bpp=1&bdt=706&idt=244&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3731092070546&frm=20&pv=1&ga_vid=680736436.1707181384&ga_sid=1707181384&ga_hid=1452858504&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266&oid=2&pvsid=3471605171602479&tmod=1465893455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEr%7C&abl=CS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=247
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aac075f869da419d98e792f1866c5acf31b10313c09d3c767a89615386717ae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://diendan.clbmarketing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
408
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Feb 2024 01:03:04 GMT
expires
Tue, 06 Feb 2024 01:03:04 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-3619117776081563
fundingchoicesmessages.google.com/i/
183 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-3619117776081563?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ebc9339a5e76539a84a77f732bc58444122d7f2b1df91b7f60f186607fa23794
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MFlv7JhX8agaJmizacu17w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-MFlv7JhX8agaJmizacu17w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzj2sKoxSXF4KghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWFjuPKs0EAvxcJzoalvHJnBh8_FWZgAJdFBP"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1280990098775156&num=0&dvc=0&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 01:03:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1280990098775156&num=1&dvc=0&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 01:03:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1280990098775156&num=2&dvc=0&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 01:03:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1280990098775156&num=3&dvc=0&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 01:03:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1280990098775156&num=4&dvc=0&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 01:03:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1280990098775156&num=5&dvc=0&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 01:03:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1280990098775156&num=6&dvc=0&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 01:03:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=1&wpc=ca-pub-3619117776081563&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=true&reatf=false&a=6%2C1%2C5%2C7&apv=20240131_093458&sat=1706930278856&afm=2%2C0%2C1&as_count=0&d_count=0&ng_count=0&am_count=1&atf_count=0&mdns=0&alldns=0.159&allp=85&fd=(0%2C26%2C7)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1763&abl=false&rr=n&su=diendan.clbmarketing.com&pvc=3471605171602479&r=0.1&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 01:03:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266&hl=vi&pvc=3471605171602479
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 01:03:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
251 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-HW917LH537&gtm=45je41v0v878352579za200&_p=1707181384033&gcd=13l3l3l3l1&npa=0&dma=0&cid=680736436.1707181384&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707181384&sct=1&seg=0&dl=https%3A%2F%2Fdiendan.clbmarketing.com%2Fmembers%2Ftomysonblanket.209914%2F&dt=tomysonblanket%20%7C%20Di%E1%BB%85n%20%C4%91%C3%A0n%20Marketing%20(th%E1%BA%A3o%20lu%E1%BA%ADn%2C%20chia%20s%E1%BA%BB%2C%20h%E1%BB%8Fi%20%C4%91%C3%A1p)&en=page_view&_fv=1&_ss=1&_ee=1&epn.style_id=20&tfd=2486
Requested by
Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/jc/gtm.js?_v=1da989c0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Feb 2024 01:03:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://diendan.clbmarketing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame BF25
436 B
532 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3619117776081563&output=html&h=280&adk=1210504359&adf=4254417425&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1707181382&rafmt=1&to=qs&pwprc=5209607554&format=1200x280&url=https%3A%2F%2Fdiendan.clbmarketing.com%2Fmembers%2Ftomysonblanket.209914%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707181384729&bpp=1&bdt=1209&idt=1&shv=r20240131&mjsv=m202401300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3ed8ae82dd928466%3AT%3D1707181384%3ART%3D1707181384%3AS%3DALNI_MayIU8lzlHT_DbrDM5tOtCH7L_oLQ&gpic=UID%3D00000d51e898a3a7%3AT%3D1707181384%3ART%3D1707181384%3AS%3DALNI_MY3ZcTr17Alv2v1pAjg9_wslJc0lQ&eo_id_str=ID%3D6451aeb716829b12%3AT%3D1707181384%3ART%3D1707181384%3AS%3DAA-AfjZC21H29343fM8iligUslVg&prev_fmts=0x0%2C0xnull&nras=2&correlator=3731092070546&frm=20&pv=1&ga_vid=680736436.1707181384&ga_sid=1707181384&ga_hid=1452858504&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531705%2C95322747%2C95322329%2C95324154%2C95324161%2C95324266&oid=2&pvsid=3471605171602479&tmod=1465893455&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=173
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9b3cf2b0aaab5b2f4e9f0f5f812bb2c6edce080648ff43566e5800b51e7cc0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://diendan.clbmarketing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 06 Feb 2024 01:03:05 GMT
expires
Tue, 06 Feb 2024 01:03:05 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXCJeZ70lT_ykq9GPtUjf4i-LjNVhB-s5pg5DMiQJAPqb-QFnOtibNNC8Oy0hChVMuvo6TyDYV6hhXc-YThxIQ2dnVE-ABAL9bX3k4u2yNqt31pa0KVVNtgodBClVlsOLrDgiQarA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXCJeZ70lT_ykq9GPtUjf4i-LjNVhB-s5pg5DMiQJAPqb-QFnOtibNNC8Oy0hChVMuvo6TyDYV6hhXc-YThxIQ2dnVE-ABAL9bX3k4u2yNqt31pa0KVVNtgodBClVlsOLrDgiQarA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MTgxMzg0LDkwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9kaWVuZGFuLmNsYm1hcmtldGluZy5jb20vbWVtYmVycy90b215c29uYmxhbmtldC4yMDk5MTQvIixudWxsLFtbOCwiZ0R0eWc2WGw0NWsiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
345f5b470ae1cfcfd2b9210bc146467c866c3eec656350bdc56ec88f292d1ca6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GySW8LEHtk2J6xvI54I72w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-GySW8LEHtk2J6xvI54I72w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4K8hxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWFjuPKs0EAvxcJzoalvHJnDg6NuDzAAUulDB"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVdDvruULBW63RdpwGYHo2tm6JSXGl1YGhIgYlhYyg2zaRrIBJvJYWKBS8bCIlDDeG_6XJBB_CSKAlXsDrOIG7m6u8Twb9QXjNAbYu7bzPf6zVbEgmCmetw6are2aaTn0-1xWtJ4w==
fundingchoicesmessages.google.com/f/
10 KB
5 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVdDvruULBW63RdpwGYHo2tm6JSXGl1YGhIgYlhYyg2zaRrIBJvJYWKBS8bCIlDDeG_6XJBB_CSKAlXsDrOIG7m6u8Twb9QXjNAbYu7bzPf6zVbEgmCmetw6are2aaTn0-1xWtJ4w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MTgxMzg0LDk2NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImRlIl0sImh0dHBzOi8vZGllbmRhbi5jbGJtYXJrZXRpbmcuY29tL21lbWJlcnMvdG9teXNvbmJsYW5rZXQuMjA5OTE0LyIsbnVsbCxbWzgsImdEdHlnNlhsNDVrIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8b136423ab99fedb482961ec5ed94e492c226c9a4122ec88a9570cba52ada975
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9bsdaANldLmNpQbdRbTgAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-9bsdaANldLmNpQbdRbTgAw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4KshxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWFjuPKs0EAtxc5zsalvHJrDhyVNOAMHDUAs"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240131&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bab7015144d257d89adc865dcbfc3d551a8105064dcfedfb8a1b7fd77499584
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12484
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401300101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 06 Feb 2024 01:03:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 47E0
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://diendan.clbmarketing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
9983
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 05 Feb 2024 22:16:42 GMT
expires
Tue, 04 Feb 2025 22:16:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A9D2
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
220dd6cc9e9231d585047991273657bad13461faed474b40dcaf5255b381e8b9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kuOeG7Wehbm1gQOl5G5bag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://diendan.clbmarketing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-kuOeG7Wehbm1gQOl5G5bag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 06 Feb 2024 01:03:05 GMT
expires
Tue, 06 Feb 2024 01:03:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 47E0
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 11:43:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
47974
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 04 Feb 2025 11:43:31 GMT
generate_204
tpc.googlesyndication.com/ Frame 47E0
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?GH7AmQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A9D2
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240131&jk=3471605171602479&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Oas
fundingchoicesmessages.google.com/f/AGSKWxVzaQavK5uGXdjSlO1gClvidOzASndEbJXHSx0en9hmykLYOrPRWC0LCQZiMcCp-IJDzjd-zr-qkeO5uWHos-tbShhHdXFXnJCPqzJmu90CFvEqxHbqMmtJjWOJSsWSIU872LoTrLAGW_5ZJhLUcxpXHZH1p...
54 B
110 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVzaQavK5uGXdjSlO1gClvidOzASndEbJXHSx0en9hmykLYOrPRWC0LCQZiMcCp-IJDzjd-zr-qkeO5uWHos-tbShhHdXFXnJCPqzJmu90CFvEqxHbqMmtJjWOJSsWSIU872LoTrLAGW_5ZJhLUcxpXHZH1pMp_Rvzt4q-8Z1SQSbZ4x70nWaPsynUg/_/nugg.min.js/gafc.js/adslots./Ad/Oas?/gujAd.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxOkeKZ5DCvIIGtD-dFwwHRUpo-mQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
736f2c98d81e1449daf8da5bbeac884fc236c0abd21b1b6c29bb657efe394fd2
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IXZ3CPa76ngMUI8GAZfIXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-IXZ3CPa76ngMUI8GAZfIXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4KghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWFjuPKs0EAvxcJzsalvHJjBjxsFDTAAIYlAz"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/
86 KB
30 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxOkeKZ5DCvIIGtD-dFwwHRUpo-mQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38d2f2408d9231f9a8d5ad291bc376c4ef873cabed2c11282bc2bd2c061e510c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 00:49:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
809
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31173
x-xss-protection
0
server
cafe
etag
9583409963548138922
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Feb 2024 01:49:36 GMT
AGSKWxVEpUlAhURqsWYeJCElH_kijXBeLcmBvnMDnEYKXEo-vqjr9bkEs9REVSuWcT8b947leK0y8qqhNaGjBOSmozLoIJhUMH7zgJf5bAivzeKACvu1jaBRtNgm9Prd0dBNYpKk6D5NoQ==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVEpUlAhURqsWYeJCElH_kijXBeLcmBvnMDnEYKXEo-vqjr9bkEs9REVSuWcT8b947leK0y8qqhNaGjBOSmozLoIJhUMH7zgJf5bAivzeKACvu1jaBRtNgm9Prd0dBNYpKk6D5NoQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qlXGf7nQ0kwjpCcPFd-Xcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://diendan.clbmarketing.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 01:03:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-qlXGf7nQ0kwjpCcPFd-Xcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABCX3T7HWgfEwnLnWaWBWIiH42RX2zo2gRXrlr1lAgDKqR7O"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://diendan.clbmarketing.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVEpUlAhURqsWYeJCElH_kijXBeLcmBvnMDnEYKXEo-vqjr9bkEs9REVSuWcT8b947leK0y8qqhNaGjBOSmozLoIJhUMH7zgJf5bAivzeKACvu1jaBRtNgm9Prd0dBNYpKk6D5NoQ==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVEpUlAhURqsWYeJCElH_kijXBeLcmBvnMDnEYKXEo-vqjr9bkEs9REVSuWcT8b947leK0y8qqhNaGjBOSmozLoIJhUMH7zgJf5bAivzeKACvu1jaBRtNgm9Prd0dBNYpKk6D5NoQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FlM2anmQ7zYWOBxwVM2tyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://diendan.clbmarketing.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 01:03:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-FlM2anmQ7zYWOBxwVM2tyA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABCX3T7HWgfEwnLnWaWBWIiH42RX2zo2gQkL7r5mAgDFuh7N"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://diendan.clbmarketing.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVEpUlAhURqsWYeJCElH_kijXBeLcmBvnMDnEYKXEo-vqjr9bkEs9REVSuWcT8b947leK0y8qqhNaGjBOSmozLoIJhUMH7zgJf5bAivzeKACvu1jaBRtNgm9Prd0dBNYpKk6D5NoQ==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVEpUlAhURqsWYeJCElH_kijXBeLcmBvnMDnEYKXEo-vqjr9bkEs9REVSuWcT8b947leK0y8qqhNaGjBOSmozLoIJhUMH7zgJf5bAivzeKACvu1jaBRtNgm9Prd0dBNYpKk6D5NoQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-v9xHTxz661RQZRL3ykQsUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://diendan.clbmarketing.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 01:03:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-v9xHTxz661RQZRL3ykQsUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABCX3T7HWgfEwnLnWaWBWIiH42RX2zo2gRnrjt5iAgDFFB64"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://diendan.clbmarketing.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVEpUlAhURqsWYeJCElH_kijXBeLcmBvnMDnEYKXEo-vqjr9bkEs9REVSuWcT8b947leK0y8qqhNaGjBOSmozLoIJhUMH7zgJf5bAivzeKACvu1jaBRtNgm9Prd0dBNYpKk6D5NoQ==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVEpUlAhURqsWYeJCElH_kijXBeLcmBvnMDnEYKXEo-vqjr9bkEs9REVSuWcT8b947leK0y8qqhNaGjBOSmozLoIJhUMH7zgJf5bAivzeKACvu1jaBRtNgm9Prd0dBNYpKk6D5NoQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dK_GXZxHLm4hD7D8wQxkog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://diendan.clbmarketing.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 01:03:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dK_GXZxHLm4hD7D8wQxkog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABCX3T7HWgfEwnLnWaWBWIiH42RX2zo2gQVH971hAgDFWR7h"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://diendan.clbmarketing.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUVZyzQgnOCiK8gcx0668hlh0Nlxr-hiWZlxaO6NSdQTMa8XsxkrA1pwUyjqMUd0xuwRJckc4oit3QGkgohtAP9qi11D1gYvCy5UK2h-G2Nh32hQhyL238Rv7q-FfiIWoDCCO5Rng==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUVZyzQgnOCiK8gcx0668hlh0Nlxr-hiWZlxaO6NSdQTMa8XsxkrA1pwUyjqMUd0xuwRJckc4oit3QGkgohtAP9qi11D1gYvCy5UK2h-G2Nh32hQhyL238Rv7q-FfiIWoDCCO5Rng==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3MTgxMzg1LDY5ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZGUiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9kaWVuZGFuLmNsYm1hcmtldGluZy5jb20vbWVtYmVycy90b215c29uYmxhbmtldC4yMDk5MTQvIixudWxsLFtbOCwiZ0R0eWc2WGw0NWsiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
572e0d1af60060b7d3ee4ea468a3f7741d69e56bc39b3d3d7f6540e78a469585
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NrUca7MQcVM9wG16rY04vA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 01:03:05 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NrUca7MQcVM9wG16rY04vA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzj2sKoxSXF4KUhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQListvnWOuAWFjuPKs0EAvxcJzsalvHJjBhx8_7TAAQSlCp"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUzKLCh4DqChF4gsSTjNQyswxxNTlMtD-f5mQUfWX95ueoVVBbsshbV-NmGu5lgZ7yRHqpWYzEztRfSb2UrW9da6KYOjIuSpoX-oVxovjBkUZLe8Y2LBbQ3qyIEGTRLIjHFMiliyA==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUzKLCh4DqChF4gsSTjNQyswxxNTlMtD-f5mQUfWX95ueoVVBbsshbV-NmGu5lgZ7yRHqpWYzEztRfSb2UrW9da6KYOjIuSpoX-oVxovjBkUZLe8Y2LBbQ3qyIEGTRLIjHFMiliyA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--gt8_CbuzhMi5vpMi-PcEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://diendan.clbmarketing.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 01:03:05 GMT
content-security-policy
script-src 'report-sample' 'nonce--gt8_CbuzhMi5vpMi-PcEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII0JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABCX3T7HWgfEwnLnWaWBWIiH42RX2zo2gReXPnxmAgDMeR9_"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://diendan.clbmarketing.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVEpUlAhURqsWYeJCElH_kijXBeLcmBvnMDnEYKXEo-vqjr9bkEs9REVSuWcT8b947leK0y8qqhNaGjBOSmozLoIJhUMH7zgJf5bAivzeKACvu1jaBRtNgm9Prd0dBNYpKk6D5NoQ==
fundingchoicesmessages.google.com/el/
0
29 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVEpUlAhURqsWYeJCElH_kijXBeLcmBvnMDnEYKXEo-vqjr9bkEs9REVSuWcT8b947leK0y8qqhNaGjBOSmozLoIJhUMH7zgJf5bAivzeKACvu1jaBRtNgm9Prd0dBNYpKk6D5NoQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.gDtyg6Xl45k.es5.O/am=wA/d=1/rs=AJlcJMzcKPuTNBHL74q8m-XTzMPTxdyk0A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qtsf2h1JkgNonr_JPg7Hqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://diendan.clbmarketing.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 06 Feb 2024 01:03:05 GMT
content-security-policy
script-src 'report-sample' 'nonce-Qtsf2h1JkgNonr_JPg7Hqg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrABCX3T7HWgfEwnLnWaWBWIiH42RX2zo2gQmzJrYyAwDI0x4m"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://diendan.clbmarketing.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240131&jk=3471605171602479&bg=!QUKlQg3NAAa8BdJLnAU7ADQBe5WfOJ53fTfzsMwFLJIfip2oKa2_laG23mSX4GctUX_r2IAk68c_amU-ug-VhIhSI8vBAgAAADBSAAAAAmgBBwoAXZUiNRz09xKcD8D-fvb9WJ1ggd95CO926Xw5o46bqrqwAUDiFoBeFwupUJiAvseMvAfAAaCRw3JWtKNS1_jpqYgL_pkEky8SNaPEp-gsRFWeb2bVGUbl2Hh6L8AkzJkC1LJ-vGl7n_8J21EBRC4B1vtcI0slMy97o_nFGsfw1O0M69JbjERPYO_xMQoihhArClJTEXJRILylORp008rLlm13DTMXX8nHM0kzx0nvrj4RyXMQgaQXrNNawogMVDuEW2nK-KGwCkQRqdCc41A3S3N8NfkqKvuq0oKV1bLxKfJvpoX_L0d04VEwRcAnkT8KWdyMGjPFhvu8mNJtLfAGKYneS8NNNq8wrVeavA-jnU6n1L_Q3ZLmCa39C9m3tEMP2SNI4XMb0yEN-SBz_6BzSYCHv1TalsgMntyksO2pROugkmLgboCdgFtRJKbuq0a0fl4uFQH6DQnM9sftBr5G7QS_m9ATe6EWkRbSbDIRCYUwiil4xKgNguOq-F76_c0ajVbKFoTqooDg0_8hSAFrdRDWphWNmSzJJuAEYPNdQ5d1U05Mwuv26r2KktwEQ0hrunZuMYvFYm3wjZL8JKT26MEEy3NKechGvxpTHZ1ltGqxbbXikBcSOTDLGDVaoC5GJQ8QOAsNaa-hBjvuDymfqvLP8wdLPJnf9tKkrwszS7cunJ54iA4g8c8-seAYxeqV_UhTzooc0sr5i5wKhh52VAE3RodDLGr49VIuwy_Lk9yi-aN_jw8VzyggTCTCqOkolDPdUkQiykm-7xbikzxR593Je1MYGZ-bqGr8dloXX03UKunvLk0Cvn_YIV1EomwR_tCMQ40uhUXiu77pS_0e1iIkeA4_dZdWcBODcEG6MAOC8Vopjgd5mNwritPMrhBVPij5wkf_2XyvUvjVRalOFSgepIkWMKrCuRsz26O27d1OdJ1PbQ6SD6YsEjLG2_zpLL-ThBh5tU6LyqYyNq9EoDBnn6_2rhz1dw6a2fJ4hOxq4ybFSg9IBQNLaGUy87o678trRoi7fZuiYPbkVj0WokaiCEWxWm1Wzzo2M9_Sr7R5EPUkGBef6SbCVQDb5N2yuVjBmGs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://diendan.clbmarketing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| XF function| gtag object| dataLayer object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery object| Mustache function| autosize function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| google_image_requests object| google_tag_manager object| googletag function| onYouTubeIframeAPIReady object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| NThlZTM1MzFjYWUzMTI0OWxvYWRlcl9qcw== string| NThlZTM1MzFjYWUzMTI0OWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms number| __google_lidar_ function| __google_lidar_radf_ boolean| 96830fb2-4f73-4916-ba4c-3f4c7d9a1b3c

8 Cookies

Domain/Path Name / Value
diendan.clbmarketing.com/ Name: xf_csrf
Value: LVCXUFC4xrH5CrlM
.clbmarketing.com/ Name: _ga_HW917LH537
Value: GS1.1.1707181384.1.0.1707181384.0.0.0
.clbmarketing.com/ Name: _ga
Value: GA1.1.680736436.1707181384
.clbmarketing.com/ Name: __gads
Value: ID=3ed8ae82dd928466:T=1707181384:RT=1707181384:S=ALNI_MayIU8lzlHT_DbrDM5tOtCH7L_oLQ
.clbmarketing.com/ Name: __gpi
Value: UID=00000d51e898a3a7:T=1707181384:RT=1707181384:S=ALNI_MY3ZcTr17Alv2v1pAjg9_wslJc0lQ
.clbmarketing.com/ Name: __eoi
Value: ID=6451aeb716829b12:T=1707181384:RT=1707181384:S=AA-AfjZC21H29343fM8iligUslVg
.doubleclick.net/ Name: IDE
Value: AHWqTUnfuokyneTp1bAkFqmaMfB--ZQ6-rfLHVFHQDnGhMSzHAkcB9S0PS0csDr1mrk
.clbmarketing.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_XqcWsIOWImTBWil9AKwZYTzzUsCOGvachEg1Ta5BcPKr_EhB7HfjGhWd9CVO7rYESamOYHV8QKqczQ970BBEZuq8aSFPsjvHhD1e91Ew4Ypa7kiUTBlHAtJ5mm59TUgLi_qs2kaP4mOeHBBcakRgeN6zgGQ%3D%3D%22%5D%5D

5 Console Messages

Source Level URL
Text
other warning URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/(Line 1439)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://diendan.clbmarketing.com/members/tomysonblanket.209914/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clbmarketing.com
diendan.clbmarketing.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
103.83.156.4
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
0a1ff215c6cfc0cc869f4d905aa6c5d55e237996ec92bb47169d7f6bb4ec7dc0
0a7580c600cf3da4d902b44ea5dcfa2e7a3b8aa43ce6ae00d98d489ec3e3c78e
169bb31b432f4d2fe2edf2c11f842887024125fe199ca7a8ed475e740859d5cc
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
220dd6cc9e9231d585047991273657bad13461faed474b40dcaf5255b381e8b9
304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c
345f5b470ae1cfcfd2b9210bc146467c866c3eec656350bdc56ec88f292d1ca6
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e
38d2f2408d9231f9a8d5ad291bc376c4ef873cabed2c11282bc2bd2c061e510c
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
50dd71cf1cba64856357e62f4999a34c5b7952632efbe186ed3195ce4792612e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
572e0d1af60060b7d3ee4ea468a3f7741d69e56bc39b3d3d7f6540e78a469585
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6bab7015144d257d89adc865dcbfc3d551a8105064dcfedfb8a1b7fd77499584
6e8ee6996fb3309039f67043a7075390ba0fa4154cda8dfc866fac473fc17abb
72bf496f15b29c8e002f7d525dbc784606d871241d05a28b37792d4a710d4b3f
736f2c98d81e1449daf8da5bbeac884fc236c0abd21b1b6c29bb657efe394fd2
7ce8d26aabf34b87940bc532c457b1bc59e8d61824f4ea7535419ea75676b0a1
8b136423ab99fedb482961ec5ed94e492c226c9a4122ec88a9570cba52ada975
8c186ad9490cc543132d5c3489dbd7606f687bae9d247f22df67096d49047631
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
9629fc8a7b137d6c0ea7e7d8ab6fee38ca8ead719e9c6906cc6b4c250df2c1f6
996279be78f9fae0b0b916f198587f435e7fa8422d4a6c0bc9cac5ee5dfdcd08
9b3ac0feea940572935c876792af52347e06b26900eb88c4c479448fa319a937
a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b
aac075f869da419d98e792f1866c5acf31b10313c09d3c767a89615386717ae7
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
c8bba43e6dd09d2c5e0e1d4e878ca177eb9ed18a9800285f21cf1d81008b29c0
cc620a5409c0d0f2f7726edaf9202d07cb54747c39a2e500c825dcc4420ab039
da8fee71dafbf28001e102acf63c7e785e50e2a8d641f024e75252be637b4f41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b3cf2b0aaab5b2f4e9f0f5f812bb2c6edce080648ff43566e5800b51e7cc0b
e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d
ebc9339a5e76539a84a77f732bc58444122d7f2b1df91b7f60f186607fa23794
ef11b81e50962b3403a1934aef96d05dd392826ef7706831a4e1d2be9f7692fb
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d