timbu.com Open in urlscan Pro
142.132.214.40 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://timbu.com/
Submission: On October 02 via manual (October 2nd 2022, 12:26:22 am UTC) from US — Scanned from DE

Summary HTTP 113 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 24 domains to perform 113 HTTP transactions. The main IP is 142.132.214.40, located in Germany and belongs to HETZNER-AS, DE. The main domain is timbu.com.
TLS certificate: Issued by R3 on August 9th 2022. Valid for: 3 months.

This is the only time timbu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	142.132.214.40 142.132.214.40	24940 (HETZNER-AS) (HETZNER-AS)
17	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:80a::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400d:807::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	142.251.39.66 142.251.39.66	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.239.111 3.123.239.111	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
113	27

33 142.132.214.40 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.40.214.132.142.clients.your-server.de

timbu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.timbu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

smartlock.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.66 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s39-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.239.111 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-239-111.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	timbu.com timbu.com cms.timbu.com	2 MB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	340 KB
17	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	104 KB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	41 KB
6	google.com 1 redirects smartlock.google.com — Cisco Umbrella Rank: 203038 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 76	2 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	140 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 429	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6301 adservice.google.de — Cisco Umbrella Rank: 8962	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	221 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 95	53 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 129 partner.googleadservices.com — Cisco Umbrella Rank: 862	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	111 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	459 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 647	166 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1470	351 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 650	761 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 979	463 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 191	44 KB
1	gstatic.com fonts.gstatic.com	38 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 663	66 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 707	7 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	1 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
113	24

	Domain	Requested by
28	timbu.com	timbu.com
17	cdnjs.cloudflare.com	timbu.com cdnjs.cloudflare.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	pagead2.googlesyndication.com	timbu.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com googleads.g.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com timbu.com
5	cms.timbu.com	timbu.com
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	www.google.com	1 redirects timbu.com googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.googletagmanager.com	timbu.com
2	ssum-sec.casalemedia.com	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.facebook.com	timbu.com
2	www.youtube.com	timbu.com www.youtube.com
2	connect.facebook.net	timbu.com connect.facebook.net
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	timbu.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	code.jquery.com	timbu.com
1	smartlock.google.com	timbu.com
1	maxcdn.bootstrapcdn.com	timbu.com
1	fonts.googleapis.com	timbu.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
113	32

This site contains links to these domains. Also see Links.

Domain
twitter.com
business.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
timbu.com R3	`2022-08-09` - `2022-11-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
cms.timbu.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-11` - `2022-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://timbu.com/
Frame ID: F10E4F968BE5D234D2AC3081AB99C748
Requests: 83 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: DE9722849CC43F0B2BC32681273AC35E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4930277158492412&output=html&h=280&slotname=7592719917&adk=440918045&adf=2160307466&pi=t.ma~as.7592719917&w=1200&fwrn=4&fwrnh=100&lmt=1664670376&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftimbu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664670375960&bpp=6&bdt=563&idt=227&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=3150614529060&frm=20&pv=2&ga_vid=1421251649.1664670376&ga_sid=1664670376&ga_hid=462579425&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069962%2C42531705%2C31070010%2C44770880&oid=2&pvsid=2751025819625342&tmod=1909148396&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=YpSNWIbV5T&p=https%3A//timbu.com&dtd=265
Frame ID: 553148769F08E14A5C0047F580576E00
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4930277158492412&output=html&adk=1812271804&adf=3025194257&lmt=1664670376&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimbu.com%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664670375981&bpp=2&bdt=584&idt=254&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=3150614529060&frm=20&pv=1&ga_vid=1421251649.1664670376&ga_sid=1664670376&ga_hid=462579425&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069962%2C42531705%2C31070010%2C44770880&oid=2&pvsid=2751025819625342&tmod=1909148396&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=263
Frame ID: 82C23665DAC87E0ED7C62EE71DEA64AD
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 5742DCD966AEE880BC92140769B1E3DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CFCEE24A72FCCF671578F0DA289E40AB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FE0CFF8477B45CB0935B75DBF7B79AB1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js
Frame ID: 67E5DDCBC94AE1669526326054864B46
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 459F8D5B7A3E0808029C749E2B2CE1D4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 509D93614C359E95B9324C3F64FAE668
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Timbu.com - Adventures, Experiences and Hotels in Africa

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

113
Requests

96 %
HTTPS

72 %
IPv6

24
Domains

32
Subdomains

27
IPs

6
Countries

3412 kB
Transfer

5671 kB
Size

23
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/timbu

Search URL Search Domain Scan URL

URL: https://business.facebook.com/gotimbu/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gotimbu/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96

https://d.agkn.com/pixel/2175/?google_gid=CAESEJqlrMEhSvyY1AkJih889NY&google_cver=1&google_push=AZmPxg92zkW20_ff_zuPtO6AtCZanESprnG0bT0AmTW_IOd5dUqFsxr_BDb_3M6aEQIAjXeH2d25FbWNTv73T7aZgG16ANRQFOEFSA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg92zkW20_ff_zuPtO6AtCZanESprnG0bT0AmTW_IOd5dUqFsxr_BDb_3M6aEQIAjXeH2d25FbWNTv73T7aZgG16ANRQFOEFSA&google_hm=Q0FFU0VKcWxyTUVoU3Z5WTFBa0ppaDg4OU5Z

Request Chain 99

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMp7U9Ce5xckJe-FTp4HS6o&google_cver=1&google_push=AZmPxg9nVLd0weAl_8a9EjRs-afZI3QjFp9D-lyMidMMr5ThbmRznRvXoBDPWFkln1d5CX6FUSb9xoGcgZeCaaMWu_2tWHEWRPKBqg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhRTFJGUFAtWi1NMlo3&google_push=AZmPxg9nVLd0weAl_8a9EjRs-afZI3QjFp9D-lyMidMMr5ThbmRznRvXoBDPWFkln1d5CX6FUSb9xoGcgZeCaaMWu_2tWHEWRPKBqg

Request Chain 100

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP8YETmchYA2ScXyT1riOXM&google_cver=1&google_push=AZmPxg8luf6MMhTNPRowY74s2tVL-T6utAGB6hkSwaDlXeDSqn1CqRXE1MdgbJjpYqklBUVjevpwkhyW3dvA39ChfNExXNnCqXNj HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEP8YETmchYA2ScXyT1riOXM&google_push=AZmPxg8luf6MMhTNPRowY74s2tVL-T6utAGB6hkSwaDlXeDSqn1CqRXE1MdgbJjpYqklBUVjevpwkhyW3dvA39ChfNExXNnCqXNj&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP8YETmchYA2ScXyT1riOXM&google_hm=YzjaqQWr5WdMW5W40jHn8QAABL8AAAAB&google_nid=index&google_push=AZmPxg8luf6MMhTNPRowY74s2tVL-T6utAGB6hkSwaDlXeDSqn1CqRXE1MdgbJjpYqklBUVjevpwkhyW3dvA39ChfNExXNnCqXNj

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

113 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
timbu.com/ 462 KB
42 KB 168ms
85ms Document
text/html 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.14
Resource Hash: 2a7d8a65adc8a66d38235f3ab40b4ac6438e934b61f03f490cee2dfabd59d800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 02 Oct 2022 00:26:15 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.14
expires: -1
pragma: no-cache

GET
H2 200 simplePagination.min.css
cdnjs.cloudflare.com/ajax/libs/simplePagination.js/1.6/ 4 KB
1 KB 70ms
25ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/simplePagination.js/1.6/simplePagination.min.css

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c603149cfdeb843220948e9600062aa6293b9fcfeda3479d31bf33ef493d20fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 18895852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 610
last-modified: Mon, 04 May 2020 16:16:18 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd2-f44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3PPcN5nr8REcy9dL2xwrLNNfWDTEe5nqGwKZPgysyQ2XqDtI2rDV%2BwuXDkpCJQ60%2FsJojwHcHLhz3uuaiczx7YvYfPmO1JumN3dTXcJSfH7w4c%2FJcFsnIQ%2FkXMBYZEakHxUrxOQ6KkZLYj0lWnZo0Dk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e368dda9969-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H/1.1 200
OK typeaheadjs.css
timbu.com/css/ 3 KB
3 KB 42ms
27ms Stylesheet
text/css 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://timbu.com/css/typeaheadjs.css
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 04bc2044ccb37342bcf2f27c238b6a1d9eec8f72ec899881da69d9ac493b8c74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-ba6"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2982

GET
H2 200 bootstrap-datepicker.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.8.0/css/ 17 KB
2 KB 77ms
32ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.8.0/css/bootstrap-datepicker.css

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f70ed7b509ea443bd3866b101df2e65dd0db19ab18b128c5e85497ac387b17a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://timbu.com/
Origin: https://timbu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 182098
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1774
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-4326"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ch282ICSwo5aT4vW7aGhNVYf6%2FrxwPEcq25PEJdA5Y9CymQXhkJGSdDc1xot8Kgnv4aN4fI6mAntNAQIKuDUcJAy8uk1aJQDasas8R8an1jFsRJFz4NmWZTBQB3MBSVtiOoHaw3cJ3tlDq9915gkC4wj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e368ae75caa-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 78ms
31ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Overpass:wght@400;600;700;800&display=swap

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43f0d52a22b839237c356c70da9e9dc841f99528fa8e62d33909b2807cb2293c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 00:26:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Oct 2022 00:26:15 GMT

GET
H2 200 jquery.typeahead.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-typeahead/2.10.6/ 12 KB
3 KB 73ms
28ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-typeahead/2.10.6/jquery.typeahead.min.css

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

094d3fadbc55077122c5dddb6c8b89c4724b0e75eb8894bd730a7f05f720a4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 27492622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2866
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-2eca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gd1dRva0CX6mLLzi7abVb5CtjZhHVa4g4xf81aQEam4IMFZPFoTGSXP68%2FpWUSCMh2fIRxFWRdsRJP547JlGusRHgMKZ2r3RYUrEWGWIsLhwwSa%2BdZx%2BqySprpWasBvxeUefHK2swt9wv4pRUwY4VEcb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e368ddb9969-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H2 200 tether.min.css
cdnjs.cloudflare.com/ajax/libs/tether/1.4.7/css/ 237 B
420 B 72ms
28ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.7/css/tether.min.css

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1043431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86
last-modified: Mon, 04 May 2020 16:17:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffc-ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5forrAeVpWOgf8c4bvE2vpDKLqMvqyAJjZy7JTHBnOmpImQoNIEBsPDR0PvqYH8h%2F1dN1uhdnkP%2BlwSxTtSWoTWngaRkTmRWwK42sLQhj8BmE6cM9pf8mNll29HeXtE1euL4mr6NN8a1DbF3AzlB99i"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e368ddc9969-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H2 200 VueBootstrapTypeahead.css
cdnjs.cloudflare.com/ajax/libs/vue-bootstrap-typeahead/0.2.6/ 118 B
411 B 75ms
31ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vue-bootstrap-typeahead/0.2.6/VueBootstrapTypeahead.css

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9fa489ad869fe24b8e24cf6a1345c783a8c39dd6f7103bb239a02c2268d1adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 57173
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73
last-modified: Mon, 04 May 2020 16:17:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402a-76"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPPICLfYHcUZq5yI7COW3zooL1O4%2BusSzoUWTKqffg7ybRcOaU7tSBX%2B92AqS4wYm0RVY9EtXU0npxYrdhVG292npqXBdGmkUuJVcXfIv6EUvUegFD%2B1gXZrvhN1BV%2F4VThpIfh3RzLh03RczePx1eO1"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e368dde9969-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H2 200 swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/4.3.5/css/ 19 KB
3 KB 70ms
26ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.3.5/css/swiper.min.css

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6dc47605fad19a3bb633afb7b8ef54835ac59fc2f6b5b511f5a176393a5401c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 12872068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2585
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-4d3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6AAm3tFlFObwL8Ece3K75V5flm9m9p1CklJV8bSoug75t%2F6nx078%2Ft%2FGwsAyDuaCMBwkSTxPn19POWU%2FZcHvPuWJoVxZSiqcVfBtnGq7gaFcOd1yv5eLUak8CvbfjbyrGvivxLQGLbtq8W%2BBIZ3YFgy"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e368ddf9969-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H2 200 weather-icons.css
cdnjs.cloudflare.com/ajax/libs/weather-icons/2.0.9/css/ 30 KB
4 KB 73ms
29ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/weather-icons/2.0.9/css/weather-icons.css

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a488cfb2b2b08eae377b1394b9e7f66cfb68a8731a03945f73415c8cc620eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6833707
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2970
last-modified: Mon, 04 May 2020 16:17:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402f-7808"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBWYsyACmnSkXYAX%2BeIxVD3h6jfdaMFEKvqvoaaqH%2Fjy4PZGBbHWPXE3Akr1kbc118o0MwfYAkPRPfvX7NCWLgQKcNdkScnhm%2BGlf11gZGGFCoNw4FsOAeY%2FTtkNbyR1%2BQYA7d2c%2BZrA%2FeYTJsakHEFl"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e368de09969-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 85ms
28ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 723
age: 8702286
cdn-cachedat: 03/12/2022 14:32:07
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d59b1bc690982b057c0e17bb58696d82
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 75394e369bc9bb9e-FRA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK timbu.css
timbu.com/css/ 499 KB
499 KB 75ms
32ms Stylesheet
text/css 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://timbu.com/css/timbu.css?v=0.04
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 50b42e9efbddf88b9ad5a69b566bf84ad1719adc361d183c1384f0d75939bc7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-7ca34"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 510516

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 1 KB
719 B 73ms
30ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3398561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 394
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPmjTZhW5w%2F%2FwoVIQOJyGV6PRnkz7gcLb%2FyepvI3Bx5OK%2BxxVQ%2FfLpM92deoEBKrmu2FSA0x9IbL63FHLbDaTXxua%2Bh0nHL13n0KXnke6kYCC%2B1Nohq6un9VcpEB2tya0XEDWyGNo6lusZZx%2BNnbqFJ9"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e368de29969-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 2 KB
1000 B 70ms
27ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7520325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 657
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-956"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Faj9lIr9w4PhVk1%2FTbsKoVplUrVtn16wvaHuR0NwFYtbbXxKFekNE5qEzfy1QG50hrKkib5XU1frWwxhKvxwU2WZ9fvP%2F32uxPDhpVmv7vVIXxyOkRflQ2R1XL%2BJvzYNTy464hPDlr%2BixCmbtaYr%2BpcB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e368de19969-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 158ms
66ms Script
application/javascript 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-28315089-4

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd60c28d5c7d685a7af78826ac43d6d5ebcc4ab59c378fb3f8b4415b7c27ea84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42332
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Oct 2022 00:26:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 191ms
99ms Script
application/javascript 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-676565654

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96f0a36bd8a9fc3ad469a102adb521e5db0ba72ee99f521f9c17b490ea055df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46812
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Oct 2022 00:26:15 GMT

GET
H/1.1 200
OK timbu-logo.svg
timbu.com/img/destinations/ 14 KB
14 KB 52ms
48ms Image
image/svg+xml 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/destinations/timbu-logo.svg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9ac5cc55325568bf667ba7c12a60382d95f9945161acf48b7529aeb62588dc5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-3610"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13840

GET
H/1.1 200
OK loader.gif
timbu.com/img/accommodations/room/ 7 KB
7 KB 40ms
24ms Image
image/gif 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/accommodations/room/loader.gif
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6015fa442d24bb979ad1c848f285158dd80becc364356a3ee6ba583d80920b2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-1b1a"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6938

GET
H/1.1 200
OK default-fixed.svg
timbu.com/img/destinations/ 745 B
996 B 64ms
24ms Image
image/svg+xml 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/destinations/default-fixed.svg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6fd8c8daa85afb483ff60692cfb7f265d4b7dc661229e172e3f81a9cd6aeb97e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-2e9"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 745

GET
H/1.1 200
OK default.svg
timbu.com/img/destinations/ 744 B
995 B 71ms
22ms Image
image/svg+xml 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/destinations/default.svg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 84d4eda8e2ea06fb300f7f039c5652b39032174a126af1c96167799a0ab96449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-2e8"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 744

GET
H/1.1 200
OK Nigeria-1567616875.jpg
cms.timbu.com/images/ 14 KB
15 KB 241ms
107ms Image
image/jpeg 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.timbu.com/images/Nigeria-1567616875.jpg?w=300&h=160&c=1
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.13
Resource Hash: e540ca721d8e51783858df43b5d37848ca372afcc1c488b13cba69d8cc38a092

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 02 Oct 2022 00:26:15 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.13
Content-Type: image/jpeg
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Length: 14345
expires: -1

GET
H/1.1 200
OK South-Africa-1547678711.jpg
cms.timbu.com/images/ 22 KB
23 KB 233ms
123ms Image
image/jpeg 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.timbu.com/images/South-Africa-1547678711.jpg?w=300&h=160&c=1
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.13
Resource Hash: 3e9a37f634ce27926ef1f7f8853600bfd5d6739c2b45d0702d678240d164acc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 02 Oct 2022 00:26:15 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.13
Content-Type: image/jpeg
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Length: 22337
expires: -1

GET
H/1.1 200
OK Kenya-1547573793.jpg
cms.timbu.com/images/ 24 KB
25 KB 288ms
182ms Image
image/jpeg 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.timbu.com/images/Kenya-1547573793.jpg?w=300&h=160&c=1
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.13
Resource Hash: aeb123debafdc92d6bc3c668e2216c50f7eb113c153d7c359598043a66f583ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 02 Oct 2022 00:26:15 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.13
Content-Type: image/jpeg
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Length: 24762
expires: -1

GET
H/1.1 200
OK Ghana-1547567159.jpg
cms.timbu.com/images/ 16 KB
16 KB 219ms
122ms Image
image/jpeg 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.timbu.com/images/Ghana-1547567159.jpg?w=300&h=160&c=1
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.13
Resource Hash: 5bf07de2b32d4c6d25d3fe0bd6dd18d7a55e4b4bef80fa9630593938f500f167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 02 Oct 2022 00:26:15 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.13
Content-Type: image/jpeg
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Length: 15919
expires: -1

GET
H/1.1 200
OK Senegal-1547676459.jpg
cms.timbu.com/images/ 22 KB
23 KB 210ms
132ms Image
image/jpeg 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.timbu.com/images/Senegal-1547676459.jpg?w=300&h=160&c=1
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) / PHP/7.2.13
Resource Hash: aa4d92386bc2758fd5caa5efd663d2f71d996c644b0b9edd61ec43f62d41f772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
Date: Sun, 02 Oct 2022 00:26:15 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Powered-By: PHP/7.2.13
Content-Type: image/jpeg
Cache-Control: private, must-revalidate
Connection: keep-alive
Content-Length: 22409
expires: -1

GET
H/1.1 200
OK ajax-loader.gif
timbu.com/img/ 4 KB
4 KB 24ms
23ms Image
image/gif 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/ajax-loader.gif
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-1052"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4178

GET
H/1.1 200
OK rwanda-pic.jpg
timbu.com/img/accommodations/homepage/ 54 KB
54 KB 47ms
46ms Image
image/jpeg 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/accommodations/homepage/rwanda-pic.jpg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 79bfd15f31db5032fa02284eaabdc109d58d3f4a8845db8722222c950c0a0472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-d655"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54869

GET
H/1.1 200
OK kenya.jpg
timbu.com/img/accommodations/homepage/ 30 KB
31 KB 22ms
22ms Image
image/jpeg 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/accommodations/homepage/kenya.jpg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 29f673813577c788977309e1988d4f90a1d136fff0ffbb08b72955fe8bf50a99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-791c"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31004

GET
H/1.1 200
OK morrocco.jpg
timbu.com/img/accommodations/homepage/ 15 KB
15 KB 22ms
22ms Image
image/jpeg 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/accommodations/homepage/morrocco.jpg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0871f83241d6b3e6c542e4c440eae789fe95dc1b73a1e550503867935fc19c92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-3ab9"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15033

GET
H/1.1 200
OK uganda.jpg
timbu.com/img/accommodations/homepage/ 42 KB
42 KB 24ms
24ms Image
image/jpeg 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/accommodations/homepage/uganda.jpg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0299f0cfc11414ec898d2740ddfb3b93a586b0fdf199c157e73c419690a0dd2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-a6cf"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42703

GET
H/1.1 200
OK nigeria.jpeg
timbu.com/img/accommodations/homepage/ 40 KB
40 KB 23ms
22ms Image
image/jpeg 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/accommodations/homepage/nigeria.jpeg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 267c0c4357c1d2eb3f283d1a8d248eaaffd87dd4f1c271647b8c44a90d8d9dad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-9f03"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40707

GET
H/1.1 200
OK sa.jpg
timbu.com/img/accommodations/homepage/ 15 KB
15 KB 23ms
23ms Image
image/jpeg 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/accommodations/homepage/sa.jpg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0505e6aebf7a960ba425fdd27f77d315afbdb0283efcd6df6f3c9a73a674efa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-3ad1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15057

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
54 KB 154ms
68ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cb032e2706ccd0279eff0239726147f4d028486978c7abb04de9aed41e977a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54650
x-xss-protection: 0
server: cafe
etag: 16738467534955397898
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 00:26:15 GMT

GET
H/1.1 200
OK trip-details.jpg
timbu.com/img/accommodations/homepage/ 74 KB
74 KB 23ms
22ms Image
image/jpeg 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/accommodations/homepage/trip-details.jpg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cc6690cb785dd68708d00f050aa9b24a1e5b8e2ec10c37d41f56f80f98af1212

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-128f1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76017

GET
H/1.1 200
OK loading.gif
timbu.com/images/ 2 KB
3 KB 23ms
23ms Image
image/gif 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/images/loading.gif
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 278cfdb8dcac3aefcc16f2335b17397ecdf03f89a62633ff31e2c3201a658f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-91f"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2335

GET
H/1.1 200
OK timbu-logo.svg
timbu.com/img/ 12 KB
12 KB 23ms
23ms Image
image/svg+xml 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/timbu-logo.svg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4e903cfdc4413be2e24d0d71d2708ca8939cc6efb37b65cc2d40539c1be87a64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-2f81"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12161

GET
H/1.1 200
OK twitter.svg
timbu.com/img/ 1 KB
1 KB 22ms
22ms Image
image/svg+xml 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/twitter.svg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b241168edd08427d57fdb2a6e01643b191809b6bab135438136bb733957dfb7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-4cf"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1231

GET
H/1.1 200
OK facebook.svg
timbu.com/img/ 555 B
806 B 23ms
23ms Image
image/svg+xml 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/facebook.svg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 15f3cb7a303c63ec1f243008e623e8017aaee997b33a43eca1af8091b536e818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-22b"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 555

GET
H/1.1 200
OK instagram.svg
timbu.com/img/ 1 KB
1 KB 22ms
22ms Image
image/svg+xml 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/instagram.svg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6170e35ddb9e41fd5a7d2127fecfb9dc62f1a436b43dd85e950032d9728a4d87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-48f"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1167

GET
H2 200 flatpickr.js Show response
cdnjs.cloudflare.com/ajax/libs/flatpickr/4.6.3/ 116 KB
19 KB 30ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flatpickr/4.6.3/flatpickr.js

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deca1861889d6dbb2b9875d31a0c5e09d80c7e0b7a22a5a358f29fb8359dbaa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 234640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19271
last-modified: Mon, 04 May 2020 16:10:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5e-1ceab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2ogdBA8FAnvJWu55FmE3PSGRvS8Z%2BCgOwe%2BKHExreOFhQHRC8Fiy2nBXmexavIcp1G4gmrTWsSE%2BLaM2dp4gzVUsVY%2BNHD%2B%2BSaUpVQhAST8QGsx%2BEDOf9dHZmEInZWk3h%2Br3wnF3QKZC%2BsYB%2BkQm1zv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e36ce1a9969-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H/1.1 200
OK timbu.js Show response
timbu.com/js/ 320 KB
320 KB 44ms
44ms Script
application/javascript 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://timbu.com/js/timbu.js
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8fdcabd18d25d698978e246cd8d732b3e6b90a23cbf365f45d7e64eb38a03fe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-5001e"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 327710

GET
H/1.1 200
OK checkout.js Show response
timbu.com/js/ 317 KB
317 KB 24ms
24ms Script
application/javascript 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://timbu.com/js/checkout.js
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7c0311ae219f109d52ab744c35c1303edfcfaa7ef9678ab9fc02dc07e56cb315

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-4f30e"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 324366

GET
H2 404 client
smartlock.google.com/ 0
0 95ms
19ms Script
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://smartlock.google.com/client
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 typeahead.jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/corejs-typeahead/0.11.1/ 26 KB
8 KB 37ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/corejs-typeahead/0.11.1/typeahead.jquery.min.js

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d8df87a659a2476439948898ee0141d5ee9b7423e68995422267652cb317f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4519130
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7306
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-69be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rlbp3h%2FWmfWnlpqwimvywtAsLCRu%2B0H57Cf0HtBQOVWHP%2Bo3xVvdR1w%2BTpg1KW%2FpIKNNAV7CGr%2FqOkaGaE0LVN8jkYfJ0NU45CDBSeMFEFLaUMPN3QYIIHFNLLU7dknHjmuHweI2GDPy3laI%2FZMoXkxS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e374a606963-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H3 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 43 KB
10 KB 36ms
31ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1474557
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9564
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-ab69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCpYFHvr%2BFAbOE6X%2FacoHgVatUq%2BhWnEJrDn0s8HbzSwFeAd%2FVihaj6P%2BLW3J5TYTH3kjdDLgRUUliy%2BGTne1V0yEHivw6wVBumeMWYXnGAO%2F5SvFu0mrhNCLlP%2FdWvcsfk2dycEY9tuDdIykwpkeryd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e374a666963-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 110ms
23ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-3dee4"
vary: Accept-Encoding
x-hw: 1664670375.dop143.fr8.t,1664670375.cds280.fr8.hn,1664670375.cds151.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H3 200 swiper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.3.5/js/ 118 KB
27 KB 61ms
56ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.3.5/js/swiper.min.js

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84b8d2fe1999ee412b63c8a0fde3de58d3d4459d51c095bb7b7102af43a41478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5712610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27354
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-1d7a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGYKv9HsdlSnyXnu7KwACAmKT1kuqNhdbdfdNtnhX3wy8glQaiJTb6iVL7ZKvXeHpBxnCyGyK3OP3HoaBVArnIm%2FskRBdVGWM0j%2FIFQkydMwZ4kn4qTxpUa8dTNkf2sVaZe40lY%2F2lulr1YqzaI4y7vL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e374a676963-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H3 200 bloodhound.min.js Show response
cdnjs.cloudflare.com/ajax/libs/corejs-typeahead/1.2.1/ 13 KB
5 KB 83ms
78ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/corejs-typeahead/1.2.1/bloodhound.min.js

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58997250cc890e1593ba60bbfe8680b57151061d2b64673ba93f347a0c4969fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6322823
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4140
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-354c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPnYndHJcvY0HOu7HKDTgvjuhdC0YK7exJktduZL2kY6JM7dwuhd0TfzFhvpzB%2FlKTuyKMm679KGEXjfUVJpt3sU%2Fl8Ga%2Fgx7%2F54O%2FbyzDrLef3f7LNfjMKYxN0bFoJ4px6MqqxthtlQ8YcyS8miDajk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e374a686963-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H3 200 bootstrap-datepicker.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.8.0/js/ 56 KB
13 KB 51ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.8.0/js/bootstrap-datepicker.js

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9dc7ad43959c171654dd82308207f03b099ec0b557e121cb06d0d89ebb31a286

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://timbu.com/
Origin: https://timbu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2066435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12852
last-modified: Mon, 04 May 2020 16:06:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8e-e12f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cq9ZX6vx2ZAXt6w2s0o%2F1FzARWwjj97NRTDIe%2FaocX8Ocu936Kg2m2OQg1luizPZ7D3wYsUBn50fv%2BzDqHwz6JpeH6ObpOjjFbGQG8aurDtkor%2FfL6rhnNs9Da2OISW6vZRcRU%2FPPOmfwWNNHS6pNEF9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e375ccb910a-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
52 KB 140ms
75ms Script
application/javascript 2a00:1450:400d:80a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PZ8GB48

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05df2c5e8019d18035747e9348dff170d14ea74f4fd04e939a847b5a07112b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53413
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Oct 2022 00:26:15 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 66ms
22ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Oct 2022 00:26:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: yNrKirqdHIQsA8xDYXOHB1gAuwIPF5F52fyn3UvoR+SIqLK1xyYJnC27CRL2LTFT2qx9kdJ+EmjJ0XXFqKn+Iw==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK icons.svg
timbu.com/img/destinations/ 163 KB
164 KB 22ms
22ms Other
image/svg+xml 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://timbu.com/img/destinations/icons.svg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9732003f9d9e5017a350e0de19db9b89173ee5bad475ade2983795240264b569

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-28d04"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 167172

GET
H2 200 qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v12/ 38 KB
38 KB 123ms
34ms Font
font/woff2 2a00:1450:400d:807::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/overpass/v12/qFdH35WCmI96Ajtm81GlU9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Overpass:wght@400;600;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e505e654ef4708d9c3d0da4c03e57ae1df262e07377938d4f456a71918c8aa3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://timbu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 21:51:47 GMT
x-content-type-options: nosniff
age: 441268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38720
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 18:41:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 21:51:47 GMT

GET
H/1.1 200
OK icons.svg
timbu.com/img/ 205 KB
206 KB 22ms
22ms Other
image/svg+xml 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://timbu.com/img/icons.svg
Requested by: Host: timbu.com
URL: https://timbu.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cc8227b8e37570150e4cf62e32a45328c455e864bce89a24ce6b3ad1dde47fe0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-3354c"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 210252

GET
H/1.1 200
OK jumbotron3.jpg
timbu.com/img/accommodations/homepage/ 290 KB
290 KB 50ms
46ms Image
image/jpeg 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/accommodations/homepage/jumbotron3.jpg
Requested by: Host: timbu.com
URL: https://timbu.com/css/timbu.css?v=0.04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c54984c4e8de58f09f8a50e805557a50c5b8be0aced4f1336b097287eaf04862

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/css/timbu.css?v=0.04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-4889b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 297115

GET
H/1.1 200
OK jumbotron2.jpg
timbu.com/img/accommodations/homepage/ 164 KB
164 KB 24ms
24ms Image
image/jpeg 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/accommodations/homepage/jumbotron2.jpg
Requested by: Host: timbu.com
URL: https://timbu.com/css/timbu.css?v=0.04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cf6fd0a2cae385cd7e716e97eee265cc8b30454ecdd06445b09bbb69847090ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/css/timbu.css?v=0.04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-28f18"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 167704

GET
H3 200 ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 4 KB
4 KB 29ms
28ms Image
image/gif 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ajax-loader.gif

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1681396
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3208
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-1052"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NE%2B33Um4Fki%2FSTLlnaxUcl3eXqjR9mtHvrfNVaa6Z3QCqazYYoxv0laYn0otAOCQN3iGgRmIfycWbB0m%2BKkYF0aMjWYghtZiNENMA1vOIqGCNrxEX8TvZzkGOfYA20rTKbSl2fL0YqlmlLdB%2FJQqJ5y2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e389be16963-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H/1.1 200
OK circle-arrow-prev.svg
timbu.com/img/ 1 KB
1 KB 22ms
22ms Image
image/svg+xml 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/circle-arrow-prev.svg
Requested by: Host: timbu.com
URL: https://timbu.com/css/timbu.css?v=0.04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 64751e68787b4c7bb6ba9379219dd72fd139c1fafbd9d9c931b7ea0e5209fa7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/css/timbu.css?v=0.04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-465"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1125

GET
H/1.1 200
OK circle-arrow-next.svg
timbu.com/img/ 1 KB
1 KB 24ms
23ms Image
image/svg+xml 142.132.214.40
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timbu.com/img/circle-arrow-next.svg
Requested by: Host: timbu.com
URL: https://timbu.com/css/timbu.css?v=0.04
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.214.40 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.40.214.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ee1b49c599432b9470402126eb401338a6c67d4efb07cccfacfc82b63109e4c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/css/timbu.css?v=0.04
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 00:26:15 GMT
Last-Modified: Mon, 11 Apr 2022 10:49:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "625407bc-452"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1106

GET
H3 200 slick.woff
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/fonts/ 1 KB
2 KB 25ms
24ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/fonts/slick.woff

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f89651cc1b698bbc1e3227d085feec82dcabaaecb320930941499cc93c119c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css
Origin: https://timbu.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3383852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1285
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-564"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpYx4gUnO5RECXOJp%2FRI7R6pmvtbC5VMj4cxcJf2TxtiQ%2BJktlWCvAObR0mKrFLQWPd0DFaeKFM4xv69cMJAlVKY5S8tkZSH3sVga2S5M1lilUPJ0LAbPNG4QDDNSw9Wxcc2H%2B4hpIY3A6vDU8jSOGFd"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75394e38ae0a910a-FRA
expires: Fri, 22 Sep 2023 00:26:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 85ms
27ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-28315089-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 01 Oct 2022 23:15:57 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 4218
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Sun, 02 Oct 2022 01:15:57 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 206ms
65ms Script
text/javascript 142.251.39.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-676565654

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s39-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 00:26:15 GMT

GET
H3 200 2726479900912411 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 85ms
63ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2726479900912411?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d52993758d5d8cbe1a671459812b14fb88d3b3f334b7486555126aaed947a8cb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 02 Oct 2022 00:26:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: FSfvKhe9zLB6+sUee3nI0fqjye6RGmP6Q8Hycy7JW1CzF5vjVVJQv9NvGYVe3iPnSmfwW4y1zStHkOb0Djo0fA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/ 349 KB
114 KB 144ms
79ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4930277158492412&plah=timbu.com&bust=31070010

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3512bd8e8112460a1b9b0b7460bf3fe1e4db7fb0499d6cc6242835187afdd33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117163
x-xss-protection: 0
server: cafe
etag: 5604109664140491137
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 00:26:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame DE97 10 KB
5 KB 130ms
31ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 22:20:34 GMT
etag: 9671129459699598864
expires: Sat, 15 Oct 2022 22:20:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 72ms
31ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=462579425&t=pageview&_s=1&dl=https%3A%2F%2Ftimbu.com%2F&ul=en-us&de=UTF-8&dt=Timbu.com%20-%20Adventures%2C%20Experiences%20and%20Hotels%20in%20Africa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2000106934&gjid=73578962&cid=1421251649.1664670376&tid=UA-28315089-4&_gid=1061316284.1664670376&_r=1&gtm=2ou9s0&z=1487465969

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://timbu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 00:26:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://timbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 45ms
31ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=462579425&t=pageview&_s=1&dl=https%3A%2F%2Ftimbu.com%2F&ul=en-us&de=UTF-8&dt=Timbu.com%20-%20Adventures%2C%20Experiences%20and%20Hotels%20in%20Africa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=2016364948&gjid=1704502558&cid=1421251649.1664670376&tid=UA-28315089-4&_gid=1061316284.1664670376&_r=1&gtm=2wg9s0PZ8GB48&z=940427619

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://timbu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 00:26:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://timbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 99ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad3e96cb4461ada912c601d7163ea04a2ce8b5021c82d77a1eb1c8c13f81c29d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 02 Oct 2022 00:26:16 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 24ms
18ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=462579425&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftimbu.com%2F&ul=en-us&de=UTF-8&dt=Timbu.com%20-%20Adventures%2C%20Experiences%20and%20Hotels%20in%20Africa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=596&el=10%25&_u=aEDAAUABAAAAAC~&jid=&gjid=&cid=1421251649.1664670376&tid=UA-28315089-4&_gid=1061316284.1664670376&gtm=2wg9s0PZ8GB48&z=1473316690

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 21:58:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8879
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/676565654/ 2 KB
1 KB 94ms
63ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/676565654/?random=1664670376046&cv=9&fst=1664670376046&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftimbu.com%2F&tiba=Timbu.com%20-%20Adventures%2C%20Experiences%20and%20Hotels%20in%20Africa&auid=2036707527.1664670376&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5600bae5cb4af9270ac7454d0fe171b67ec3fc41f7d1909e64529b062fdd3103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 00:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 75ms
21ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2726479900912411&ev=PageView&dl=https%3A%2F%2Ftimbu.com%2F&rl=&if=false&ts=1664670376083&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664670376082.2066931016&it=1664670375936&coo=false&rqm=GET

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 02 Oct 2022 00:26:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
434 B 103ms
26ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-28315089-4&cid=1421251649.1664670376&jid=2000106934&gjid=73578962&_gid=1061316284.1664670376&_u=YEBAAUAAAAAAAC~&z=425349332

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://timbu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Oct 2022 00:26:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://timbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 101ms
27ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-28315089-4&cid=1421251649.1664670376&jid=2016364948&gjid=1704502558&_gid=1061316284.1664670376&_u=aEDAAUABAAAAAC~&z=422697765

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://timbu.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Oct 2022 00:26:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://timbu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/a336babc/www-widgetapi.vflset/ 156 KB
51 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a336babc/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03bdda2b417d8cff1b2c8293c02685fd1670ca563e5514d74bffc8cd5a108e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52493
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 00:20:07 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 02 Oct 2023 00:15:18 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/676565654/ 42 B
548 B 144ms
56ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/676565654/?random=1664670376046&cv=9&fst=1664668800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftimbu.com%2F&tiba=Timbu.com%20-%20Adventures%2C%20Experiences%20and%20Hotels%20in%20Africa&async=1&fmt=3&is_vtc=1&random=4237078194&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 00:26:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/676565654/ 42 B
548 B 162ms
60ms Image
image/gif 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/676565654/?random=1664670376046&cv=9&fst=1664668800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9s0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftimbu.com%2F&tiba=Timbu.com%20-%20Adventures%2C%20Experiences%20and%20Hotels%20in%20Africa&async=1&fmt=3&is_vtc=1&random=4237078194&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 00:26:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
362 B 55ms
54ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=timbu.com&callback=_gfp_s_&client=ca-pub-4930277158492412

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4930277158492412&plah=timbu.com&bust=31070010

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c067f9e9825850635694d07cbc1f0e452f3372943457b831b0aa6a3f9b2fce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 76ms
29ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=timbu.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 80ms
30ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=timbu.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5531 101 KB
34 KB 703ms
638ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4930277158492412&output=html&h=280&slotname=7592719917&adk=440918045&adf=2160307466&pi=t.ma~as.7592719917&w=1200&fwrn=4&fwrnh=100&lmt=1664670376&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftimbu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664670375960&bpp=6&bdt=563&idt=227&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=3150614529060&frm=20&pv=2&ga_vid=1421251649.1664670376&ga_sid=1664670376&ga_hid=462579425&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069962%2C42531705%2C31070010%2C44770880&oid=2&pvsid=2751025819625342&tmod=1909148396&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=YpSNWIbV5T&p=https%3A//timbu.com&dtd=265

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

186840036b682d04bdf69c8d1cdb2b5495e2e72f004f988506b74a2d95472981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34509
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 00:26:16 GMT
expires: Sun, 02 Oct 2022 00:26:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 64ms
64ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftimbu.com%2F&tn=NAV&cls=navFixed&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 00:26:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 82C2 0
20 B 103ms
55ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4930277158492412&output=html&adk=1812271804&adf=3025194257&lmt=1664670376&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftimbu.com%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664670375981&bpp=2&bdt=584&idt=254&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=3150614529060&frm=20&pv=1&ga_vid=1421251649.1664670376&ga_sid=1664670376&ga_hid=462579425&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069962%2C42531705%2C31070010%2C44770880&oid=2&pvsid=2751025819625342&tmod=1909148396&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=263

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 00:26:16 GMT
expires: Sun, 02 Oct 2022 00:26:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 5742 0
17 B 44ms
19ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://timbu.com
Referer: https://timbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://timbu.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 00:26:16 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 13354645212532366300
tpc.googlesyndication.com/simgad/ Frame 5531 85 KB
85 KB 161ms
70ms Image
image/png 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13354645212532366300?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnn2O5VNvbHtwp-XfxopYf7nr5BWA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4930277158492412&output=html&h=280&slotname=7592719917&adk=440918045&adf=2160307466&pi=t.ma~as.7592719917&w=1200&fwrn=4&fwrnh=100&lmt=1664670376&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftimbu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664670375960&bpp=6&bdt=563&idt=227&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=3150614529060&frm=20&pv=2&ga_vid=1421251649.1664670376&ga_sid=1664670376&ga_hid=462579425&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069962%2C42531705%2C31070010%2C44770880&oid=2&pvsid=2751025819625342&tmod=1909148396&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=YpSNWIbV5T&p=https%3A//timbu.com&dtd=265

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

524482af858612621672aaea4a5be40561fb49011f76b5ca5e9b32205d6bf879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 08:26:33 GMT
x-content-type-options: nosniff
age: 575984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87145
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 14:52:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 25 Sep 2023 08:26:33 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 5531 23 KB
10 KB 126ms
35ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 23:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9561
x-xss-protection: 0
server: cafe
etag: 483224313611802536
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Oct 2022 23:52:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 5531 3 KB
1 KB 129ms
42ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 23:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1891
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Oct 2022 23:54:46 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5531 0
0 81ms
81ms Fetch
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBuXuqNo4Y-rBE8bNgAff4oaYD8bioJlsm8OD6rIQ2tkeEAEghMmUA2CVgoCAwAegAZyv-6gCyAECqAMByAPJBKoE3QFP0GuLR1_SrOT_bIF_3Y1-5rorp9CIktgsrvNkOXlQW5U4CHxB6A3Xqpa9f_qg4hOsar2TWbqfwp7x5W-fsf3LFa7RhdbUPTCLlGLHf88HTisoajfV20O-zczLjRmzn5YUhDRJ5BldoHhq7jWUwpUl4IUbQ2OfhERhfCWDCE5TWqjDiCpT5CG-na0yYTz0KeIBZ9JoBOy7-buLW81GfQ05bPwaEN3j7NAtocTZWm6z0EzYzedURVhTfyegPWbcmCcbHODvEY-l0GNAv3eh0t_wcVEPAsdo4DvJQ5dyI8AEgYWI05kEkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQzOEQ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNDkzMDI3NzE1ODQ5MjQxMhgA&sigh=hHuHgGM_J8g&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4930277158492412&output=html&h=280&slotname=7592719917&adk=440918045&adf=2160307466&pi=t.ma~as.7592719917&w=1200&fwrn=4&fwrnh=100&lmt=1664670376&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftimbu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664670375960&bpp=6&bdt=563&idt=227&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=3150614529060&frm=20&pv=2&ga_vid=1421251649.1664670376&ga_sid=1664670376&ga_hid=462579425&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069962%2C42531705%2C31070010%2C44770880&oid=2&pvsid=2751025819625342&tmod=1909148396&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=YpSNWIbV5T&p=https%3A//timbu.com&dtd=265
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 02 Oct 2022 00:26:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 5531 67 B
195 B 122ms
43ms Image
image/png 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 22:59:53 GMT
x-content-type-options: nosniff
server: cafe
age: 5184
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sun, 02 Oct 2022 22:59:53 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 5531 17 KB
7 KB 116ms
38ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 22:55:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Oct 2022 22:55:01 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5531 0
0 129ms
56ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWXRhM9ViGZv9XJh5BmQWqTL-gtuuqXI9yI4jyywalKL3nPF5hJh8zvss8FXyC4uR3wjOuo3PBJzofLofi9oX0tbEhjw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4930277158492412&output=html&h=280&slotname=7592719917&adk=440918045&adf=2160307466&pi=t.ma~as.7592719917&w=1200&fwrn=4&fwrnh=100&lmt=1664670376&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftimbu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664670375960&bpp=6&bdt=563&idt=227&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=3150614529060&frm=20&pv=2&ga_vid=1421251649.1664670376&ga_sid=1664670376&ga_hid=462579425&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069962%2C42531705%2C31070010%2C44770880&oid=2&pvsid=2751025819625342&tmod=1909148396&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=YpSNWIbV5T&p=https%3A//timbu.com&dtd=265
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5531 140 KB
44 KB 88ms
28ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 00:26:17 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 5531 32 KB
13 KB 122ms
44ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7871ac93634e56ecbe32dfd0cbd031981277a78b462596fed71c4ebe22c39b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 15:21:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32716
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13616
x-xss-protection: 0
server: cafe
etag: 250533641764032188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Oct 2022 15:21:01 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=462579425&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftimbu.com%2F&ul=en-us&de=UTF-8&dt=Timbu.com%20-%20Adventures%2C%20Experiences%20and%20Hotels%20in%20Africa&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=599&el=10%25&_u=aEDAAUABAAAAAC~&jid=&gjid=&cid=1421251649.1664670376&tid=UA-28315089-4&_gid=1061316284.1664670376&gtm=2wg9s0PZ8GB48&z=1605887448

Requested by

Host: timbu.com
URL: https://timbu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 21:58:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 8880
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CFCE 143 B
163 B 38ms
36ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4930277158492412&output=html&h=280&slotname=7592719917&adk=440918045&adf=2160307466&pi=t.ma~as.7592719917&w=1200&fwrn=4&fwrnh=100&lmt=1664670376&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftimbu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664670375960&bpp=6&bdt=563&idt=227&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=3150614529060&frm=20&pv=2&ga_vid=1421251649.1664670376&ga_sid=1664670376&ga_hid=462579425&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069962%2C42531705%2C31070010%2C44770880&oid=2&pvsid=2751025819625342&tmod=1909148396&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=YpSNWIbV5T&p=https%3A//timbu.com&dtd=265
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2957
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 01 Oct 2022 23:37:00 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FE0C 1 KB
749 B 37ms
34ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 60945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 07:30:32 GMT
etag: 48472445140208031
expires: Sun, 02 Oct 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5531 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14d13902c6f03d29e002cfc9fdf4d986c99c1ec571d59ef033643a216628f3df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame FE0C 35 B
463 B 128ms
21ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENE84SW7VX5M_W65aEvpy9M&google_cver=1&google_push=AZmPxg9JtCZlt-2Y9l6N7WPYzi9X-ILY2E3N0hIAavfMf07iso8gPnYr2ah3cCCuaDhq_KoqLb2PU_TyvZ1CrBTfbt6L6vWBcWVxhQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 00:26:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE0C
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEJqlrMEhSvyY1AkJih889NY&google_cver=1&google_push=AZmPxg92zkW20_ff_zuPtO6AtCZanESprnG0bT0AmTW_IOd5dUqFsxr_BDb_3M6aEQIAjXeH2d25FbWNTv73T7aZgG16ANRQFOEFSA
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg92zkW20_ff_zuPtO6AtCZanESprnG0bT0AmTW_IOd5dUqFsxr_BDb_3M6aEQIAjXeH2d25FbWNTv73T7aZgG16ANRQFOEFSA&google_hm=Q0FFU0VKcWxyTUVoU3Z...

170 B
188 B

84ms
36ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg92zkW20_ff_zuPtO6AtCZanESprnG0bT0AmTW_IOd5dUqFsxr_BDb_3M6aEQIAjXeH2d25FbWNTv73T7aZgG16ANRQFOEFSA&google_hm=Q0FFU0VKcWxyTUVoU3Z5WTFBa0ppaDg4OU5Z

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 00:26:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 00:26:17 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg92zkW20_ff_zuPtO6AtCZanESprnG0bT0AmTW_IOd5dUqFsxr_BDb_3M6aEQIAjXeH2d25FbWNTv73T7aZgG16ANRQFOEFSA&google_hm=Q0FFU0VKcWxyTUVoU3Z5WTFBa0ppaDg4OU5Z
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame FE0C 43 B
351 B 117ms
30ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEDTEgzfAIps_1H1m90OoW6c&google_cver=1&google_push=AZmPxg8L4NSzSsF1xA5AxWIGBpIZjSlsZ_LQgHHk3zzDYJpqszTeGATMZYtoCAEzCiX588ISaIuavqV1FnYE9tNbSKQjuW2lfYOLKQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4930277158492412&output=html&h=280&slotname=7592719917&adk=440918045&adf=2160307466&pi=t.ma~as.7592719917&w=1200&fwrn=4&fwrnh=100&lmt=1664670376&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftimbu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664670375960&bpp=6&bdt=563&idt=227&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=3150614529060&frm=20&pv=2&ga_vid=1421251649.1664670376&ga_sid=1664670376&ga_hid=462579425&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069962%2C42531705%2C31070010%2C44770880&oid=2&pvsid=2751025819625342&tmod=1909148396&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=YpSNWIbV5T&p=https%3A//timbu.com&dtd=265
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 00:26:17 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: oirt3ulv1sqgq1hntmci6pvk19buuiv6

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame FE0C 0
166 B 139ms
25ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOGrQyxbdw51Oyhvl92MTyY&google_cver=1&google_push=AZmPxg9tgY716RJKZQRwwtC-TaqprPNl5Sj4t3g4hpA7FSWrv9-DaHZYC0tJg-9WdEgSHBDv7BrT1w06x1GFK_wX0mBHP3e5INnThw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4930277158492412&output=html&h=280&slotname=7592719917&adk=440918045&adf=2160307466&pi=t.ma~as.7592719917&w=1200&fwrn=4&fwrnh=100&lmt=1664670376&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Ftimbu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664670375960&bpp=6&bdt=563&idt=227&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=3150614529060&frm=20&pv=2&ga_vid=1421251649.1664670376&ga_sid=1664670376&ga_hid=462579425&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069962%2C42531705%2C31070010%2C44770880&oid=2&pvsid=2751025819625342&tmod=1909148396&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=YpSNWIbV5T&p=https%3A//timbu.com&dtd=265
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sun, 02 Oct 2022 00:26:16 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE0C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMp7U9Ce5xckJe-FTp4HS6o&google_cver=1&google_push=AZmPxg9nVLd0weAl_8a9EjRs-afZI3QjFp9D-lyMidMMr5ThbmRznRvXoBDPWFkln1d5CX6FUSb...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhRTFJGUFAtWi1NMlo3&google_push=AZmPxg9nVLd0weAl_8a9EjRs-afZI3QjFp9D-lyMidMMr5ThbmRznRvXoBDPWFkln1d5CX6FUSb9xoGcgZeCaaMWu_2tWHEWRPKBqg

170 B
188 B

87ms
37ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhRTFJGUFAtWi1NMlo3&google_push=AZmPxg9nVLd0weAl_8a9EjRs-afZI3QjFp9D-lyMidMMr5ThbmRznRvXoBDPWFkln1d5CX6FUSb9xoGcgZeCaaMWu_2tWHEWRPKBqg

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 00:26:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhRTFJGUFAtWi1NMlo3&google_push=AZmPxg9nVLd0weAl_8a9EjRs-afZI3QjFp9D-lyMidMMr5ThbmRznRvXoBDPWFkln1d5CX6FUSb9xoGcgZeCaaMWu_2tWHEWRPKBqg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FE0C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP8YETmchYA2ScXyT1riOXM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEP8YETmchYA2ScXyT1riOXM&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP8YETmchYA2ScXyT1riOXM&google_hm=YzjaqQWr5WdMW5W40jHn8QAABL8AAAAB&google_nid=index&google_push=AZmPxg8luf6MMhTNPRowY74s2tVL-T6utAGB6...

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP8YETmchYA2ScXyT1riOXM&google_hm=YzjaqQWr5WdMW5W40jHn8QAABL8AAAAB&google_nid=index&google_push=AZmPxg8luf6MMhTNPRowY74s2tVL-T6utAGB6hkSwaDlXeDSqn1CqRXE1MdgbJjpYqklBUVjevpwkhyW3dvA39ChfNExXNnCqXNj

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 00:26:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 02 Oct 2022 00:26:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k96j0QeBs%2Bsc8fWwbS38n%2F7G0KxSIODgQRkqHxS9bFxUeabWpZ%2FP7RgyDCGjgGzMTOUBkh6f2%2B1rkyxMGqDQM6MqFy9o2QgF2Wxfcb9J71S7f3ciZ%2Bnphjg0CnxxUzPU9H3cQMjxIb4%2FHg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP8YETmchYA2ScXyT1riOXM&google_hm=YzjaqQWr5WdMW5W40jHn8QAABL8AAAAB&google_nid=index&google_push=AZmPxg8luf6MMhTNPRowY74s2tVL-T6utAGB6hkSwaDlXeDSqn1CqRXE1MdgbJjpYqklBUVjevpwkhyW3dvA39ChfNExXNnCqXNj
cache-control: no-cache
cf-ray: 75394e437c9e9a3b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame FE0C 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FE0C 0
232 B 109ms
37ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMv6glxgRf_RnE8mkw1ESVTPUFKlpUVLCHM-pkjx2UDdpKBWhfdyDzJFL-qMphfreHVErxOA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 165ms
68ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c0a67a5ce657400132853469ac17043edb25daea619db4476815a3aa913bfde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11122
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CFCE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

59ms
58ms

Document
text/html

2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 00:26:17 GMT
expires: Sun, 02 Oct 2022 00:26:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 00:26:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 67E5 36 KB
16 KB 38ms
37ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 19:20:51 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 238ms
105ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 00:26:17 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 459F 13 KB
5 KB 34ms
33ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://timbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 210851
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 13:52:06 GMT
expires: Fri, 29 Sep 2023 13:52:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 509D 783 B
536 B 58ms
58ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

963c93c4a0111b0191639ad347970973efe3aa2aeee053da8b5f8e61d5254f98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OnwRMQEz7gj8qfYE5NAISg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://timbu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-OnwRMQEz7gj8qfYE5NAISg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 00:26:17 GMT
expires: Sun, 02 Oct 2022 00:26:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 459F 36 KB
16 KB 33ms
32ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FfRQa39nZAvr1dE-0tAG9JrhPraJGrBbwHLzQGJT38Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:20:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 277526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16034
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 19:20:51 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 509D 0
0 64ms
64ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=2751025819625342&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 459F 0
10 B 33ms
33ms Image
text/plain 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?H9DMKQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 00:26:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
67ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=2751025819625342&bg=!6-il6KzNAAYQgTJdMIE7ACkAdvg8Wi1YQPoPe2cNJQy-Jq70TAYLCoY1inK7e83kQeUDCHYfRH7J5wIAAACNUgAAAAJoAQeZApfIOuiBpzKdNlXpXrYEJiwxOojYJWZo8EmpFLUGkSIxYJ05vqvOm6Iv3IjyPx3uBkSeiWEwnEjYegddE1QwkRJV1FXzMsuweD8XJuqVQmzZtfwwXWwGDUC_f_lPEV6mDtFARVrceeDFw1m26LQKkAJhBV-1eBCtLcIyXrfgJWl-ihKvooz2HPhy5kXxeOsFeLLUc60l6mbMI2GfKdnJiTtUQgI5NDljc5qTjRjY5YB3DZxXmDJOtXyz6eg_BX6DhCmLVzh-Wny1zg4HOdyk6nHQGUV-RbLasYgpeV-E-QqBsCJ2jWPfSPMetKhTDRwTuz4kUoIEMDqwKQorRfSrRVUHqIks3656q0sg_KjPC3K757aUuXM6HdACE9-BxeSzv657StBtEN_dTWlrDj9SKbZk0AS0SRg2CohROILdh-Vdamc-4M-0lzRVfwiT4zXUqtdR60M6tfjmQWhCidex4nvUFvJzofiA36wglhvTF3fHo5fgYo-4ZUQEg9q17GQ_TMvPc_TZ9D1-fYImmmD-1kzdHXZBSFqpt0Cz4Rwk5TVf8S6St1d2DDtXzypYS4BDVyNcZeg0ANPGvRrqUIwMpj8nXOy5IgUkpko-YqfCseaW0wMlEKT6FrVPjNi8eVpuV6ZWZ3OoRSfG6j4X-kdOQLZWRM31TdxOgNedNxalST_ZPDQPW49t4euUH7m10rS-5NQpb_C6paT1MSa4PsiaVDrEIqYthkhUaaoALkrzipJGWt-UuzaYv0EQiVH0pCrfcQbuApUEWK2FClzcW7G5WlYHZa0ho0vDv5rQoyrJcRkSoiUrW1S2dHpOEkMxvsmbWQiTa-HkMf8Eyo-xReOHRvsAji10meeNa-6ekXxTrRkaFPx8-yDkEQE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://timbu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHivW24PioLqK4ym5JjGlZ0&google_cver=1&google_push=AZmPxg8oa6iNjwDtaWmyAnP40Kc7FtpM8QvY4D_jfzp7-7TBimle4QcimZDD7R6mx8F37DvtQF1K4LoR9rD6fxi5k7iiHyVp4cd7Yw

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
timbu.com/	1970-01-20 06:24:37	Name: XSRF-TOKEN Value: eyJpdiI6IlREaHNkcjU0M216bkJ6SjIwbnQ2RlE9PSIsInZhbHVlIjoiSlwvQ2x6TkFYbTJLNGFyblwvdUFydlNHblwvMDZYZ0VPRjJLenlWVXJiWWhKdFBWNTVreUpCdk00TTU2ZG5jbzdTbSIsIm1hYyI6ImNlMTY2NWIzMDI4YmQ5YTk5MzRjNWEwOGM4MTM0MWI2MmE0YTQwNmYzYzIxOWI3OTA4Y2MyZDA2MTExNGU5YTcifQ%3D%3D
timbu.com/	1970-01-20 06:24:37	Name: timbu_session Value: eyJpdiI6IkpXbGtHcXRibFp4MWxjWnJqc3JWaVE9PSIsInZhbHVlIjoiRzhCVjRxTENqTnAwYUJZSmFadG9lckF5OWp4QmJFTm5VKzJFOXVKXC9aXC9XSTQ3TnVoTVwvendYQ2V1RW1QR3hiNyIsIm1hYyI6ImEwNjg3YzAxOTEyZDVmYmJlMGQ5YWY3ZjZjYjc1ODZkNWI4MDgxNzMwNjQ2NWZiM2MyNGY3NzQyNjA1ZTRlYzIifQ%3D%3D
.timbu.com/	1970-01-20 08:34:06	Name: _gcl_au Value: 1.1.2036707527.1664670376
cms.timbu.com/	1970-01-20 06:24:37	Name: XSRF-TOKEN Value: eyJpdiI6Ink5aGU0UkhyektVMDdnZWw0R3F5R1E9PSIsInZhbHVlIjoiMGsxQnlEeUg3ZkhIbm1ZdU44KytVTEFWanljMGxGMmhiR1VlOVwvS01kOURocjdRXC8rNGRJaUhpU0xaRUFhUDRcLyIsIm1hYyI6IjMzMzg5ZTUzOWYwYzA2ZjdlMDA0N2E4YWU2MWMyNzg0NmNhNjU4NjRlM2VkM2U5NGFhMDA1MjhmMWViODI5NjEifQ%3D%3D
cms.timbu.com/	1970-01-20 06:24:37	Name: hng_content_session Value: eyJpdiI6IjRZQ3RYYnRGNzhjNlM1cHA5eDc4ZGc9PSIsInZhbHVlIjoiZ21IeU9TbzdHTyt1SUI0VFRVdVhqWVhNdmhKZktuRUh6UXhad0VveEdLSVBrR0tcL0ZhZ0pzU3N5RWpVS25GVUYiLCJtYWMiOiJkOGMzYTM1MTY2ODRlZDJmNWM3Mzc3MzExNDA3NWQzYjIwZjg3Y2YyMWY1MjczOTM5M2QzM2YzNmU2YTk0YTQwIn0%3D
.timbu.com/	1970-01-20 16:00:30	Name: _ga Value: GA1.2.1421251649.1664670376
.timbu.com/	1970-01-20 06:25:56	Name: _gid Value: GA1.2.1061316284.1664670376
.timbu.com/	1970-01-20 06:24:30	Name: _gat_gtag_UA_28315089_4 Value: 1
.timbu.com/	1970-01-20 06:24:30	Name: _gat_UA-28315089-4 Value: 1
.timbu.com/	1970-01-20 08:34:06	Name: _fbp Value: fb.1.1664670376082.2066931016
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ljGCfOerCJM
.youtube.com/	1970-01-20 10:43:42	Name: VISITOR_INFO1_LIVE Value: at5DuKFqsQU
.timbu.com/	1970-01-20 15:46:06	Name: __gads Value: ID=783608267db3ac86-2234e0e738ce0058:T=1664670376:RT=1664670376:S=ALNI_MY6mteLkvsp3VEjkHAjV9TRdwNF9w
.doubleclick.net/	1970-01-20 15:46:06	Name: IDE Value: AHWqTUmrqy7fpu-ZF5aWJw54KVO5qP9bJXVb6tzMIMGF34LQoYMsCJme2Tgu3KjCIOE
.casalemedia.com/	1970-01-20 15:10:06	Name: CMID Value: YzjaqQWr5WdMW5W40jHn8QAA
.casalemedia.com/	1970-01-20 08:34:06	Name: CMPS Value: 1215
.casalemedia.com/	1970-01-20 08:34:06	Name: CMPRO Value: 1215
.quantserve.com/	1970-01-20 08:34:06	Name: d Value: ECEBCQGeJ4EA
.quantserve.com/	1970-01-20 15:54:44	Name: mc Value: 6338daa9-4b864-3af31-2feec
.agkn.com/	1970-01-20 15:10:06	Name: ab Value: 0001%3Awrhmv6Jwb7FqhNFgYDGdB72lbsCou36u
.agkn.com/	1970-01-20 15:10:06	Name: u Value: C\|0CEAqy5cpKsuXKQAAAAAAAQ13AQCAAQpAAAAAAA
.doubleclick.net/	1970-01-20 06:24:33	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 08:34:06	Name: CMTS Value: 1182

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://smartlock.google.com/client Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEHivW24PioLqK4ym5JjGlZ0&google_cver=1&google_push=AZmPxg8oa6iNjwDtaWmyAnP40Kc7FtpM8QvY4D_jfzp7-7TBimle4QcimZDD7R6mx8F37DvtQF1K4LoR9rD6fxi5k7iiHyVp4cd7Yw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
cms.timbu.com
code.jquery.com
connect.facebook.net
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
smartlock.google.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
timbu.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
googlecm.hit.gemius.pl
104.18.18.126
142.132.214.40
142.250.186.162
142.251.39.66
198.47.127.19
2001:4de0:ac18::1:a:1a
2606:4700::6811:180e
2606:4700::6812:bcf
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:802::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:400c:c07::9a
2a00:1450:400d:805::2003
2a00:1450:400d:806::2001
2a00:1450:400d:806::2002
2a00:1450:400d:807::2003
2a00:1450:400d:807::2004
2a00:1450:400d:80a::2008
2a00:1450:400d:80e::2002
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.123.239.111
35.186.253.211
69.173.144.138
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
0299f0cfc11414ec898d2740ddfb3b93a586b0fdf199c157e73c419690a0dd2d
03bdda2b417d8cff1b2c8293c02685fd1670ca563e5514d74bffc8cd5a108e04
04bc2044ccb37342bcf2f27c238b6a1d9eec8f72ec899881da69d9ac493b8c74
0505e6aebf7a960ba425fdd27f77d315afbdb0283efcd6df6f3c9a73a674efa4
05df2c5e8019d18035747e9348dff170d14ea74f4fd04e939a847b5a07112b92
0871f83241d6b3e6c542e4c440eae789fe95dc1b73a1e550503867935fc19c92
094d3fadbc55077122c5dddb6c8b89c4724b0e75eb8894bd730a7f05f720a4bc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14d13902c6f03d29e002cfc9fdf4d986c99c1ec571d59ef033643a216628f3df
15f3cb7a303c63ec1f243008e623e8017aaee997b33a43eca1af8091b536e818
15f4506b7f67640bebd5d13ed2d006f49ae13eb6891ab05bc072f3406253dfc4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186840036b682d04bdf69c8d1cdb2b5495e2e72f004f988506b74a2d95472981
1c067f9e9825850635694d07cbc1f0e452f3372943457b831b0aa6a3f9b2fce7
267c0c4357c1d2eb3f283d1a8d248eaaffd87dd4f1c271647b8c44a90d8d9dad
278cfdb8dcac3aefcc16f2335b17397ecdf03f89a62633ff31e2c3201a658f28
29f673813577c788977309e1988d4f90a1d136fff0ffbb08b72955fe8bf50a99
2a7d8a65adc8a66d38235f3ab40b4ac6438e934b61f03f490cee2dfabd59d800
3512bd8e8112460a1b9b0b7460bf3fe1e4db7fb0499d6cc6242835187afdd33f
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
3e9a37f634ce27926ef1f7f8853600bfd5d6739c2b45d0702d678240d164acc9
43f0d52a22b839237c356c70da9e9dc841f99528fa8e62d33909b2807cb2293c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e903cfdc4413be2e24d0d71d2708ca8939cc6efb37b65cc2d40539c1be87a64
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
50b42e9efbddf88b9ad5a69b566bf84ad1719adc361d183c1384f0d75939bc7d
50d8df87a659a2476439948898ee0141d5ee9b7423e68995422267652cb317f2
524482af858612621672aaea4a5be40561fb49011f76b5ca5e9b32205d6bf879
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5600bae5cb4af9270ac7454d0fe171b67ec3fc41f7d1909e64529b062fdd3103
58997250cc890e1593ba60bbfe8680b57151061d2b64673ba93f347a0c4969fc
5bf07de2b32d4c6d25d3fe0bd6dd18d7a55e4b4bef80fa9630593938f500f167
6015fa442d24bb979ad1c848f285158dd80becc364356a3ee6ba583d80920b2d
6170e35ddb9e41fd5a7d2127fecfb9dc62f1a436b43dd85e950032d9728a4d87
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64751e68787b4c7bb6ba9379219dd72fd139c1fafbd9d9c931b7ea0e5209fa7b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c0a67a5ce657400132853469ac17043edb25daea619db4476815a3aa913bfde
6fd8c8daa85afb483ff60692cfb7f265d4b7dc661229e172e3f81a9cd6aeb97e
7871ac93634e56ecbe32dfd0cbd031981277a78b462596fed71c4ebe22c39b65
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79bfd15f31db5032fa02284eaabdc109d58d3f4a8845db8722222c950c0a0472
7c0311ae219f109d52ab744c35c1303edfcfaa7ef9678ab9fc02dc07e56cb315
7cb032e2706ccd0279eff0239726147f4d028486978c7abb04de9aed41e977a2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b8d2fe1999ee412b63c8a0fde3de58d3d4459d51c095bb7b7102af43a41478
84d4eda8e2ea06fb300f7f039c5652b39032174a126af1c96167799a0ab96449
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8fdcabd18d25d698978e246cd8d732b3e6b90a23cbf365f45d7e64eb38a03fe4
963c93c4a0111b0191639ad347970973efe3aa2aeee053da8b5f8e61d5254f98
96f0a36bd8a9fc3ad469a102adb521e5db0ba72ee99f521f9c17b490ea055df9
9732003f9d9e5017a350e0de19db9b89173ee5bad475ade2983795240264b569
9a488cfb2b2b08eae377b1394b9e7f66cfb68a8731a03945f73415c8cc620eff
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ac5cc55325568bf667ba7c12a60382d95f9945161acf48b7529aeb62588dc5a
9dc7ad43959c171654dd82308207f03b099ec0b557e121cb06d0d89ebb31a286
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa4d92386bc2758fd5caa5efd663d2f71d996c644b0b9edd61ec43f62d41f772
ad3e96cb4461ada912c601d7163ea04a2ce8b5021c82d77a1eb1c8c13f81c29d
aeb123debafdc92d6bc3c668e2216c50f7eb113c153d7c359598043a66f583ac
b241168edd08427d57fdb2a6e01643b191809b6bab135438136bb733957dfb7f
b9fa489ad869fe24b8e24cf6a1345c783a8c39dd6f7103bb239a02c2268d1adc
bd60c28d5c7d685a7af78826ac43d6d5ebcc4ab59c378fb3f8b4415b7c27ea84
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
c54984c4e8de58f09f8a50e805557a50c5b8be0aced4f1336b097287eaf04862
c603149cfdeb843220948e9600062aa6293b9fcfeda3479d31bf33ef493d20fa
cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950
cc6690cb785dd68708d00f050aa9b24a1e5b8e2ec10c37d41f56f80f98af1212
cc8227b8e37570150e4cf62e32a45328c455e864bce89a24ce6b3ad1dde47fe0
cf6fd0a2cae385cd7e716e97eee265cc8b30454ecdd06445b09bbb69847090ff
d52993758d5d8cbe1a671459812b14fb88d3b3f334b7486555126aaed947a8cb
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deca1861889d6dbb2b9875d31a0c5e09d80c7e0b7a22a5a358f29fb8359dbaa3
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e505e654ef4708d9c3d0da4c03e57ae1df262e07377938d4f456a71918c8aa3d
e540ca721d8e51783858df43b5d37848ca372afcc1c488b13cba69d8cc38a092
e6dc47605fad19a3bb633afb7b8ef54835ac59fc2f6b5b511f5a176393a5401c
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ee1b49c599432b9470402126eb401338a6c67d4efb07cccfacfc82b63109e4c9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f70ed7b509ea443bd3866b101df2e65dd0db19ab18b128c5e85497ac387b17a8
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f89651cc1b698bbc1e3227d085feec82dcabaaecb320930941499cc93c119c4f

timbu.com Open in urlscan Pro 142.132.214.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

113 Requests

96 %HTTPS

72 %IPv6

24 Domains

32 Subdomains

27 IPs

6 Countries

3412 kBTransfer

5671 kBSize

23 Cookies

3 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

timbu.com Open in urlscan Pro
142.132.214.40 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

96 %
HTTPS

72 %
IPv6

24
Domains

32
Subdomains

27
IPs

6
Countries

3412 kB
Transfer

5671 kB
Size

23
Cookies

113 HTTP transactions
1 data transactions