busg18.pics Open in urlscan Pro
2606:4700:3034::ac43:d9e1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://busg18.pics/
Submission: On December 22 via api (December 22nd 2023, 3:49:28 pm UTC) from LU — Scanned from DE

Summary HTTP 373 Redirects Links 115 Behaviour Indicators

Summary

This website contacted 83 IPs in 11 countries across 60 domains to perform 373 HTTP transactions. The main IP is 2606:4700:3034::ac43:d9e1, located in United States and belongs to CLOUDFLARENET, US. The main domain is busg18.pics.
TLS certificate: Issued by GTS CA 1P5 on December 20th 2023. Valid for: 3 months.

This is the only time busg18.pics was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
74	2606:4700:303... 2606:4700:3034::ac43:d9e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.160.196.58 3.160.196.58	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	35.156.87.94 35.156.87.94	16509 (AMAZON-02) (AMAZON-02)
3	184.30.17.67 184.30.17.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.56.200.105 23.56.200.105	16625 (AKAMAI-AS) (AKAMAI-AS)
24	110.232.194.35 110.232.194.35	17941 (BIT-ISLE ...) (BIT-ISLE Equinix Japan Enterprise K.K.)
2	2.20.65.72 2.20.65.72	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.86.111 65.9.86.111	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	124.33.183.216 124.33.183.216	17506 (UCOM ARTE...) (UCOM ARTERIA Networks Corporation)
8	2a02:26f0:480... 2a02:26f0:480:25::1726:6212	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	108.157.4.24 108.157.4.24	16509 (AMAZON-02) (AMAZON-02)
1 11	34.149.101.235 34.149.101.235	15169 (GOOGLE) (GOOGLE)
4	18.66.248.43 18.66.248.43	16509 (AMAZON-02) (AMAZON-02)
5	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2.18.161.178 2.18.161.178	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42::738 2a04:4e42::738	54113 (FASTLY) (FASTLY)
1	138.113.139.220 138.113.139.220	54994 (ML-1432-5...) (ML-1432-54994)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	34.237.119.189 34.237.119.189	14618 (AMAZON-AES) (AMAZON-AES)
2	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
54	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	104.102.50.246 104.102.50.246	16625 (AKAMAI-AS) (AKAMAI-AS)
3 7	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 2	54.65.24.54 54.65.24.54	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	50.31.142.159 50.31.142.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1 3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1	34.120.216.28 34.120.216.28	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	147.92.191.92 147.92.191.92	38631 (LINE LINE...) (LINE LINE Corporation)
1 1	202.232.238.40 202.232.238.40	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1 1	202.228.215.62 202.228.215.62	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.154.63.50 18.154.63.50	16509 (AMAZON-02) (AMAZON-02)
1 2	54.194.146.163 54.194.146.163	16509 (AMAZON-02) (AMAZON-02)
2 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.120.190.172 34.120.190.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	52.45.249.56 52.45.249.56	14618 (AMAZON-AES) (AMAZON-AES)
2	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	108.157.4.16 108.157.4.16	16509 (AMAZON-02) (AMAZON-02)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
2	35.74.209.225 35.74.209.225	16509 (AMAZON-02) (AMAZON-02)
1 1	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
4	2600:9000:223... 2600:9000:223f:e600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.160.212.25 3.160.212.25	16509 (AMAZON-02) (AMAZON-02)
1	202.233.84.7 202.233.84.7	131957 (MICROAD M...) (MICROAD MicroAd)
1 2	99.81.22.6 99.81.22.6	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	119.63.198.176 119.63.198.176	38627 (BAIDUJP B...) (BAIDUJP Baidu)
6	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
3 4	18.194.126.143 18.194.126.143	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	37.157.2.228 37.157.2.228	198622 (ADFORM) (ADFORM)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	18.198.94.178 18.198.94.178	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
17	2600:1f18:1ac... 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3	14618 (AMAZON-AES) (AMAZON-AES)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2.16.164.17 2.16.164.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.197.136 119.63.197.136	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1 1	130.211.11.246 130.211.11.246	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	151.101.129.19 151.101.129.19	54113 (FASTLY) (FASTLY)
1	162.19.138.119 162.19.138.119	16276 (OVH) (OVH)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1	107.178.248.96 107.178.248.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
373	83

74 2606:4700:3034::ac43:d9e1 (United States)

ASN13335 (CLOUDFLARENET, US)

busg18.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.196.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-196-58.mrs52.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.87.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-87-94.eu-central-1.compute.amazonaws.com

mediaconsortium.profiles.tagger.opecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.200.105 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-200-105.deploy.static.akamaitechnologies.com

js.rtoaster.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 110.232.194.35 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
PTR: cloud-isle.jp

www.biteki.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.20.65.72 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-65-72.deploy.static.akamaitechnologies.com

scdn.line-apps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.86.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-111.ams1.r.cloudfront.net

shogakukan-web-api.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 124.33.183.216 (Nakano, Japan)

ASN17506 (UCOM ARTERIA Networks Corporation, JP)
PTR: 124x33x183x216.ap124.ftth.ucom.ne.jp

bs.nakanohito.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:480:25::1726:6212 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cf.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-24.dus51.r.cloudfront.net

img.macromill.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.149.101.235 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 235.101.149.34.bc.googleusercontent.com

sync.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.248.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-43.dus51.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.161.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-178.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::738 (United States)

ASN54113 (FASTLY, US)

js.glossom.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.113.139.220 (Canada)

ASN54994 (ML-1432-54994, CA)

d-cache.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.237.119.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-119-189.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.50.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-50-246.deploy.static.akamaitechnologies.com

rt.rtoaster.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.212.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.65.24.54 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-24-54.ap-northeast-1.compute.amazonaws.com

yjtag.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.159 (Chicago, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

8731124.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.216.28 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 28.216.120.34.bc.googleusercontent.com

atm.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)

tr.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.232.238.40 (Tokyo, Japan) 1 redirects

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.dmp.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.228.215.62 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: swarm.shinobi.jp

sync.shinobi.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.154.63.50 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-50.dus51.r.cloudfront.net

cr-p10000.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.146.163 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-146-163.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.190.172 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.190.120.34.bc.googleusercontent.com

b.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.45.249.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-249-56.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-16.dus51.r.cloudfront.net

cdn.opecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.74.209.225 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-74-209-225.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.202.187 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:223f:e600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.212.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-212-25.mxp53.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.7 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

universe.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.22.6 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-22-6.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.63.198.176 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

discoveryplus.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.194.126.143 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-126-143.eu-central-1.compute.amazonaws.com

mediaconsortium.tagger.opecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tagger.opecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.228 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.94.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-94-178.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.164.17 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-164-17.deploy.static.akamaitechnologies.com

assets-momentum.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.197.136 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.11.246 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 246.11.211.130.bc.googleusercontent.com

jp-axia.m0mentum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.19 (United States)

ASN54113 (FASTLY, US)

img.ak.impact-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.248.96 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.248.178.107.bc.googleusercontent.com

penta.a.one.impact-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	busg18.pics busg18.pics	3 MB
54	gstatic.com fonts.gstatic.com	627 KB
27	adsafeprotected.com 1 redirects cdn.adsafeprotected.com — Cisco Umbrella Rank: 3936 pixel.adsafeprotected.com — Cisco Umbrella Rank: 718 static.adsafeprotected.com — Cisco Umbrella Rank: 602 fw.adsafeprotected.com — Cisco Umbrella Rank: 900 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	215 KB
25	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 8731124.fls.doubleclick.net — Cisco Umbrella Rank: 530570 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	228 KB
24	googlesyndication.com 1 redirects 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	138 KB
24	biteki.com www.biteki.com	2 MB
22	im-apps.net 1 redirects dmp.im-apps.net — Cisco Umbrella Rank: 31325 sync.im-apps.net — Cisco Umbrella Rank: 4991 cf.im-apps.net — Cisco Umbrella Rank: 188874 atm.im-apps.net — Cisco Umbrella Rank: 210766 b.im-apps.net — Cisco Umbrella Rank: 126064 audiencedata.im-apps.net — Cisco Umbrella Rank: 31133	37 KB
17	popin.cc api.popin.cc — Cisco Umbrella Rank: 31958 discoveryplus.popin.cc — Cisco Umbrella Rank: 113580 log.popin.cc — Cisco Umbrella Rank: 33420 r.popin.cc — Cisco Umbrella Rank: 34110 inrecsys.popin.cc — Cisco Umbrella Rank: 39665 jp.popin.cc — Cisco Umbrella Rank: 155282	124 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	702 KB
8	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93	2 KB
7	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2138 widget-pixels.outbrain.com — Cisco Umbrella Rank: 4308 mv.outbrain.com — Cisco Umbrella Rank: 2682 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 7106	92 KB
6	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 68813 sync.logly.co.jp — Cisco Umbrella Rank: 75203	40 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	22 KB
6	opecloud.com 3 redirects mediaconsortium.profiles.tagger.opecloud.com — Cisco Umbrella Rank: 287978 cdn.opecloud.com — Cisco Umbrella Rank: 5764 mediaconsortium.tagger.opecloud.com — Cisco Umbrella Rank: 256969 tagger.opecloud.com — Cisco Umbrella Rank: 4604	17 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	448 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	225 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461	14 KB
4	treasuredata.com in.treasuredata.com — Cisco Umbrella Rank: 4504 cdn.treasuredata.com — Cisco Umbrella Rank: 15782	15 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6765	641 B
4	microad.jp d-cache.microad.jp — Cisco Umbrella Rank: 257164 aid.send.microad.jp — Cisco Umbrella Rank: 7197 universe.send.microad.jp — Cisco Umbrella Rank: 162469	4 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	178 KB
3	impact-ad.jp img.ak.impact-ad.jp — Cisco Umbrella Rank: 137114 penta.a.one.impact-ad.jp — Cisco Umbrella Rank: 132897	48 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 98	3 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340 fonts.googleapis.com — Cisco Umbrella Rank: 29	69 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	651 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 478	2 KB
2	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 424	718 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	1 KB
2	ladsp.com 2 redirects cr-p10000.ladsp.com — Cisco Umbrella Rank: 517484	964 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	297 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 713	842 B
2	yahoo.co.jp 1 redirects yjtag.yahoo.co.jp — Cisco Umbrella Rank: 35703	680 B
2	glossom.jp js.glossom.jp — Cisco Umbrella Rank: 497770	34 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	69 KB
2	macromill.com img.macromill.com — Cisco Umbrella Rank: 31740	5 KB
2	nakanohito.jp bs.nakanohito.jp — Cisco Umbrella Rank: 67427	19 KB
2	rtoaster.jp js.rtoaster.jp — Cisco Umbrella Rank: 199067 rt.rtoaster.jp — Cisco Umbrella Rank: 126684	5 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 425	528 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 225	399 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 940	271 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 590	16 KB
1	m0mentum.net 1 redirects jp-axia.m0mentum.net — Cisco Umbrella Rank: 261934	631 B
1	akamaized.net assets-momentum.akamaized.net — Cisco Umbrella Rank: 291285	19 KB
1	t.co t.co — Cisco Umbrella Rank: 589	377 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 695	236 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	542 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 2627	104 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 678	15 KB
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 638	218 B
1	shinobi.jp 1 redirects sync.shinobi.jp — Cisco Umbrella Rank: 225841	395 B
1	fout.jp 1 redirects sync.dmp.fout.jp — Cisco Umbrella Rank: 122915	514 B
1	line.me tr.line.me — Cisco Umbrella Rank: 14601	425 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	307 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 793	166 B
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 15374	10 KB
1	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 11657	463 B
1	shogakukan-web-api.net shogakukan-web-api.net	5 KB
1	line-apps.com scdn.line-apps.com — Cisco Umbrella Rank: 87293	4 KB
373	60

	Domain	Requested by
74	busg18.pics	busg18.pics
54	fonts.gstatic.com	fonts.googleapis.com
24	www.biteki.com	busg18.pics
17	dt.adsafeprotected.com	41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com busg18.pics
12	s0.2mdn.net	busg18.pics s0.2mdn.net 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
11	pagead2.googlesyndication.com	ad.doubleclick.net 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net
11	tpc.googlesyndication.com	1 redirects busg18.pics 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
11	sync.im-apps.net	1 redirects busg18.pics dmp.im-apps.net cf.im-apps.net
8	securepubads.g.doubleclick.net	busg18.pics securepubads.g.doubleclick.net www.googletagservices.com
7	cm.g.doubleclick.net	3 redirects 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
6	log.popin.cc	busg18.pics
6	www.google-analytics.com	busg18.pics www.google-analytics.com
6	www.googletagmanager.com	busg18.pics www.googletagmanager.com dmp.im-apps.net js.glossom.jp
5	www.googletagservices.com	securepubads.g.doubleclick.net 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com www.googletagservices.com s0.2mdn.net
5	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
5	api.popin.cc	busg18.pics api.popin.cc
5	dmp.im-apps.net	busg18.pics l.logly.co.jp dmp.im-apps.net
4	static.adsafeprotected.com	pixel.adsafeprotected.com 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com busg18.pics
4	www.google.com	busg18.pics 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com tpc.googlesyndication.com
4	www.google.de	busg18.pics
4	connect.facebook.net	busg18.pics connect.facebook.net
4	l.logly.co.jp	busg18.pics l.logly.co.jp
3	r.popin.cc	busg18.pics
3	in.treasuredata.com	cf.im-apps.net cdn.treasuredata.com api.popin.cc
3	www.facebook.com	1 redirects busg18.pics connect.facebook.net
3	pixel.adsafeprotected.com	cdn.adsafeprotected.com busg18.pics
3	region1.analytics.google.com	www.googletagmanager.com
3	cf.im-apps.net	busg18.pics
2	img.ak.impact-ad.jp	busg18.pics img.ak.impact-ad.jp
2	googleads4.g.doubleclick.net	busg18.pics
2	c1.adform.net	2 redirects
2	d5p.de17a.com	2 redirects
2	secure.adnxs.com	2 redirects
2	tagger.opecloud.com	1 redirects busg18.pics
2	mediaconsortium.tagger.opecloud.com	2 redirects
2	fw.adsafeprotected.com	1 redirects busg18.pics
2	eus.rubiconproject.com	l.logly.co.jp eus.rubiconproject.com
2	sync.logly.co.jp	l.logly.co.jp sync.logly.co.jp
2	mcdp-nydc1.outbrain.com	widgets.outbrain.com
2	gum.criteo.com	2 redirects
2	dpm.demdex.net	1 redirects cf.im-apps.net
2	cr-p10000.ladsp.com	2 redirects
2	41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	8731124.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	aid.send.microad.jp	cf.im-apps.net d-cache.microad.jp
2	match.adsrvr.org	cf.im-apps.net 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
2	analytics.twitter.com	cf.im-apps.net busg18.pics
2	yjtag.yahoo.co.jp	1 redirects cf.im-apps.net
2	mv.outbrain.com	widgets.outbrain.com
2	js.glossom.jp	www.googletagmanager.com js.glossom.jp
2	www.youtube.com	busg18.pics www.youtube.com
2	img.macromill.com	busg18.pics
2	bs.nakanohito.jp	busg18.pics bs.nakanohito.jp
2	widgets.outbrain.com	busg18.pics widgets.outbrain.com
2	ajax.googleapis.com	busg18.pics
1	penta.a.one.impact-ad.jp	img.ak.impact-ad.jp
1	id5-sync.com	img.ak.impact-ad.jp
1	bam.nr-data.net	js-agent.newrelic.com
1	lb.eu-1-id5-sync.com	img.ak.impact-ad.jp
1	js-agent.newrelic.com	busg18.pics
1	jp.popin.cc	busg18.pics
1	jp-axia.m0mentum.net	1 redirects
1	inrecsys.popin.cc	busg18.pics
1	assets-momentum.akamaized.net	api.popin.cc
1	t.co	busg18.pics
1	x.bidswitch.net	41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
1	rtb.openx.net	41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	dclk-match.dotomi.com	41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
1	discoveryplus.popin.cc	api.popin.cc
1	universe.send.microad.jp	busg18.pics
1	cdn.treasuredata.com	busg18.pics
1	ad.doubleclick.net	www.googletagservices.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	secure-assets.rubiconproject.com	1 redirects
1	static.ads-twitter.com	busg18.pics
1	cdn.opecloud.com	busg18.pics
1	adservice.google.com	8731124.fls.doubleclick.net
1	audiencedata.im-apps.net	dmp.im-apps.net
1	b.im-apps.net	dmp.im-apps.net
1	tags.bluekai.com	cf.im-apps.net
1	sync.shinobi.jp	1 redirects
1	sync.dmp.fout.jp	1 redirects
1	tr.line.me	busg18.pics
1	atm.im-apps.net	busg18.pics
1	b1sync.zemanta.com	1 redirects
1	image6.pubmatic.com	cf.im-apps.net
1	rt.rtoaster.jp	js.rtoaster.jp
1	fonts.googleapis.com	ajax.googleapis.com
1	d-cache.microad.jp	www.googletagmanager.com
1	d.line-scdn.net	busg18.pics
1	widget-pixels.outbrain.com	busg18.pics
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	shogakukan-web-api.net	busg18.pics
1	scdn.line-apps.com	busg18.pics
1	js.rtoaster.jp	busg18.pics
1	mediaconsortium.profiles.tagger.opecloud.com	busg18.pics
1	cdn.adsafeprotected.com	busg18.pics
373	98

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
page.line.me
www.biteki.com
pinterest.com
trace.popin.cc
id.shogakukan.co.jp
www.shogakukan.co.jp
skygarden.shogakukan.co.jp
shogakukan.tameshiyo.me
line.me
cancam.jp
oggi.jp
domani.shogakukan.co.jp
precious.jp
mery.jp
steenz.jp
intojapanwaraku.com
artplaza.geidai.ac.jp
www.bepal.net
kufura.jp
realkitchen-interior.com
serai.jp
8760.news-postseven.com
kaigo-postseven.com
www.moneypost.jp
www.shosetsu-maru.com
daijisen.jp
ebook.shogakukan.co.jp
gagagabunko.jp
www.news-postseven.com
dime.jp
sho.jp
hugkum.sho.jp
televi-kun.net
pucchigumi.net
kyoiku.sho.jp
juniorbunko.jp
hoiclue.jp
flowers.shogakukan.co.jp
petitcomic.com
cheese.shogakukan.co.jp
betsucomi.shogakukan.co.jp
www.sho-comi.com
ciao.shogakukan.co.jp
bigcomicbros.net
sundaygx.com
gekkansunday.net
websunday.net
corocoro.jp
www.sunday-webry.com
yawaspi.com
urasunday.com
manga-one.com
csbs.shogakukan.co.jp
gravidia.jp
sabra.jp
shinoyama.net
adpocket.shogakukan.co.jp

Subject Issuer	Validity	Valid
busg18.pics GTS CA 1P5	`2023-12-20` - `2024-03-19`	3 months	crt.sh
*.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-22` - `2024-06-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.profiles.tagger.opecloud.com Amazon RSA 2048 M02	`2023-11-27` - `2024-12-25`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
js.rtoaster.jp DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-13`	a year	crt.sh
www.biteki.com JPRS Domain Validation Authority - G4	`2023-03-07` - `2024-03-31`	a year	crt.sh
line-apps.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-13` - `2024-11-13`	a year	crt.sh
shogakukan-web-api.net Amazon RSA 2048 M03	`2023-09-20` - `2024-10-17`	a year	crt.sh
*.nakanohito.jp JPRS Organization Validation Authority - G4	`2023-01-16` - `2024-01-31`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
img.macromill.com Cybertrust Japan SureServer CA G4	`2023-05-09` - `2024-06-04`	a year	crt.sh
sync.im-apps.net GTS CA 1D4	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.popin.cc Secure Site Pro CA G2	`2023-09-27` - `2024-10-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-30` - `2023-12-29`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
shared-certificate.user-space.cdn.idcfcloud.net GlobalSign RSA OV SSL CA 2018	`2023-12-14` - `2024-07-30`	8 months	crt.sh
jpssl.cdngc.net GlobalSign RSA OV SSL CA 2018	`2023-07-14` - `2024-08-14`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
rt.rtoaster.jp DigiCert TLS RSA SHA256 2020 CA1	`2023-07-29` - `2024-07-31`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2023-10-03` - `2024-11-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
atm.im-apps.net GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.line.me GlobalSign RSA OV SSL CA 2018	`2023-08-10` - `2024-09-10`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
b.im-apps.net GTS CA 1D4	`2023-11-11` - `2024-02-09`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-07-19` - `2024-08-16`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cdn.opecloud.com Amazon RSA 2048 M02	`2023-12-16` - `2025-01-12`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
img.ak.impact-ad.jp SECOM Passport for Web SR 3.0 CA	`2023-09-21` - `2024-10-19`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
a.one.impact-ad.jp SECOM Passport for Web SR 3.0 CA	`2023-03-27` - `2024-03-31`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://busg18.pics/
Frame ID: 79DF80D63248B0B0542768191A606CA8
Requests: 282 HTTP requests in this frame

Frame: https://cf.im-apps.net/imid/beacon.html
Frame ID: 9797E6C27011796D3A33523D930DF6FF
Requests: 9 HTTP requests in this frame

Frame: https://8731124.fls.doubleclick.net/activityi;dc_pre=COLLhsWyo4MDFfzNOwIdZxUI2Q;src=8731124;type=invmedia;cat=ufj070;ord=4886078669641;auiddc=2129863965.1703260157;u1=1010434;u2=0;gtm=45He3bt0v860142837;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fbusg18.pics%2F
Frame ID: D1827660E5A67FD12CAE76CE651665F0
Requests: 2 HTTP requests in this frame

Frame: https://cf.im-apps.net/imid/beacon.html
Frame ID: 6807211ACE6F0AC0ECE2667C43BA3163
Requests: 7 HTTP requests in this frame

Frame: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 22B8CBB00F711B3563FB0604639F91D8
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: 171F88D8EBA6D186CDA7A062A5E14224
Requests: 1 HTTP requests in this frame

Frame: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DCDE79EF36F52E36CE5FB8F891221E9F
Requests: 31 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2dW7ssiPNgOeLmvo7pY1bAQoicc5AcmqUhtD_FoYJjpCz6TrcL2hpXSwn6HjSdSJzqTYxCYMFZjZ9Wi51nEartGVq7-8kl_WCkG-LWP-ubR6NnE4hyG5xxZVW8BEgoTNIuCjmLA6m88H1pMthfRjW4WAXNe0bZyB85Hu7uSLjKwmTaQcUtf1Xl8vjwYVhqj8BaCXyrpLeaAGZG7bbeaA_1FT3S3tRvjpVfSbH0Fpuzf9mN-BEvLBOEscLEyJiJtbe1uMIlFrRMDiAjLdqr_pJA0jEIrdZBxg8R2BBFFS4N7lJoyM6YVawnDoavZ7GIyVtIT0QCInHFKA2sHJjIITnCQU19lnNdvD4ReEtpa4E9stki1hohMdIBHcBqHayqwu3&sai=AMfl-YTOutfxRCCXXEKZYdyGNh34EN3Y54R1LFMn5ijT3xCYan7Fi-ZW924V0ACoTSpLl2qY8v_FXl9AiEWotBjislR8D6Ruea24lEQuinX13ioUZ1u9X1pwv2_QgaymfQ&sig=Cg0ArKJSzM_-0sdAGm_0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 8120E65CC030FA33C57DB66A9C7A9617
Requests: 6 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930635&campId=300x250&pubId=33711428&chanId=21702921002&placementId=5000201889&pubCreative=138309213646&pubOrder=2503394866&cb=1608489060&adsafe_par&impId=a9b34dc1-a0e1-11ee-9608-0eedbe6adc7d
Frame ID: 85CE14E5B38E9635E076BF53F0872721
Requests: 2 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 7F5452C92D01B3FC9BC090AF532BC83B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: D3995F240345AD65D8CC8FB6AD002B59
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6BDF59E41D67287F906080F220A7E378
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E002A283BE948B3144663616D515A141
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: EC061CE4E642216F5E08C2817EA595DC
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250
Frame ID: 9B6086CEDEEDFC9FE6E9792886481F89
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 29B8107B829C2A74369E10F77A8B61FC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df39cf1568301488%2526domain%253Dbusg18.pics%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fbusg18.pics%25252Ff3fb041952ea5e8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D550%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fbitekicom%26locale%3Dja_JP%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
Frame ID: 248BFC4264556F6D0CA298F8A700748E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1611818A3EC95DAD5F71F854AE337D93
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1361BC084AEFCD1CE9E202C3CF39CB0F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

鉄分たっぷり！果物５選【おすすめレシピ】 | 美的.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

373
Requests

96 %
HTTPS

29 %
IPv6

60
Domains

98
Subdomains

83
IPs

11
Countries

8154 kB
Transfer

13591 kB
Size

50
Cookies

115 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/bitekicom

Search URL Search Domain Scan URL

URL: https://twitter.com/bitekicom?lang=ja

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bitekicom/?hl=ja

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/birangerchannel

Search URL Search Domain Scan URL

URL: https://page.line.me/biteki?openQrModal=true

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/202215
Title: 初出：美容エディター・門司紀子のToday’s SALAD #2「紫キャベツのコールスロー風」

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/395110
Title: 初出：毛穴の黒ずみにはビタミンC！トマト、ケール、キャベツを使った毛穴レスレシピ３♪

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/1517152
Title: 初出：ドライプルーンの糖質と栄養まとめ｜ダイエット・美容への取り入れ方を管理栄養士が解説！

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/459384
Title: 初出：意外と糖質が低い『里芋』。簡単レシピをご紹介！｜家呑みごはん #19

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/326862
Title: 初出：たっぷりフルーツでビタミン補給！スイーツ系オープンサンドレシピ

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/264433
Title: 初出：「ブラッドオレンジジュースのドレッシングで！オレンジとミニトマト、クレソンのサラダ」美容エディター・門司紀子のToday’s SALAD<番外編>

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/159808
Title: 初出：美容賢者の体に優しい家呑みごはん Vol.2

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/1652037
Title: 初出：春の日差しに負けない美しさをチャージ！「オレンジキャロットラペ」【Today’s SALAD #232】

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/960760
Title: 初出：アボカドとオレンジのサラダ｜抗酸化作用で体の中からキレイに♪【ニコサラダレシピ】

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/913607
Title: 初出：不老不死の果実が主役のサラダで若返り！「いちじくとトマトとカッテージチーズのアペタイザー風」Today’s SALAD #175

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/482807
Title: 初出：【いちじく】糖質・栄養・効能・レシピまとめ｜美容への期待は？

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/634288
Title: 初出：旬のイチジク×アボカドが相性抜群♪ 栄養価も美肌効果もたっぷり！「イチジクとアボカド、グレープフルーツのサラダ」Today’s SALAD #136

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/295950
Title: 初出：夏冷えには桃！【桃とトマトのジンジャーサラダ】Today’s SALAD #47

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/1539729
Title: 初出：桃の糖質と栄養まとめ｜ダイエット・美容への取り入れ方を管理栄養士が解説！

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/1687465
Title: 初出：ジンジャー風味で代謝アップ！「ブルーベリー桃トマトモッツアレラ」【Today’s SALAD #245】

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/594034
Title: 初出：桃×デトックス素材でヘルシー美人を目指す！「桃とパクチーのサラダクミン風味」Today’s SALAD #127

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https://www.biteki.com/life-style/food-recipe/538244

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.biteki.com/life-style/food-recipe/538244&media=https://www.biteki.com/wp-content/uploads/2021/05/ac122cb0b394d98670ee8dee04ce2f96-212x212.jpg&description=%E9%89%84%E5%88%86%E3%81%9F%E3%81%A3%E3%81%B7%E3%82%8A%EF%BC%81%E6%9E%9C%E7%89%A9%EF%BC%95%E9%81%B8%E3%80%90%E3%81%8A%E3%81%99%E3%81%99%E3%82%81%E3%83%AC%E3%82%B7%E3%83%94%E3%80%91

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.biteki.com/life-style/food-recipe/538244&text=%E9%89%84%E5%88%86%E3%81%9F%E3%81%A3%E3%81%B7%E3%82%8A%EF%BC%81%E6%9E%9C%E7%89%A9%EF%BC%95%E9%81%B8%E3%80%90%E3%81%8A%E3%81%99%E3%81%99%E3%82%81%E3%83%AC%E3%82%B7%E3%83%94%E3%80%91

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/food-recipe/546006

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/others/1761351

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/others/1769715

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/others/1768183

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/others/1754146

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=53221688211cefd1ecc127efb9a74e83&acid=25828&data=9JGwUlecc6x7nCog2KZNfAFlN52tHlgmQWjMCbtH8lGgfWIJheApZJ-V_ks52PA8z4TspHf7zapm5141j-ZQo_0qMWhvzweJHEgDkOtcsztU1kwCl3wlIvJ--6Dw1MmfM9fjTl2W_GRPFarD4m4zH-ehBGowborRJGCkQR95dfo32giNpc_370Y2YDbUbYPU4bKbXFcCGP7M7rdf0zCx5IiyPrLJpzGv7e9MPdqtFc77FKSee6dRcsYmJMwK_OPHge1m9_VKxIPhRb3mFQnB_naUs_32_UBiy1hLozWloE_eFWiO-wdfpQISUy32wLp_kacVAK5riErHGtjWd4650FUM8UjO7iL7p1bQwB3ail_e21bv8SdBRc-_KHCcX2feqmGCfcsvwj1gGe1zXN6jeU-KgB6ZGvhTHWo1UxJ9SXC90H6eNcfFOsDEtKS3TF5-n6VqW_Xen2UJAFxsf7dZsf1v0_ESmADcC7JZDcrncvSJKjWLDHwV9yvBrlSXF7zBG0IDOgAwCZMiLbigvKJdnhbrxcxyERJ3lshyHuMmhM2rnix2LW02pP73lGMoUrz33LuRiz2iXc0YRHrX8xVifbrcT5PdPFp_bWECHVneENzO1-7_eW82E3UovMv91ozbiO7x-Y5UBu8xDA2c-ry-I6G-Y9rHgUkPn8ZykGyApe7S1vy-RDWzzrUzZYbOYMASwxOYk1hwCtjbJhKdbEZ6PZbL67sB2r1ANqsrpFLdrUzan4IJHu0CZu-DQCTB1VMFP8B30uPXKKYf7J_8IKRO0g&uid=57b62095f2675b2aa7a1703256558183&mguid=&gprice=JQisqm2CuuEP5uqfY8GPYUx8FP9aj71yIvzt68XKj3g&pb=d&uidct=1703256558183&uu=57b62095f2675b2aa7a1703256558183&tst=1703260159648&ppvs=6&tss=5&aps=1&rp=5&fs=3&bs=33333&caid=standard

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=805f8de0c76ef907da01afaf82aef7cc&acid=26038&data=gomBz3P38VsdQBkjfvn4b3T4sycz-_h0ki6JYmXtswcjdRY3Q9pkLhqK1-MbEuvNVsI1ibOj-sA9nIrwFitwym1DgplbXg5hgfj_XX5GqHyQbwFWJIhZ9g2LrDo4WI9gBQP1tYO9c3PaQVSb_np4jyPsZwJSxVOnTh4fT9lR3fNHc2vdyg4ujRHfIc9LPagaHvmNgrTp4vxsKvoqfwddq4cXEhSv73LafOib4CF2VW40F76e1zYlFqmAqqerwUUfS88QzJoHgbjy-zndrSvz5NakJTnn-lYhbPfKhvKYSgKA_dMGZutWRv12mGTvyVkET1tKKyVhCyjcuqiyq0CVfhXexDmqWMh8I3wiSA8eAAIF8dhYznHHWzMm0AbZZSgq-H1N38TIsiJwca02386Me8zEItfpLNlm3ssdwve0-dghFNNvTgGG6HlUkjerZdvDMiEbeSW7OXgok08PUqBvK3IDi7a9RnMGGz6DyR9GX39ahfkPwT3ilz7W3ANc2w6UAGezACCBUOT8k6UWzJn85VPRI0pAa4cRb8fgWd2II6cAEH4ozKmcvTzDcz3_j-QVtXYXY0V4ESWuvbQddasDY5AGLFxeBbBYriuwRvqaX2elLl0FFKWkLO2l_0vsFBvmUbl0IULmvuceW0vQPsj5PGNbD4RY45bUDVLi8BoEVnsL5TJOVSLm_OgO2tl9BEaNOO_bH5O74ytJkI1rA3KusAj2BHpdQQfS4fg7kMScp6Hk-fHBmLd7rEgEsk16rq7ahYSMWhUbAzsdWE1jKMMMYshEFp9bAS3fp6vXuvj-CyGmDDOXOXptw3G3UP7-ATWGWcJmfTTc-5PpYyqyDYR937WrurQExq_1eT2TIACfkxYrZmNTIoG5ETmnaOdc68HhDbUPMk-VL3XXN9Hf059nnWnpjshFaEKu-o66FR5KdPdikqR6tQArjD9iSpC8B6sbAnniNonNUrsYi_3gtg8SoQqJqbvYzPB3VAE7ub8NEuVGVG3ho167heTiTFNvZBA1U3I0WHgr0xKl4p8Y0SdySMcZG6wkbfPrBsS1xIK4MeE&uid=57b62095f2675b2aa7a1703256558183&mguid=&gprice=_QyjgDrtdXtHcqd21bwqBJvPYmHKhgPjLE6yB-eBKZY&pb=d&uidct=1703256558183&uu=57b62095f2675b2aa7a1703256558183&tst=1703260159649&ppvs=6&tss=5&aps=2&rp=6&fs=3&bs=33333&caid=standard

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=70fd4f3169fbeb0fcdcda7806b9461f1&acid=26038&data=83ymUbxWEBklo9XoegViPO5ZSzQsa26NF55kHAVA-wn9gGuiP0BSXEWsZ1TANsEPQ5zgfOXCn4CaTAhyJXO-zP8rZWmF8bJNVo1Fq6Ff3YzKy-c9XsfSamL7__8-1mm8OSAFZQidd0Md0VH0CdChsTLe7V381_7MJC1HrqYpBTd7GycycPZQUO2IDfsB6dfEOpKVNwQSk1vNOxxlXvp_Ad9G_3IRTa0LVjxGgXf3WPD2hlLfVFXHpLuxjRr_lDL_4beLZx2npM6bgiZX0TjUTGsfHtqikaaIQMNUz9Aj5Ab-vhyP_reK93FZjr6O-OCLASETrfkLSuUieeZV3a7Ub_8859YK2wa62kd3t0n-DhSYHKGQVC6g__I9b7_RiJIeCWftbVUvgykLDEEc9T4DGsg9f5iPXftx3mUI09gqwajJBMIlDOmPC2rYKWbz8J56kzviA7jdF2-3ZFLKQg8AmhfEzp0qIUG_z5-b_Mmo1uaQ5yCVXKx4hMkhHQ3FaB1X4fhlQW9TbCUKrhPEH2kuXpMCsjQxEUQSJMq2YV8rZWOt6hyc61G9ur6PbJucE1gPVeuGBCJt_kBIoUNN5bksZ-kJKPlqht9R3PwRXX--qWDgeVbVii789B944KMgiSDtl7B_4Y_pYoRA49TO4KU1GvHxT4jZnCrV_6Di0q2ECTV1iUMaZowhpeS1ft5ESHcskbLvLuV4kO587zjKK9hTcwRRwyPL7jOIEH-SkTXBrGq2FrLGgDDuToqLh0xMLLr8eQdurFbnaqd6ESOaawFs2OCe9IxEc0Q6IQrg6KUyYjzCCgWOxGeas6g8JTlvPcNYnmroNoXBBryXHao4odlaWEmrgKH_eVr34mc_bkEqsU3ZjusG6hqYqXZzdHFwsoHJb8muNYLCcqVOxJcfQ7xlF5pkh6FeZIqnfTL9aGI3gZcdt4usL9WvgOLH7ORyYbF8R8Lnt6lOdlZLUQ1c8mxLp9roknvKA0VEU0qj_u4lluI9ViWti3HJW4K0xvWo4WrZk5bCOBnXW0DhwbYqJBuu8JBsCKEeJmr5u3CYXB85i7M&uid=57b62095f2675b2aa7a1703256558183&mguid=&gprice=Dx1nsbiJCarJx1rFeEtkTthM3g9wHuoto0dl_6sZt2M&pb=d&uidct=1703256558183&uu=57b62095f2675b2aa7a1703256558183&tst=1703260159649&ppvs=6&tss=5&aps=3&rp=7&fs=3&bs=33333&caid=standard

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=19b322dabe7a63f35f218e7dcec40793&acid=20636&data=TW8FIhGc8pZvZq-vyomvtwwf29wOwXjtZheb2miDPAdHxQIMYxvgVtl7vZDCspAlMMbK2Ai7D0hDlQsy0UhR5Qa7-OkKVzqr9nIDMtONjne7PLTCjNSzkPwe9Zr2pg7-_q7UCbgkzEknRuCXYbCI9-sgh0joDw0vtb1Wsik3PnONzgNWg3BLO_abCs8h0nmMVPZmG8YKMUysxEGZFTCKCKkr12IfRVIY4P9HfXxXC5xIMXt4q_paZ7UnEq8y-Hb1rP8MIKM26OErVmLJCHx1TjhEyPIia1sLexIjEKkg3JeoY1WQj2-VAsndfXNQaokMjqsY0BwK3mRwP5fJxo3lWykP9HJdmmgvPZwUay-j8C9t3UJrr-fUIOZBoyFHMOm_SKF15WTcwACXO6K6ZimYyoofRVqDoNJ4AlRn-xv44OzgcHeD2Wgo0keTvJDxTvCobX08SgwHccRo3ejivO78vBbL4XGIf7Xd93lzltdkzafwIgQSwzQjKPAsUqNigM-NzmjzQceIQVGKDQQHftuSjcYy6CWhF8ftGyVGa0mBYvNbmgNjQ3vswQ4eyHRlJqCxeD7bw5gyNY3gn7Iec6jKMfK1n8Bs63DHoEn2m6v5rhm4jUN2htMT_4qwwcBF-SdkNvY4e_mDtHYgWLKfdoapmK0UJDuSzA1_cF-oWM4NZbi7JL0fYNtp8fl_l7SPsDkjf-_LgLakcwCsFKbDlDkbADas6q9xcH1OgjvEyOTj4M9ejnTl5y0em_xOZIpaYtR7pnZ4nUV9ut_SOOOO90HTI4uAdgPYBEzLVjvMRluHuyA&uid=57b62095f2675b2aa7a1703256558183&mguid=&gprice=JY9TTBOyEMF2j9L-RL6YhPI0X_duYXS8xtA6uWzYbuw&pb=d&uidct=1703256558183&uu=57b62095f2675b2aa7a1703256558183&tst=1703260159649&ppvs=6&tss=5&aps=4&rp=8&fs=3&bs=33333&caid=standard

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/others/1754025

Search URL Search Domain Scan URL

URL: https://www.biteki.com/make-up/others/1758944

Search URL Search Domain Scan URL

URL: https://www.biteki.com/skin-care/trouble/298903

Search URL Search Domain Scan URL

URL: https://www.biteki.com/life-style/others/1765201

Search URL Search Domain Scan URL

URL: https://www.biteki.com/best-cosmetic/news/1767459
Title: 4 【最新プチプラ乳液・クリームランキング】低価格なのに手ごたえばっちりな優秀アイテムTOP3は？｜『美的』2023下半期賢者ベストコスメ

Search URL Search Domain Scan URL

URL: https://www.biteki.com/tag/%e3%82%82%e3%82%8a%e3%81%9f-%e3%81%98%e3%82%85%e3%82%93%e3%81%93
Title: もりたじゅんこ

Search URL Search Domain Scan URL

URL: https://www.biteki.com/tag/%e5%8f%8b%e5%88%a9-%e6%96%b0
Title: 友利新

Search URL Search Domain Scan URL

URL: https://www.biteki.com/cosmetic-calendar-weeks?ymd=20231220
Title: Cosme Calendarへ

Search URL Search Domain Scan URL

URL: https://id.shogakukan.co.jp/services/biteki
Title: メールマガジン登録はこちら

Search URL Search Domain Scan URL

URL: https://www.shogakukan.co.jp/purchase/paper/magazines/0744301124
Title: 最新号を購入する

Search URL Search Domain Scan URL

URL: https://skygarden.shogakukan.co.jp/skygarden/owa/tk_books?bid=66&sha=1&zou=0
Title: 定期購読

Search URL Search Domain Scan URL

URL: https://shogakukan.tameshiyo.me/4910074430145
Title: 試し読み

Search URL Search Domain Scan URL

URL: https://www.shogakukan.co.jp/purchase/digital/magazines/0744311124
Title: 電子書籍

Search URL Search Domain Scan URL

URL: https://line.me/R/ti/p/%40biteki

Search URL Search Domain Scan URL

URL: https://line.me/R/ti/p/%40oa-bitekicom

Search URL Search Domain Scan URL

URL: https://cancam.jp/
Title: CanCam

Search URL Search Domain Scan URL

URL: https://oggi.jp/
Title: Oggi

Search URL Search Domain Scan URL

URL: https://domani.shogakukan.co.jp/
Title: Domani

Search URL Search Domain Scan URL

URL: https://precious.jp/
Title: Precious

Search URL Search Domain Scan URL

URL: https://www.biteki.com/
Title: 美的

Search URL Search Domain Scan URL

URL: https://precious.jp/list/mensprecious
Title: MEN’S Precious

Search URL Search Domain Scan URL

URL: https://mery.jp/
Title: MERY

Search URL Search Domain Scan URL

URL: https://steenz.jp/
Title: Steenz

Search URL Search Domain Scan URL

URL: https://intojapanwaraku.com/
Title: 和樂

Search URL Search Domain Scan URL

URL: https://artplaza.geidai.ac.jp/
Title: 藝大アートプラザ

Search URL Search Domain Scan URL

URL: https://www.bepal.net/
Title: BE-PAL

Search URL Search Domain Scan URL

URL: https://kufura.jp/
Title: kufura

Search URL Search Domain Scan URL

URL: https://realkitchen-interior.com/
Title: REAL KITCHEN&INTERIOR

Search URL Search Domain Scan URL

URL: https://serai.jp/
Title: サライ

Search URL Search Domain Scan URL

URL: https://8760.news-postseven.com/
Title: 8760 by postseven

Search URL Search Domain Scan URL

URL: https://kaigo-postseven.com/
Title: 介護ポストセブン

Search URL Search Domain Scan URL

URL: https://www.moneypost.jp/
Title: マネーポストWEB

Search URL Search Domain Scan URL

URL: https://www.moneypost.jp/fudousan-baikyaku/
Title: マネーポスト不動産売却

Search URL Search Domain Scan URL

URL: https://www.shosetsu-maru.com/
Title: 小説丸

Search URL Search Domain Scan URL

URL: https://daijisen.jp/
Title: 大辞泉

Search URL Search Domain Scan URL

URL: https://ebook.shogakukan.co.jp/
Title: 小学館eBooks

Search URL Search Domain Scan URL

URL: https://gagagabunko.jp/
Title: ガガガ文庫

Search URL Search Domain Scan URL

URL: https://www.news-postseven.com/
Title: NEWSポストセブン

Search URL Search Domain Scan URL

URL: https://dime.jp/
Title: @DIME

Search URL Search Domain Scan URL

URL: https://sho.jp/
Title: 小学館キッズ

Search URL Search Domain Scan URL

URL: https://hugkum.sho.jp/
Title: HugKum

Search URL Search Domain Scan URL

URL: https://televi-kun.net/
Title: てれびくん

Search URL Search Domain Scan URL

URL: https://pucchigumi.net/
Title: ぷっちぐみ

Search URL Search Domain Scan URL

URL: https://sho.jp/bb
Title: ベビーブック

Search URL Search Domain Scan URL

URL: https://sho.jp/mebae
Title: めばえ

Search URL Search Domain Scan URL

URL: https://sho.jp/youchien
Title: 幼稚園

Search URL Search Domain Scan URL

URL: https://sho.jp/nyujun
Title: 学習幼稚園

Search URL Search Domain Scan URL

URL: https://sho.jp/sho1/
Title: 小学一年生

Search URL Search Domain Scan URL

URL: https://kyoiku.sho.jp/
Title: みんなの教育技術

Search URL Search Domain Scan URL

URL: https://juniorbunko.jp/
Title: 小学館ジュニア文庫

Search URL Search Domain Scan URL

URL: https://sho.jp/sho8
Title: 小学８年生

Search URL Search Domain Scan URL

URL: https://hoiclue.jp/
Title: ほいくる

Search URL Search Domain Scan URL

URL: https://flowers.shogakukan.co.jp/
Title: flowers

Search URL Search Domain Scan URL

URL: https://petitcomic.com/
Title: プチコミック

Search URL Search Domain Scan URL

URL: https://cheese.shogakukan.co.jp/
Title: Cheese!

Search URL Search Domain Scan URL

URL: https://betsucomi.shogakukan.co.jp/
Title: ベツコミ

Search URL Search Domain Scan URL

URL: https://www.sho-comi.com/
Title: sho-comi

Search URL Search Domain Scan URL

URL: https://ciao.shogakukan.co.jp/
Title: ちゃお

Search URL Search Domain Scan URL

URL: https://bigcomicbros.net/
Title: ビッグコミック

Search URL Search Domain Scan URL

URL: https://bigcomicbros.net/magazine/bigoriginal/
Title: ビッグコミックオリジナル

Search URL Search Domain Scan URL

URL: https://bigcomicbros.net/magazine/bigsuperior/
Title: ビッグコミックスペリオール

Search URL Search Domain Scan URL

URL: https://bigcomicbros.net/magazine/spirits/
Title: ビッグコミックスピリッツ

Search URL Search Domain Scan URL

URL: https://bigcomicbros.net/magazine/spirits_m/
Title: 月刊スピリッツ

Search URL Search Domain Scan URL

URL: https://sundaygx.com/comics/
Title: サンデーGX

Search URL Search Domain Scan URL

URL: https://gekkansunday.net/
Title: ゲッサン

Search URL Search Domain Scan URL

URL: https://websunday.net/
Title: 週刊少年サンデー

Search URL Search Domain Scan URL

URL: https://corocoro.jp/
Title: コロコロコミック

Search URL Search Domain Scan URL

URL: https://www.sunday-webry.com/
Title: サンデーうぇぶり

Search URL Search Domain Scan URL

URL: https://yawaspi.com/
Title: やわらかスピリッツ

Search URL Search Domain Scan URL

URL: https://urasunday.com/
Title: 裏サンデー

Search URL Search Domain Scan URL

URL: https://manga-one.com/
Title: マンガワン

Search URL Search Domain Scan URL

URL: https://csbs.shogakukan.co.jp/
Title: 小学館eコミックストア

Search URL Search Domain Scan URL

URL: https://gravidia.jp/
Title: グラビディア

Search URL Search Domain Scan URL

URL: https://sabra.jp/
Title: sabra net

Search URL Search Domain Scan URL

URL: https://shinoyama.net/
Title: シノヤマネット

Search URL Search Domain Scan URL

URL: https://www.shogakukan.co.jp/
Title: 小学館

Search URL Search Domain Scan URL

URL: https://skygarden.shogakukan.co.jp/sol/magazines/
Title: 雑誌定期購読

Search URL Search Domain Scan URL

URL: https://www.shogakukan.co.jp/privacy_policy
Title: プライバシーポリシー／ソーシャルメディアポリシー

Search URL Search Domain Scan URL

URL: https://www.shogakukan.co.jp/picture
Title: 画像使用・著作権

Search URL Search Domain Scan URL

URL: https://www.shogakukan.co.jp/privacy_policy/cookie
Title: インフォマティブデータガイドライン

Search URL Search Domain Scan URL

URL: https://adpocket.shogakukan.co.jp/
Title: 広告掲載について

Search URL Search Domain Scan URL

URL: https://adpocket.shogakukan.co.jp/external-transmission/
Title: 利用者情報の外部送信について

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=intimatemerger_dmp&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=intimatemerger_dmp&google_cm=&google_tc= HTTP 302
https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEPV1eqJ7wEvK1rsCcxkYJ7c&google_cver=1

Request Chain 209

https://yjtag.yahoo.co.jp/csx?tp=wAiXPd0 HTTP 302
https://sync.im-apps.net/imid/redirect?gdpr=1&cid=8144&tid=yid&uidpfx=%26uid%3D&url=https%3A%2F%2Fyjtag.yahoo.co.jp%2Fcs%3Fbtt%3Dqj1o7lbvm98gL4TuZp7caQOJpSjXWwABdmp6UQDkTVc%26tp%3DwAiXPd0 HTTP 302
https://yjtag.yahoo.co.jp/cs?btt=qj1o7lbvm98gL4TuZp7caQOJpSjXWwABdmp6UQDkTVc&tp=wAiXPd0&uid=Yn_QnrngSOeY0KAU42Ac8A&gdpr=1

Request Chain 214

https://b1sync.zemanta.com/usersync/intimatemerger/?cb=https%3A%2F%2Fsync.im-apps.net%2Fimid%2Fset%3Fcid%3D1006749%26tid%3Dzid%26uid%3D__ZUID__&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://sync.im-apps.net/imid/set?cid=1006749&tid=zid&uid=&gdpr=0

Request Chain 216

https://8731124.fls.doubleclick.net/activityi;src=8731124;type=invmedia;cat=ufj070;ord=4886078669641;auiddc=2129863965.1703260157;u1=1010434;u2=0;gtm=45He3bt0v860142837;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fbusg18.pics%2F HTTP 302
https://8731124.fls.doubleclick.net/activityi;dc_pre=COLLhsWyo4MDFfzNOwIdZxUI2Q;src=8731124;type=invmedia;cat=ufj070;ord=4886078669641;auiddc=2129863965.1703260157;u1=1010434;u2=0;gtm=45He3bt0v860142837;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fbusg18.pics%2F

Request Chain 229

https://sync.dmp.fout.jp/serve/?id=3920&mt=47 HTTP 302
https://sync.im-apps.net/imid/set?cid=3947&tid=foid&uid=zvIY4YOg0wsBDmrHsOk1y4epvdI

Request Chain 230

https://sync.shinobi.jp/v2/sync/ne?r=https%3A%2F%2Fsync.im-apps.net%2Fimid%2Fset%3Fcid%3D10338%26tid%3Dsid%26uid%3D HTTP 302
https://sync.im-apps.net/imid/set?cid=10338&tid=sid&uid=3fe7bd62-08ac-48d9-a4d0-19d6e7311fdf

Request Chain 232

https://cr-p10000.ladsp.com/pid/10000 HTTP 302
https://cr-p10000.ladsp.com/cr/10000 HTTP 302
https://sync.im-apps.net/imid/set?cid=7064&tid=lid&uid=ATmd1AVg9VGnks8AED1M6Fx5480nEA

Request Chain 233

https://dpm.demdex.net/ibs:dpid=14701&dpuuid=Yn_QnrngSOeY0KAU42Ac8A HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=14701&dpuuid=Yn_QnrngSOeY0KAU42Ac8A

Request Chain 234

https://gum.criteo.com/sync?c=263&r=1&a=1&u=https%3A%2F%2Fsync.im-apps.net%2Fimid%2Fset%3Fcid%3D1000531%26tid%3Dgid%26uid%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=263&r=1&a=1&u=https%3A%2F%2Fsync.im-apps.net%2Fimid%2Fset%3Fcid%3D1000531%26tid%3Dgid%26uid%3D%40USERID%40 HTTP 302
https://sync.im-apps.net/imid/set?cid=1000531&tid=gid&uid=ZdaGBiyQJuFgQ4424FOv7Rm16n2roCy8

Request Chain 247

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD75IewVxCsAhj6ASgBMgjfpH9LCn1Gsg HTTP 301
https://tpc.googlesyndication.com/pimgad/15811652767643750783

Request Chain 265

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 292

https://mediaconsortium.tagger.opecloud.com/mediaconsortium/v2/pixel.gif?url=https%3A%2F%2Fbusg18.pics%2F&ref=&tref=&tz=-1&screen=1600x1200x24&dcRegion=eu-central-1&cmpstatus=notrequired&e=%5B%5D&fpid=7016bc7e-92f1-4411-ae5c-3d0b6dafad8d HTTP 302
https://mediaconsortium.tagger.opecloud.com/mediaconsortium/v2/pixel.gif?e=%5B%5D&tref=&url=https%3A%2F%2Fbusg18.pics%2F&tz=-1&trackability-redirect=true&ref=&fpid=7016bc7e-92f1-4411-ae5c-3d0b6dafad8d&screen=1600x1200x24&cmpstatus=notrequired&dcRegion=eu-central-1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-0ZE1On5Hy%2FpAQq88B77%2FlZ4FzxKMBMk%3D&source=mediaconsortium HTTP 302
https://tagger.opecloud.com/dbm/opecs.gif?state=2-0ZE1On5Hy%2FpAQq88B77%2FlZ4FzxKMBMk%3D&source=mediaconsortium&google_gid=CAESEMThPSGIkUTc7TVNH9VU6lQ&google_cver=1 HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Ftagger.opecloud.com%2Fappnexus%2Fpbfs.gif%3Fsource%3Dmediaconsortium%26state%3D2-MjHOLRntpVq%252BEKhqaNXNXGbnoTuipss%253D%26puid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftagger.opecloud.com%252Fappnexus%252Fpbfs.gif%253Fsource%253Dmediaconsortium%2526state%253D2-MjHOLRntpVq%25252BEKhqaNXNXGbnoTuipss%25253D%2526puid%253D%2524UID HTTP 302
https://tagger.opecloud.com/appnexus/pbfs.gif?source=mediaconsortium&state=2-MjHOLRntpVq%2BEKhqaNXNXGbnoTuipss%3D&puid=4150191517615403994

Request Chain 295

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENaGlonWGQQQ0OF95ABRtKg&google_cver=1&google_push=AXcoOmQxIMSpQjSGySVcAxf2V-7B1fOsj97O1KwwVqBSCODRuVnK1J9hncJNfkW9eErHPP4TYyLBHiYSVo5aVyl6cnHpQhEu5LHR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENaGlonWGQQQ0OF95ABRtKg&google_push=AXcoOmQxIMSpQjSGySVcAxf2V-7B1fOsj97O1KwwVqBSCODRuVnK1J9hncJNfkW9eErHPP4TYyLBHiYSVo5aVyl6cnHpQhEu5LHR

Request Chain 297

https://d5p.de17a.com/cookies/google?google_gid=CAESECga7mlZVK0AZOWDVi_BW7I&google_cver=1&google_push=AXcoOmTjNMPujfrG3SCfS-S-eowiW5V3QK7g97LBa09LAfm8gbhe_EKyFTSI6D3V_bb7F0GJ5W5L6WGwnCI2NErRnxyR3gEvnR5d7A HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESECga7mlZVK0AZOWDVi_BW7I&google_cver=1&google_push=AXcoOmTjNMPujfrG3SCfS-S-eowiW5V3QK7g97LBa09LAfm8gbhe_EKyFTSI6D3V_bb7F0GJ5W5L6WGwnCI2NErRnxyR3gEvnR5d7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTjNMPujfrG3SCfS-S-eowiW5V3QK7g97LBa09LAfm8gbhe_EKyFTSI6D3V_bb7F0GJ5W5L6WGwnCI2NErRnxyR3gEvnR5d7A

Request Chain 298

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOOETU5TfwNlk808rdME9Tk&google_cver=1&google_push=AXcoOmTLKlCK1KMMyQTgnb2oyPtwv4bSKZssx_s16g32SE0nIfYQliyYwVvFtagetiRjB6qQuO1KZqTbUgzQSkNY5BBuBi8YGwXPFg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOOETU5TfwNlk808rdME9Tk&google_cver=1&google_push=AXcoOmTLKlCK1KMMyQTgnb2oyPtwv4bSKZssx_s16g32SE0nIfYQliyYwVvFtagetiRjB6qQuO1KZqTbUgzQSkNY5BBuBi8YGwXPFg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM4MjA5NjUxNzE5NDY1NDA2Mg&google_push=AXcoOmTLKlCK1KMMyQTgnb2oyPtwv4bSKZssx_s16g32SE0nIfYQliyYwVvFtagetiRjB6qQuO1KZqTbUgzQSkNY5BBuBi8YGwXPFg

Request Chain 304

https://fw.adsafeprotected.com/rfw/st/766968/55786941/4.js?adContainerId=brand_safety__a-FZeicOsGc9u8Plf2XwAg&cbFunctionName=goog_wrapCb__a-FZeicOsGc9u8Plf2XwAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fbusg18.pics&adsafe_type=y&adsafe_url=https%3A%2F%2Fbusg18.pics%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:381b8d2f-8f34-056e-d310-bfa0299bbc60,c:xxQGkv,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-765c58974b-9dcnf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:h,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tZbs2Nc+11%7C12%7C13%7C14%7C15*.766968-55786941%7C151%7C152%7C161%7C17%7C18,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:14,oid:aa6addfe-a0e1-11ee-9b67-4eeb45e66e10,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety__a-FZeicOsGc9u8Plf2XwAg&cbFunctionName=goog_wrapCb__a-FZeicOsGc9u8Plf2XwAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js

Request Chain 356

https://jp-axia.m0mentum.net/clear/fraud/38?req=eyJpZCI6IjJlNjYwYWRlLWJkMmEtNDk5Mi1iOTUzLTM0NGUyYzQzYzdlYSIsImltcCI6W3siaWQiOiIxIiwidGFnaWQiOiJidXNnMTgucGljcyJ9XSwic2l0ZSI6eyJwYWdlIjoiaHR0cHM6Ly9idXNnMTgucGljcy8iLCJyZWYiOiIiLCJkb21haW4iOiIifSwiZGV2aWNlIjp7ImpzIjoxfSwiZXh0Ijp7Im1vbWVudHVtIjp7Imhlcm9uIjp7ImlkIjoiQ3BrVWNxbTQyTVcyekF6MlBFV2I2IiwibW9kZSI6MSwicmVxdWlyZSI6WzEsMiw0XSwicGFyYW1zIjoiZXlKMElqb3hOekF6TWpZd01UVTVOekkwTENKaVptNXpJanBiTUN3eExESXNNeXcwTERZc055dzVMREV3TERFeExERXpMREUwTERFMUxERTJMREUzTERFNExERTVMREl3TERJeExESXlMREl6TERJMExESTFMREkyTERJM0xESTRMREk1TERNd0xETXhMRE15TERNekxETTBMRE0yTERNM0xETTRMRE01TERRd0xEUXhMRFF5TERRM0xEVTVMRFl3TERZeVhTd2liMmNpT2lKaWRYTm5NVGd1Y0dsamN5SXNJbkJzZENJNklsZHBiak15SWl3aVptUndJam93TENKMGFYUnNaU0k2SXVtSmhPV0lodU9Cbi1PQm8tT0J0LU9DaXUtOGdlYWVuT2VKcWUtOGxlbUJ1T09Ba09PQml1T0JtZU9CbWVPQ2dlT0RyQzR1TGlJc0luZ2lPak14TlN3aWVTSTZNamt5TURjdU5EQTJNalVzSW5KbGRpSTZNVEE0TURFc0ltVjRJanA3SW5CeVlpSTZNQ3dpWlc1MklqcDdJbVp5SWpvd0xDSmtiblFpT2pBc0ltTmxiaUk2TUN3aWJHbHNJam93TENKc2FYSWlPakFzSW14cGJ5STZNQ3dpYkdsMUlqb3dMQ0p6YjJjaU9qRXNJbTUyZEhBaU9qQXNJbkprWXlJNk1Dd2lkbk4wSWpvd0xDSmhiRzl1WlNJNkxURXNJbTFsYlNJNk9Dd2liR053ZFhNaU9qUXNJbk5pZGlJNk1YMHNJblp3SWpwN0luWnNJam94TENKell5STZMVElzSW1sM0lqb3hOakF3TENKcGFDSTZNVEl3TUgwc0ltOXpJanA3SW5ac0lqb3hMQ0p6WXlJNkxUSXNJbWwzSWpveE5qQXdMQ0pwYUNJNk1USXdNSDBzSW5OeklqcDdJblpzSWpveExDSnpZeUk2TFRJc0ltbDNJam94TmpBd0xDSnBhQ0k2TVRJd01IMHNJblppSWpwN0ltOTJiQ0k2TVN3aWIzY2lPalkwTUN3aWIyZ2lPalUwTnk0eE56RTROelVzSW5aaUlqb3hMQ0p2WXlJNk1YMHNJblpoSWpwN0luQjJZU0k2TVN3aVpuQjJJam90TVgxOWZRLi4iLCJtZXRyaWNzIjozfX19fQ%3D%3D&dest=http%3A%2F%2Fjp.popin.cc%2Fpopin_discovery%2Fpbc HTTP 302
https://jp.popin.cc/popin_discovery/pbc?m0-response=XvxzDfxFQREIkFF2SsTuF89U4LP%2Fy57w3%2F43q%2BMmHZ6I9N34UWMjctrcdncdD94QB6qFr%2Bi6m3mG62HKJzeBqr6ZGWVVi3xVvhZ3pHQG228LUlke6tWq5W3BsD%2B2tW8spnQhRgJ9zT9yBzG1rbbAAvUsLnXPFdwSfAgat9q4eXCxrby%2BJVXueN3jlT57PCFVjegU7HSpweGwLD4dM%2BFi%2FQexJUpUtCDP%2F6PRbjnvvxY%3D

Request Chain 359

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39cf1568301488%26domain%3Dbusg18.pics%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbusg18.pics%252Ff3fb041952ea5e8%26relation%3Dparent.parent&container_width=300&height=550&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2Fbitekicom&locale=ja_JP&sdk=joey&show_facepile=true&small_header=false&tabs=timeline&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df39cf1568301488%2526domain%253Dbusg18.pics%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fbusg18.pics%25252Ff3fb041952ea5e8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D550%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fbitekicom%26locale%3Dja_JP%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300

373 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
busg18.pics/ 206 KB
45 KB 950ms
882ms Document
text/html 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 14cf2170d1d495baa7129989ef46fc9f16cc5b26ea6094e669b795fb38cb272c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83998381fe2cb746-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 15:49:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BubrcXGuEqr6McDU%2B4eGM7FeCfI%2F1Pt97JC1Okvduo1HO7MDqmN74j9jSYUoNL03NE5WClpF7a2IOcGNrDlwl8H1OgnWPoegUm2yqkIFTWYq0422QzSDvKRLZ8w%2FwLoc952OMkuyx9ueg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 148ms
23ms Script
application/javascript 3.160.196.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.196.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-196-58.mrs52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Sat, 16 Dec 2023 04:05:28 GMT
Content-Encoding: gzip
Via: 1.1 ee1201658f9d75389a77c4430657c174.cloudfront.net (CloudFront)
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MRS52-P6
Age: 560629
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=604800
Connection: keep-alive
X-Amz-Cf-Id: gQ6DMhdu_Fopp3Ib23Dar6zwq68kbQmvSxWZvjkA_mLF72wkAIqMdw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 300ms
175ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

857d59431e878b847a1f87eec2b36cce3cf2269ca3bb61aa264a5173b71f3b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29090
x-xss-protection: 0
server: cafe
etag: 562 / 19713 / 31080056 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 15:49:16 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.2/ 94 KB
33 KB 174ms
51ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 14:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 352082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33495
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 14:01:14 GMT

GET
H2 200 autoptimize_284a8605b4a44aad6ba9102f33541bc2.css
busg18.pics/wp-content/cache/autoptimize/css/ 277 KB
56 KB 34ms
33ms Stylesheet
text/css 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://busg18.pics/wp-content/cache/autoptimize/css/autoptimize_284a8605b4a44aad6ba9102f33541bc2.css
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdbadb5bb46844a087e6dd74a083358c26072d15af0eb3620dc64f8796580ae7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 15:59:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4352
etag: W/"65830f62-45274"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEJ1wn%2FOdaVfrSsY4tN5L1m4ghiQSGbLlkKwhv73wuv%2BThQr6VbRpLKlenI%2F1vDODsnj0mAUK6BI819vLiiBA%2FQbc1zdTNimq%2F41ZdA%2BDipwrX3roE5P05hnST4dw53jUgy7mq6z92f9pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 839983877cccb746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
73 KB 189ms
67ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TS2HF4S

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f76bdec2944a1de8d70e1d461e503ae7485212a9f08282971947dfe5d5bfe6bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74837
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Dec 2023 15:49:16 GMT

GET
H2 200 v1 Show response
mediaconsortium.profiles.tagger.opecloud.com/api/ 92 B
258 B 36ms
10ms Fetch
application/json 35.156.87.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mediaconsortium.profiles.tagger.opecloud.com/api/v1?url=https%3A%2F%2Fbusg18.pics%2F
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.87.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-87-94.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2cca9d8b8d0efe6122716b9e702f932f4aed7fc4a8bdc5e20160165f10a6bbce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

access-control-allow-origin: https://busg18.pics
date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: gzip
access-control-allow-credentials: true
cache-control: no-cache
content-type: application/json

GET
H2 200 a3_lazy_load.min_ver=1693875515.css
busg18.pics/wp-content/uploads/sass/ 127 B
402 B 52ms
52ms Stylesheet
text/css 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://busg18.pics/wp-content/uploads/sass/a3_lazy_load.min_ver=1693875515.css
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Dec 2023 15:50:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4352
etag: W/"65830d46-7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lc%2Fd3Hd71gIT248LIqmnm7vKVaiAk3ONRdX5lXyCVRmBtmxtSsGuchv3yNlEI4cUWlLFGOpBkEPnW1eW3GYOxm14VsxCOIpG4Jjo7bCtQXbtLXJSIY%2FaafbmrQM0Ka3qSm4oZMoL29VbCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 839983879cf1b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 238 KB
86 KB 70ms
14ms Script
application/x-javascript 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7a908be48760513ceb838d427f2fa1a4265818f542ef055df69045413c141eb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 12:50:34 GMT
etag: "17-YF4NEwPhpcBtYuB59xWNyCGnEfY"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: d0816c4cc3e57bd16dd319ce9d5eae13
timing-allow-origin: *, *
content-length: 87947
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 Rtoaster.js Show response
js.rtoaster.jp/ 9 KB
5 KB 143ms
37ms Script
text/javascript 23.56.200.105
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.rtoaster.jp/Rtoaster.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.200.105 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-200-105.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6762615804eea62d385bab7695e0fdeed7c4f66c3fd966798a7f72dd6866bef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: gzip
last-modified: Sun, 04 Sep 2022 15:00:00 GMT
server: AkamaiNetStorage
etag: "20b81cf80603a24566c05a489813d436:1662343342.35877"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 4454
expires: Fri, 29 Dec 2023 15:49:16 GMT

GET
H2 200 headerblock_sitetitle.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 10 KB
5 KB 26ms
26ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/headerblock_sitetitle.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c597de1c4070ed28335c59446dc74505db23ce4562aea12658574f546cd28b63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4352
etag: W/"59baaebc-27be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juzST%2FSCgujUvsCha11u9lNo1qhc1uskiDKTS5cyDQ6pSDjPKAdnfCIFOpxzacgngfrSmDPjjuznlHNHjJl8c8rcjXVrMVM%2F%2BTH6fRD8ILGTQKWKSRin5bbBTD4NCg9NxnlodaJR2J7ehg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983879cf3b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 headerblock_share_fb.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 225 KB
170 KB 31ms
31ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/headerblock_share_fb.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8718f6c17f9086915b83c9ea9698019933c5f2b5c822ebea617d559e1226fcb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:41:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: W/"651a6616-38419"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2Ibkamjfyl69zPVskR670pwAw4uSLQjbesMyOmQt9mBCZyByTbiUrlDiT2wlM7Jfpqb%2BjEcnuKtkTaMC7aU3qeh7j%2Fp6QFgS9o6D4fQtjx%2FPQH7PJa25z78QVi6B5Z6r6BJ%2BXwQc%2BM27w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983879cf5b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 headerblock_share_x.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 36 KB
27 KB 28ms
28ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/headerblock_share_x.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36759233b192884067f6619e13bbe55b67201f76bb69017dd154238c52113a8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:41:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: W/"651a6616-8eaf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AqZiKKSw6G6NtYud9yB7tz8JR1VR6nI%2FOf%2FXe3qXqRX%2BFqYhvnw77KPt%2Bgccb1uEJER4Aef9DejZ9jlcmdBwBnEy1D17hUYGaeT0RlEFHjuqptGpUiFJqK79hkNJM1j8epT99vw1MtCzag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 83998387cd31b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 headerblock_share_insta.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 2 KB
1 KB 27ms
26ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/headerblock_share_insta.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a036f8197b3856b02d1e236e08dd1b50a4ed68cb148686beb274eabf29794d51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:41:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: W/"651a6616-6df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXDOxDLbaR0d7wk%2FPJcZwO5%2FjadhmufZrYlrFy76ggGyWBZrkzG9U0fwhqQoH5rheOQr%2B7lHdsj%2BGmpRI%2BCJr0U2dPqnZoMSBgTEFnyqwpOgZ%2Fl8MNuv8XDHPccTyxt6m04cpKQKZ%2FBvRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 83998387fd68b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 headerblock_share_youtube.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 368 KB
278 KB 65ms
53ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/headerblock_share_youtube.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd0437a3883993db9061230fb8db5fb02ec498fab35810ada384063489bb983

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:41:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: W/"651a6616-5c163"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LnFtSkQUkKtlQgfemWSN6AiTyktItmizr7Klry5TP6XrigBuxlEIh94u18E47kb9V53RXDlmkwnJoM6wrUev3nIHb%2FHKc0gaEYQmNNvEf%2BfJkjStbVXLZyG%2BXmUi%2F9s9HXLCEOEfvS6VCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983880d8ab746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 headerblock_share_line.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 46 KB
34 KB 38ms
26ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/headerblock_share_line.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 574c7c673557a21bbdf72ffb0a1fc52b74fe269eac8b3222cbcdc792727d1c7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:41:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: W/"651a6616-b655"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPO1%2FeZlBs8FdVk3LSDizLLL13KCWurtF5gMOmwwSBw%2FX2maXCq21nSNw51B67lVHyzBVQiwuh4Km8z1vKaNtdGnJEBc%2BHH9ta%2FkNQ%2B3%2B%2FwopcMaewGwc%2F3T87wLzCkBj7ZwRZ6DiFFozQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983880d8cb746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo_HEN.png
busg18.pics/wp-content/themes/biteki_new/common/images/ 2 KB
3 KB 64ms
52ms Image
image/png 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/images/logo_HEN.png
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55103ba9e62bca5ed116d5541f7faeac4f4f2ccfa5f70854b4d0a3aef449f7f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Mon, 22 May 2023 01:16:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: "646ac263-9c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBwA6UWONGMpS2ggKZUL24Ew9DZ8dL%2FH9DYKkU77Jstk4uoW6X1hshrbesHzEVUFGU514GtIUA2W5Gs3gSW2HcCfvfDrQ8FqwDP6mLtRRQ2xU1xvxX2RdOsd5kWXf3un4X0MPHRtpmIiSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983880d8fb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2504

GET
H2 200 logo_grand.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 10 KB
4 KB 67ms
55ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/logo_grand.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7a239dd7b491f522d3a67d5f39526122e397bb1a09ec999f6fb9fbd510200d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Oct 2021 09:25:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: W/"61694902-260c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDrpcy9NnWnylqdDSCZ1z2q34SqIwrFIeoleqYLZcmdjqs9KwYYb%2BRNrB%2Bq7HT5PQ7blxDZvMV%2Fp%2FQ1txrSZzvnFjR049gLsxCC1fisNH06UD8KnwQMU8jMKU7A5M%2BDeVmxnEQRei5egbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983880d90b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 17314eb9b2fbb5add621d401dd5a5131.jpg
www.biteki.com/wp-content/uploads/2021/05/ 165 KB
165 KB 1380ms
770ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2021/05/17314eb9b2fbb5add621d401dd5a5131.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

e0b55e23cb80e1794ca1f3c217319cef76efe837fe66d806feb58900628a7f30

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4419
x-cache: HIT
x-ua-device
content-length: 168607
last-modified: Fri, 29 Sep 2023 06:00:20 GMT
server: nginx/1.16.0
etag: "2929f-6067923b2e500"
vary
x-varnish: 146678209 138108594, 196158396
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: MISS
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:16 GMT

GET
H2 200 22872197_m1200.jpg
busg18.pics/wp-content/uploads/2022/05/ 158 KB
159 KB 55ms
44ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2022/05/22872197_m1200.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d643d52e0041252f1f9f1f6eae3c425e548bf06dea62368ec9d92c034d13a29d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Mon, 09 May 2022 03:42:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: "62788d98-27927"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rttb8sXo6Po6ySnY%2BBt%2FN8nmokvfRAlc8ig2IbeAHVhAIEbgyx046%2Flwy3dWEWZy6BC4Di2ja44j5yHETGkDzY2UjfqPY72zAwm44S6vmuEtVzh9GIEDFLvpUR7DV8F4fiCJ1P1Lnv8vdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983880d92b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 162087

GET
H2 200 salad2.jpg
www.biteki.com/wp-content/uploads/2017/06/ 219 KB
220 KB 1124ms
514ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2017/06/salad2.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

cfaade2e51036012dade62854cf3902385b5dc9637a9071f177a7c1fbe515fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4287
x-cache: HIT
x-ua-device
content-length: 224173
last-modified: Tue, 06 Jun 2017 09:01:36 GMT
server: nginx/1.16.0
etag: "36bad-55146dde6bc00"
vary
x-varnish: 143050849 146480713, 194757883
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: MISS
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:16 GMT

GET
H2 200 KD_0311_213005-1.jpg
www.biteki.com/wp-content/uploads/2019/05/ 190 KB
190 KB 1382ms
773ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2019/05/KD_0311_213005-1.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

f6fc4c6ed9a5e2f05c7f1c964154067183e5a331da7f3cf2eb0fd51b7ee5a840

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4287
x-cache: HIT
x-ua-device
content-length: 194059
last-modified: Wed, 08 May 2019 07:27:49 GMT
server: nginx/1.16.0
etag: "2f60b-5885b45509706"
vary
x-varnish: 139027264 146283293, 194950458
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: MISS
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 0615mukumi008.jpg
www.biteki.com/wp-content/uploads/2016/08/ 92 KB
93 KB 1380ms
771ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2016/08/0615mukumi008.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

bba8380e9b0cabca5ed90402103684fb6272f2bb7b5c0e0362fd5753150bd593

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4287
x-cache: HIT
x-ua-device
content-length: 94673
last-modified: Mon, 15 Aug 2016 03:16:50 GMT
server: nginx/1.16.0
etag: "171d1-53a13a9bbcc80"
vary
x-varnish: 146678211 145860446, 190889418
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: MISS
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:16 GMT

GET
H2 200 p251-4.jpg
www.biteki.com/wp-content/uploads/2019/10/ 278 KB
279 KB 1303ms
775ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2019/10/p251-4.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

fb53cc70b7307e71f368746f86cc2cd1e4b73f2328e0f9f2fc2f9cea3858dc27

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4285
x-cache: HIT
x-ua-device
content-length: 285020
last-modified: Tue, 15 Oct 2019 06:57:06 GMT
server: nginx/1.16.0
etag: "4595c-594ed7e0cc369"
vary
x-varnish: 140762840 143834418, 186023632
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: MISS
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 18ca1fc571c8fa0bf5da8c835146401a.jpg
www.biteki.com/wp-content/uploads/2018/10/ 169 KB
169 KB 1291ms
771ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2018/10/18ca1fc571c8fa0bf5da8c835146401a.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

c836432ab919173c4750f31bf195edd4a772356f1d50159b1b07186ee99872e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4285
x-cache: HIT
x-ua-device
content-length: 172863
last-modified: Tue, 09 Oct 2018 04:15:30 GMT
server: nginx/1.16.0
etag: "2a33f-577c3fcfbd82a"
vary
x-varnish: 145142784 139881347, 196257154
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: MISS
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:16 GMT

GET
H2 200 IMG_20180321_185211_123-640x640.jpg
www.biteki.com/wp-content/uploads/2018/03/ 54 KB
55 KB 757ms
756ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2018/03/IMG_20180321_185211_123-640x640.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

87ad360f3706d8777c59a9bebbec561ccaa49298069d1ff3b8d4abb5c99eee88

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4285
x-cache: HIT
x-ua-device
content-length: 55620
last-modified: Wed, 21 Mar 2018 10:39:41 GMT
server: nginx/1.16.0
etag: "d944-567e9cef8b540"
vary
x-varnish: 134444033 147458239, 194757893
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: MISS
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 ienomi_06.png
www.biteki.com/wp-content/uploads/2016/05/ 48 KB
48 KB 756ms
755ms Image
image/png 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2016/05/ienomi_06.png

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

8cad7f252c813ed1428e5fa15429c81e55aaa298e3ca510d990f596048488f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4285
x-cache: HIT
x-ua-device
content-length: 48928
last-modified: Mon, 23 May 2016 04:25:21 GMT
server: nginx/1.16.0
etag: "bf20-5337ad425f1f2"
vary
x-varnish: 143709537 147230108, 191063123
content-type: image/png
cache-control: max-age=86400
x-cache-varnish: MISS
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 20230331_095954.jpg
www.biteki.com/wp-content/uploads/2023/03/ 149 KB
149 KB 757ms
757ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2023/03/20230331_095954.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

ee28c275c7e37d13e7a634606b4a5254eb6410f83ddc7557a71ad8aae4166dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4285
x-cache: HIT
x-ua-device
content-length: 152389
last-modified: Fri, 31 Mar 2023 11:03:38 GMT
server: nginx/1.16.0
etag: "25345-5f83029441680"
vary
x-varnish: 146678224 147458242, 193569831
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: MISS
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 P12-20210723_150757.jpg
www.biteki.com/wp-content/uploads/2021/11/ 62 KB
63 KB 756ms
756ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2021/11/P12-20210723_150757.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

f0f7b6172cab2a378adef009b049766d0fa0db2561cc4b4324acc85de2b98775

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4285
x-cache: HIT
x-ua-device
content-length: 63760
last-modified: Fri, 05 Nov 2021 06:26:16 GMT
server: nginx/1.16.0
etag: "f910-5d004b86ab200"
vary
x-varnish: 146155555 139517401, 196257168
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: MISS
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 20210816_161758-640x423.jpg
www.biteki.com/wp-content/uploads/2021/09/ 71 KB
72 KB 757ms
756ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2021/09/20210816_161758-640x423.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

e479148095f938f496e99aa84e05a9186b65f6b00b0e0544ee922c712d26bd02

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4285
x-cache: HIT
x-ua-device
content-length: 72860
last-modified: Fri, 03 Sep 2021 07:24:42 GMT
server: nginx/1.16.0
etag: "11c9c-5cb12316f1f02"
vary
x-varnish: 140762838 147326663, 196158403
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: MISS
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 momo1200.jpg
www.biteki.com/wp-content/uploads/2022/06/ 81 KB
82 KB 755ms
755ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2022/06/momo1200.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

862af3117cb03c6ebfec2cc73197d45df959cc72da7f598d99b76ea6686c6707

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4285
x-cache: HIT
x-ua-device
content-length: 83110
last-modified: Wed, 15 Jun 2022 09:12:56 GMT
server: nginx/1.16.0
etag: "144a6-5e178ed3bd600"
vary
x-varnish: 146643818 139881354, 193115628
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: MISS
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 20230630_070411.jpg
www.biteki.com/wp-content/uploads/2023/06/ 169 KB
170 KB 756ms
755ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2023/06/20230630_070411.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

440e6d0ff9c040230998aad83f230b5258d034b6a2cd795b149fd1a420010c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4285
x-cache: HIT
x-ua-device
content-length: 173109
last-modified: Fri, 30 Jun 2023 00:31:00 GMT
server: nginx/1.16.0
etag: "2a435-5ff4dee5a1900"
vary
x-varnish: 143078642 147034723, 190699340
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: MISS
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 IMG_20200712_112034_118-640x640.jpg
www.biteki.com/wp-content/uploads/2020/07/ 101 KB
102 KB 755ms
755ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2020/07/IMG_20200712_112034_118-640x640.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

eaae1919111e3fe063cb3fa468ca1bf9b2e1d137f164650376b1306830126845

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4285
x-cache: HIT
x-ua-device
content-length: 103596
last-modified: Fri, 17 Jul 2020 22:12:31 GMT
server: nginx/1.16.0
etag: "194ac-5aaaa7409631f"
vary
x-varnish: 140762842 145860457, 192124577
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: MISS
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 icon_share_fb.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 524 B
711 B 61ms
52ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/icon_share_fb.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d734644882bedf4c9e487f729c71bf7fac5b35aa852a070a381a5c3a4ac99362

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: W/"59baaebc-20c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3IW7dN%2BL%2B9ZqDRJOzr%2FdopRd14Bu1tF62SAXYY%2Bqxpb70Ebwls46SmX356TTF%2BMM7LzuI%2BVQgE03FX0iwWDFEzt0sqdC0aUAXu1IY8lCRL3SjSVXbF8zU%2BkQDoPSkq8zpsEd%2FGRM3DyBQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983880d94b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 icon_share_pin.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 5 KB
3 KB 66ms
57ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/icon_share_pin.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e27ff91bcae1941300d33d81a64ef9b14fed989e0d0f03928c23ef6951cff3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:41:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4509
etag: W/"651a6616-145c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0t9fDblkEIWRil5T29mvtfMesQ3%2B1ZGvs2chtKe4viAj8J1d1zzFn%2BHGM2A12UsSIBqiLs7UfgtwXbCxtxrOt3c6PuXhNrchsyFFtWvW4I3dr3n0RiPRo8Enroi7T40qls3xGU8s%2BbAsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983880d96b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 icon_share_x.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 4 KB
2 KB 62ms
53ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/icon_share_x.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4bfccc1f5b7e9b8710bd33e37d7956061c2e86defe4db7d6af704d0e2cae66c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:41:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: W/"651a6616-1006"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0ciPR5sm%2B1FtcZaACjrfkiemEIs1DFYiNDiHumw9akUu3Unudn89ICmsZmjvS01mGqGm3o4RiJBRfciOezus%2FJjrCS4nul9sN%2BNodHFFaisnFanFQjw1%2FPftdUHbTqctFgl9LKfTstvsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983880d99b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 20231214_133221A-212x212.jpg
busg18.pics/wp-content/uploads/2023/12/ 16 KB
16 KB 63ms
54ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/12/20231214_133221A-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06867aead8e41350238771123050e58744efd7abb7c3a4a9fd82fe76d86c2eae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 08:43:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: "657c11a7-3efa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lcj4hc1uQ5d8aUirsWcRUcdT1%2FY%2FhG41qE6n3%2FZZvLhOmAEbrYpcPRCFFSgRqHfDCsfXELuq19BfVqtAA3fNGsDyj432chnzdjI5TSCtltAE2jClrpQC6h35IY0rs8tzND76zWKseovMDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983880d9bb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16122

GET
H2 200 20231207_114951a-212x212.jpg
busg18.pics/wp-content/uploads/2023/12/ 18 KB
18 KB 62ms
52ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/12/20231207_114951a-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45694fd50133588b46fda942deff2e3dac1515a779ae3b9ea51e713261276a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Fri, 08 Dec 2023 07:27:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: "6572c54d-462a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2Bnq2NuFujmIatXZc8rUplK7aRRYvE2vKMGWsusQ8oCF7MRxZLOok4hc%2BaiccP7ysru%2Bk1Div6FlViuG1mFz9387Z6%2B3L1Vw7kx0BtRHqydfU5n1Py4QgVsIczIm%2BAmnUJZtUZKLmTEj0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881da3b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17962

GET
H2 200 asa_tabeu_s-212x212.jpg
busg18.pics/wp-content/uploads/2022/06/ 14 KB
14 KB 62ms
53ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2022/06/asa_tabeu_s-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b58e06c5e41ed53e9f60c8546cb2db7a2b70f8fa3a5d35bba72d46a0bc803585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Sun, 29 Oct 2023 13:21:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: "653e5c3c-37cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66Mxbi2OxGlXPWR8zaSplMa5LwISANu9HUKh9CuL95kzUYVMwvOphDZfl8oduVA5yPPWVyZ3yx8WNfIqQ%2FuyThEpUbh%2FC39qYThnH%2FfcBsmWhld7qBp0ZFHvby1kwXBRbcITlDrXkilCfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881da4b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14287

GET
H2 200 20231130_161149A-212x212.jpg
busg18.pics/wp-content/uploads/2023/12/ 15 KB
15 KB 62ms
54ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/12/20231130_161149A-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 893834ff65d7db34a75a260f2f1da8c085ce6d36c8d98da496c469d049b9e28d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 07:02:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: "656984ed-3c5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSSwDelEKNmVMxBs05dXd7deIlMJEITB6BK0iAYVH7Z6PXHzJRHExsEgpRM8jnkazejAT4A%2Fu52SDiQK7%2BHX4D8dC3ZEZvBA%2Fwx7cJ0FoFBPWNTvxZ4gW41zmIE%2F9G1VeTL%2FGeP9xJYR2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881da5b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15452

GET
H2 200 ASC00826-e1701060504323-212x212.jpeg
busg18.pics/wp-content/uploads/2023/11/ 7 KB
8 KB 63ms
55ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/11/ASC00826-e1701060504323-212x212.jpeg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b739055f6057976eaacea3b549aefc92d690f09e2274e08ec9827687b0582a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 04:48:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: "65641f98-1df6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aunaS%2F4vyNWmESIvLA36SwaDZu7xdbDSV930Lmtw%2FGF81dwuNTeM2Wc9hZcj%2FKOjO4qenW85nUbKXGVbChuL6Tbd7B5Qw4uf2m3xi2wNPuQvuw4DzUT%2BOEgkTWOR9POyjAJ3szlxPYEQdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881da9b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 7670

GET
H2 200 d4d938099892b3d472dea6062746fc17-212x212.png
busg18.pics/wp-content/uploads/2021/06/ 35 KB
36 KB 63ms
55ms Image
image/png 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2021/06/d4d938099892b3d472dea6062746fc17-212x212.png
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cfc3fb62b5c1f39ba7097d4fcfe8bd7925f49ae1f5fd3ff18460ba96dfdc36b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Oct 2023 22:51:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: "65418504-8ca6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJ0Sv8d88NJOkhmHyeDdsF%2FthaWmLkxeS9OOqrJk6PZKL1WCrsk5FLe0g2QFEjTe5vVu1YDdLLssFUVZ7lo2LAWKsOWGQYg6BA8ZaSsN8jBgPAeeNMMEMmHVuWlzbQtPgIuoY3qHFFAVpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dacb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 36006

GET
H2 200 20231124_132024A-212x212.jpg
busg18.pics/wp-content/uploads/2023/11/ 14 KB
14 KB 64ms
56ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/11/20231124_132024A-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 989966489898beacacfda2e722f2b42b62da451d085f5b4f53953efe9ffa4b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Fri, 24 Nov 2023 06:18:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4351
etag: "65604044-373d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TE15k%2FNqG4mXfJniKwfGpha%2BWq3gnxv2TSsnpCGMPDXQGMVNFGSv1GYwQFX5xtHH0UqNuGE7IrEVpOtuJMgNERlyxZw6gwvbfsQoTB%2F%2FW10PL7T2PeUyJKw%2BBkn2dIVCDIxX1A%2BxbpsHnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881daeb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14141

GET
H2 200 20231111_152056a-212x212.jpg
busg18.pics/wp-content/uploads/2023/11/ 14 KB
15 KB 64ms
56ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/11/20231111_152056a-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6813d8da1b5605d6628bc926ab3a75e591da18d78d0dfe6d578694575ea72bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Fri, 17 Nov 2023 07:47:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4349
etag: "65571a78-3923"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qN7cK3m%2Fn9qEaa9ExZlFA6CS35u6GiYv23CkORA5xW%2FJcUzVmZK3kQDhXXxLvlNcehbiipD3qXSs27q%2BXfCPHfq0bOtadbdml%2Fpb6ZiojP%2FeOZocX75pAsROwy5DJlGOq3OgV95sPjax7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dafb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14627

GET
H2 200 202310p112-ai-212x212.jpg
busg18.pics/wp-content/uploads/2023/10/ 16 KB
16 KB 64ms
56ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/10/202310p112-ai-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36f4117ec06428e33e74e26d3742c6bde800df3c44cd4f7ba5e472d0c27c2d2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Tue, 31 Oct 2023 05:15:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4349
etag: "65408d7f-4021"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P0gWS%2FaFVAC0ugp3R8qeXyP5E34qafHgiYn9xJp%2BhHp4F2jDhDxO2VdtokTq%2Fan75SprvjDPflyo3CO7%2BH91%2B0m2%2FTHybYB8hth5nnsWdmt3ydIBnAfKNPdWpLXYK1WNEzSoLQhV%2FA%2FEfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881db1b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16417

GET
H2 200 f5a2d39c60e2ec4cf8125e864d990cb2-212x212.jpg
busg18.pics/wp-content/uploads/2023/11/ 8 KB
8 KB 65ms
57ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/11/f5a2d39c60e2ec4cf8125e864d990cb2-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39942d619ba4090592014ee704137d40edc691e1b8e5f51a49a14d44056309ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 04:02:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4349
etag: "654470bf-1e0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReXb6zF%2BEAE7IbAaNu4Y5I9bHrCRpy7FxKmh5%2FVGiizdSNoHGH1r0h505eiaFeOBn8w0g2n%2Bz1NR5Ht5cimXdzDil1Z8CxTH0f06AbKwrgZ3eFq9y91ozS0rSJJDNpOAhDCq77L60a7eVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881db2b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 7692

GET
H2 200 20231027_165054A-212x212.jpg
busg18.pics/wp-content/uploads/2023/10/ 14 KB
14 KB 65ms
58ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/10/20231027_165054A-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b2c367d7b923b48ab5f7998e5d8f04e2ce84f7c5adfb74d710349e998fa788f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 09:14:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4349
etag: "653b7f5f-3669"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYzSOhhQdcNazUS%2FF25SbBBSbmUdYUuPajIfad3qHw%2FH4%2FwCTF5N0pBOKuQ7OIhPsMCjUqr0hLQNLn6Lx9TPoAj1z03glvasWawXQc9SY2Uav9wBvh3cTOqBB4f4HvPptfytKRTqXTu6PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881db4b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13929

GET
H2 200 soup_s-212x212.jpg
busg18.pics/wp-content/uploads/2023/10/ 15 KB
15 KB 67ms
60ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/10/soup_s-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c71664c460219c64e8be6fb0f9e96f687708a88afe18ef961a75b6e85cd6f159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Oct 2023 04:10:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "6538953c-3b92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f63njzIaTmeBCBx3WiQ3j8zUHsQ7f2T0nqk4R%2BxTcb%2BA8oJYj3wVfFqXWVEfEye0Ki44JwERRAMr2hD3vjjj0%2BD1mzo0aQ88p88iK3nomJmHXBcgfOV1zhrQRLEzfwsQJZ8sBLfegGG4pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881db8b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15250

GET
H2 200 a11b4bb3ba448d1fa402ac3dc62cc91f-2-212x212.jpg
busg18.pics/wp-content/uploads/2023/10/ 15 KB
15 KB 67ms
60ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/10/a11b4bb3ba448d1fa402ac3dc62cc91f-2-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0728494318054fd0ea0de53eae7590ab956be3d94808db3780d66df6a3d9cba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Fri, 20 Oct 2023 11:12:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "653260b4-3a7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHYIOEFGYrY2y2DYszHvyIl9bekI61WQ8O%2BfrEtrmU%2Fq9izByeNUjN5k51HzKH4akaJLId8D0FdJLqeihiGgAp4on%2FV3C1%2FJcJr75liOktJ%2F%2B0qrWlbHKoWHoUzXrkEVNMUds4CzvPTYvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dbab746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14971

GET
H2 200 20231020_123435A-1-212x212.jpg
busg18.pics/wp-content/uploads/2023/10/ 15 KB
15 KB 69ms
62ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/10/20231020_123435A-1-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1b2914106fd3444f7456ac541b27499e162fe74fab6c53fee81d827d862590

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Fri, 20 Oct 2023 11:01:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "65325df2-3a11"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cV%2FUHeSSPjGY1IakQKr5jwrxLhN3zQd221gOgs%2FP9grOH2IcEZKSedwvwfUWISYV%2B%2BU0%2BNKSKOl6eI3QWLlJ3U2fi6CkUJcgcN51JB0%2BZFo6gnRvAXV1u3nfsmBZ0zb5jHVbfbWex9UvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dbdb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14865

GET
H2 200 be8028e3046fb0cd9ff7c5aaf447a23f-212x212.jpg
busg18.pics/wp-content/uploads/2022/07/ 16 KB
17 KB 68ms
61ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2022/07/be8028e3046fb0cd9ff7c5aaf447a23f-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12c6f9e9783b58c70f585afbddee6744e66121ee2afd26f70d8327cb89b29475

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Mon, 10 Jul 2023 05:29:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "64ab9733-4162"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUGGJ9ygFEnptphNXUxj83Tp9OtHp36UD9Wq34k43idvWVFDmlhnQTXulPZiDtU9fHOpd%2FNM727%2B6v823QjbpjZPYhLeFvdTfL0EKW%2Byu11AsfbkBV%2BqC0VvVUIIPgVU%2FYM0ZE3jWajNig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dbfb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16738

GET
H2 200 edabec2b8a3f008363879f6aa4dab4b3-212x212.jpg
busg18.pics/wp-content/uploads/2019/05/ 15 KB
15 KB 68ms
62ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2019/05/edabec2b8a3f008363879f6aa4dab4b3-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dd1f7a1ac0c10bdeb360530b49e35018425a095c02fed750ed38e2bf7e0a1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Wed, 05 Jul 2023 07:30:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "64a51c30-3c69"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2B1A6NrxE%2FtaFjQsB28oZiaqJH%2FB8EO2oJj36rVGXQr0DlqjqMNaHO%2B4FR8PDA%2B0L5y9AgBmq5JpWrBuO3myAJnyRtubPp9K34wOC1lGFd8pJSgt9uBC9ItGXQzw9zNRAvMQDY2MMlSZew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dc1b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15465

GET
H2 200 a1bb44d311bec9a7f6d394d0eafaceac-212x212.jpg
busg18.pics/wp-content/uploads/2021/05/ 17 KB
17 KB 89ms
82ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2021/05/a1bb44d311bec9a7f6d394d0eafaceac-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 543ba64a156a86c66b11aa72b57d93c12a366c69c9e5a3224f4dd2f10ac86693

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Jul 2023 03:38:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "64ae2020-43ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iXTj673rSS9ZtHnqmVK6MC1xb9ljFjnX4EpZse70OiashYoG4qvS3dGJ8vOIOMKdst43KWdIU72O2uEMhXetmLW%2BkdkMFzdXScRbvNgO3Eo5OdAlaLkYSMmKAxU4As%2B4ZB6Wk3sElnnaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dc3b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17358

GET
H2 200 20231013_080612A-212x212.jpg
busg18.pics/wp-content/uploads/2023/10/ 14 KB
14 KB 87ms
81ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/10/20231013_080612A-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa2fcfae52e3a7f4aaf1fc678c27525dedfa37cbe4a965e2092e5cc551acd60c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Fri, 13 Oct 2023 03:55:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "6528bfcd-3797"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnUH8bN3ElOvsZ9XGk0WzmsfNBXhQssAadY4MFShV5SQDW15i3ncPnT3eQGwFO6yaGUKxJMwcnOWKxtG9vyMaHO5gaY5ZGXhPIgJk3G1RCbiMyQs2az0NZqrsMYSP8tb0edpLtj%2FheUaEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dc5b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14231

GET
H2 200 573aec88286a9d1ad37aefa40ef91e0c-212x212.jpg
busg18.pics/wp-content/uploads/2019/07/ 13 KB
14 KB 67ms
61ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2019/07/573aec88286a9d1ad37aefa40ef91e0c-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31ced9b50ff25c4ae796774e03cf5326848407fb752a6044e6d33ff3e0f80d81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 08:44:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "64ad165f-3520"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kzBaF7H2lQ5EEl%2BUHpXhRVdQ%2FBAeceyl1dWNz%2FepJ%2B8Apu50e0jNm1exphGk0k1nhEdUzd3di%2BqnGFvtHD%2FMJGRtqsKBMl10QGcCmPYcIv8T3BWAJtY4B3fQP2jfPVPhUCbVJdW%2BHgVc8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dc7b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13600

GET
H2 200 a7177934e58b3c17323a5bae0af62d00-212x212.jpg
www.biteki.com/wp-content/uploads/2022/02/ 12 KB
12 KB 753ms
753ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2022/02/a7177934e58b3c17323a5bae0af62d00-212x212.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

20db0593fd9d1552da649567325c7e112816430e41559f32dd5804bd961b37c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4283
x-cache: HIT
x-ua-device
content-length: 12270
last-modified: Tue, 11 Jul 2023 03:30:26 GMT
server: nginx/1.16.0
etag: "2fee-6002db84f5880"
vary
x-varnish: 146744508 147458249, 190758340 190217070
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: HIT
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 sideblock_backnumber_title.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 2 KB
1 KB 87ms
80ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/sideblock_backnumber_title.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf685167a42df61d9b650a2a2dfc829ac3bcd647a83ad54504b301ecf10d1ebc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: W/"59baaebc-909"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BfcVuC95zYb9n5FYhsWvTMRAtUu%2F3ju96EBP9BOGM3EopxDeU%2FrfYH2A%2BneWbcOWnvWgzCSvnR96YZKBpOj09ihyZc6U5u9qjAQ3rNQhe6iBA5uaGdglv2BGF%2FcGAl%2B0QLS5jBW%2Bz9J6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983881dc8b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 202401g-hyoushi-1-1-234x300.jpg
busg18.pics/wp-content/uploads/2023/11/ 21 KB
22 KB 68ms
62ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/11/202401g-hyoushi-1-1-234x300.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa714dc1957acc4ee87efea89855b523cf6910ef82df0ec28eb0a6cf764a5858

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 10:22:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "655c8500-5533"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlBg%2FFJgg3qm6sSrfAOHIs1ojmn4y2jgUM%2Bj0zs%2B7beHH%2F6jkDjBl8Roy9niSnbQ8lnaPD9unZDiOw%2F7yQz5HV0IFtvMBsRmeQd%2BIj1Au5x1Ayyaf3eB1P2GkAhEcV6rS2Ix4Em1NvO29g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dcab746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 21811

GET
H2 200 202401p42-ai-212x212.jpg
busg18.pics/wp-content/uploads/2023/11/ 10 KB
11 KB 67ms
61ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/11/202401p42-ai-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2228a1cbc3030c4e3a56f25620bc5433c07caf82e73f1884850696af00fd2530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 10:34:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "6565c252-293c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STLe6wD6DVX5sl0orGjfWhq5XQndrmNmv%2Fv7YvbFxbxXtpWDq5N9xbqfjtc%2Bme27qCSrWfgnfz3paPZWGdTrR1Rn9FjfEaKyeiBfb8BCSz8GAt0fyYtbjvaUqD%2B3DcQnpLl250Zl5KzH9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dcbb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10556

GET
H2 200 202401p41-ai-212x212.jpg
busg18.pics/wp-content/uploads/2023/11/ 9 KB
9 KB 86ms
80ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/11/202401p41-ai-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad6bc55b67b180dc0f6e759549aca2e9a4e1573cb6c7ba0dbe569cc44adca448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 12:17:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "6565da49-225e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxZ71tSvz1O38luscBlVIXl3nsCizfxboOWO79GKUysonPCVmy0kvbUvXxYD1jqsLl5UwqYGGddmCq9sEwbez6rRoUB%2FBu2eKpKpYur6P8szLNm1pmPDgR6EKn70LdzV3pZp0n00TxIKTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dccb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8798

GET
H2 200 EYE5-1-212x212.jpg
busg18.pics/wp-content/uploads/2023/12/ 8 KB
9 KB 72ms
66ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/12/EYE5-1-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cfebdb8437697ec92ece14079dbff4791066e9fd045cd90b1f59f03e643cef0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 01:18:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "6577b4f6-2131"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvgMU4OEjZvut%2Bd8yFm58SE4Wto6%2BfPGCnae537M1DDkmlfSTUF7z6Q3hDY6BA7A58UoEpnCgT6o11LusmQVSnpoadJ%2B5idGcvoK%2FYp6a6gXd6Gk%2F4l9MYnv5hzu2mlkZc9YLMeAIbWrFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dcfb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8497

GET
H2 200 ai-27-212x212.jpg
www.biteki.com/wp-content/uploads/2023/12/ 2 KB
3 KB 583ms
258ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/uploads/2023/12/ai-27-212x212.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

770df52b5b4546e8fd3c9ad0d43c93a1c44c49d0272060ef0af5559d94ab6b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 11
x-cache: MISS
x-ua-device
content-length: 2412
last-modified: Wed, 13 Dec 2023 10:31:36 GMT
server: nginx/1.16.0
etag: "96c-60c61abec1200"
vary
x-varnish: 143709534, 193115612 196158326
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: HIT
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:16 GMT

GET
H2 200 ai-11-212x212.jpg
busg18.pics/wp-content/uploads/2023/12/ 2 KB
3 KB 69ms
64ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/12/ai-11-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a9151aeaf73ffee1ab2438754e3138b5c74dad60e33a50cd5432978d5dfb67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 12:20:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "656f1582-980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYe3YbwpwjwdZfKl5h%2FVzKxItugwnUjW1w85kZj692lnBG0BztnYd7fz1Hy%2B5v%2FLj4srWpm%2BgPA8ffmeYxPgWeh3pVqUBHsQUEFUqqTBMpK2su9KwfAUUUdClpfW4V5VjlcIt2Zjs2bSfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dd2b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2432

GET
H2 200 noimg_forCalendar.jpg
www.biteki.com/wp-content/themes/biteki_new/common/images/ 9 KB
9 KB 754ms
754ms Image
image/jpeg 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/themes/biteki_new/common/images/noimg_forCalendar.jpg

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

42c705ceff5eb5dbcb94cade18892cf976afee3c9ca6dfedbfc3dbf9f50bf37d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 4823
x-cache: MISS
x-ua-device
content-length: 9043
last-modified: Tue, 17 Sep 2019 03:21:20 GMT
server: nginx/1.16.0
etag: "2353-592b736d2ac00"
vary
x-varnish: 147163078, 193182864 191956491
content-type: image/jpeg
cache-control: max-age=86400
x-cache-varnish: HIT
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 20231025-sauna-eye.jpg
busg18.pics/wp-content/uploads/2023/10/ 72 KB
73 KB 86ms
80ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/10/20231025-sauna-eye.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25a7984e52454cd4ce1e1cbbd4643a2a15db3632a0530a357b5e2c1d3c497528

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 26 Oct 2023 02:03:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "6539c8f8-12112"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ej6RSMZnOEQ6NG9zxt8%2BOpPsm8p2%2BUyytQqJ0dyPbBSse5F%2BM0bh1KHHokTTenJcFOfnznbLZIldf6WEq4rar66O2A9BB8QtkA6DgVXRwKPxMxeOUdEGuLZ3DabKciUF5mTHbXod9UPlMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dd4b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 74002

GET
H2 200 eyecatch01-1-2.jpg
busg18.pics/wp-content/uploads/2023/10/ 83 KB
83 KB 71ms
66ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/10/eyecatch01-1-2.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31ca058441df49f633c4493ec35cc4a6a216ee5a96d4181f94a42e0fc93ac66c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 19 Oct 2023 12:02:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "65311adc-14c3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0AKGBJCgRGaSmrKnwcDRJbZpHEYu59iWvCVvWAwdroZpn2V53mLfrSviwKaxFq%2FewPVVrS6OvmOZjAbXe1TidPR1sLkGJ4uExbMa0TOxDP8aqWd2NZoPpWtPfkg81SVMKf6llSHFrQg%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dd5b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 85055

GET
H2 200 ohituji-212x212.jpg
busg18.pics/wp-content/uploads/2020/02/ 14 KB
15 KB 70ms
65ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2020/02/ohituji-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce72b985eb9f4448be799e805fc95979281d17ce0fa8388aa15c4ff760b4cccd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Feb 2020 05:06:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "5e4e13ce-38fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMAToCFjTXYIVPbiO3LYYwdqw4yGxmCaXp2Xlo8x3BoAuE1DpVj2Sj%2FMkNrCXnovTqAbOTU6L%2Bd3vvoqpL4GLlCO2xp1T8HgBvDbolexWuTdr1ZurvJe9Lk4htcFU4%2B49TefAl5Lsdbw1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881dd9b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14586

GET
H2 200 oushi-212x212.jpg
busg18.pics/wp-content/uploads/2020/02/ 14 KB
14 KB 87ms
82ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2020/02/oushi-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47dae7e2609caba671c5516ae89c39409207a2cdecb06568487271f6b4fe02a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Feb 2020 05:06:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "5e4e13d0-377e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KVAsjX0b0DLVTZ4ElDMiAX%2FEpczlnhijWRomzRTudpDenjJ5kw9xvSlRDL88TIyjYB2IIw8qBtJdkIPRJ69RzthPFAO38WZ%2FkFW%2FgQAysYpLtPJ7IdvCs79XS6riKFWoA9q4jWJl%2FmvtHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983881ddab746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14206

GET
H2 200 futago-212x212.jpg
busg18.pics/wp-content/uploads/2020/02/ 18 KB
19 KB 68ms
63ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2020/02/futago-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ba48809b5ba762f397bbf5892e9208210f09d2b7eef7186f5753f8758a93496

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Feb 2020 05:06:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "5e4e13ca-4966"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xe03jgXYp1lHDjbtpqzqb5lZuyJVXWbMS1LmuYxFytBU7rI5GrhBZ35zRgNU%2Bnn%2FHuBKINIfGF0fdF4664QICiMaLIBMRwomxSAUQrR2cCesH%2FQ5DWpmsuwC2vhF5BGyLjyi%2BHq9gbQ3sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883de2b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 18790

GET
H2 200 kani-212x212.jpg
busg18.pics/wp-content/uploads/2020/02/ 15 KB
16 KB 68ms
63ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2020/02/kani-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe82b986ff9cde3b6fe106f68bcb05a57ec9274b76a5c4d5bd3d94cda8686692

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Feb 2020 05:06:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "5e4e13cc-3df8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsD%2FIIkButGcn5rNpo058YlA5FXKOpwBLg5L3nzQIW98Xmti4BTB6YDinE5w0peR2eC%2BmkL6R1Elt7IRFVyDzBrUyNc5iTcyEo%2FuFsArkvq%2FdDD0Y6sGO7EUJcItzVMiDefInAgsGd4JFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883de3b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15864

GET
H2 200 shishi-212x212.jpg
busg18.pics/wp-content/uploads/2020/02/ 18 KB
18 KB 69ms
64ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2020/02/shishi-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cc68dd7abc711fcb456683e0169bb31b844711d5304df5d33e8690679b5337f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Feb 2020 05:06:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "5e4e13d2-4671"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tx3RaOE2ZFogkGmqtGNjnFakxZNAMFtFSm6d%2B%2BZ0842NOU6HFjT0SSIIwl94jv6c6xEyrvMnAKXl6mA2dc5RrdkkrIBE7BLZBTNm9tEfzyFA5%2Fzs2fQ5YNmZ9fQiq9y6oRCSgvLSUj9TCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883de5b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 18033

GET
H2 200 otome-212x212.jpg
busg18.pics/wp-content/uploads/2020/02/ 14 KB
14 KB 70ms
65ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2020/02/otome-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fdee674dfde36c73143fe579a18a3e432b56939731d2d9746dccc7fa7e6bfec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Feb 2020 05:06:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "5e4e13cf-369c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4fuCNsbCG6WYUOkPTq5SpJi%2BmQwnScekRFnSfpsI8qsxtw%2BrS9WAOi5rY%2FnT%2F%2FbiR271W2Kz%2Fwf20NYaZYxFi9eGX7eQ%2Fy7%2Ft9r%2BKLgZ3EeRE5yUE9%2BkNVU9gCf2GtxV2mK976dH830Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883de6b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13980

GET
H2 200 tenbin-212x212.jpg
busg18.pics/wp-content/uploads/2020/02/ 17 KB
17 KB 102ms
97ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2020/02/tenbin-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 846ab9cdce3bf071ded49f7ea2eaa1ea6a2d75b9bc4317e0767a106fa2e66efb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Feb 2020 05:06:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "5e4e13d3-4295"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDIlTvcK7rcdmIVLK5HLWd4n%2B6W%2FV%2Ban9EsrwemlLOKM8PN8cHLi%2FSH8bKijy%2BeepKpMOUluza3N3yl5SQ4msj0GRf9oEqAgoaEGEogFST6FipAuZ%2F6PEp8cGfUoxU2EcSeQ4tpmWBA0yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883de8b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 17045

GET
H2 200 sasori-212x212.jpg
busg18.pics/wp-content/uploads/2020/02/ 16 KB
17 KB 70ms
65ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2020/02/sasori-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3d8da992e180e0a19341c2b889c6c0958c63e4c0c94bc5cf5c7252d26f62f80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Feb 2020 05:06:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "5e4e13d1-4155"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fE4QHDu7ZNkBF3KrTBlY6ln%2BtEoZ%2FAPNLwIKcIHG41a53DhroZzdPG3lErWa6w4XcP6ZFfmFsiMlmT519n%2Bm59YfVo9bslNQRfNnhaxumoJqPyBnTsRXKrHLpaeZDIupBc%2FATiSIUqCANw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883deab746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16725

GET
H2 200 ite-212x212.jpg
busg18.pics/wp-content/uploads/2020/02/ 16 KB
16 KB 87ms
82ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2020/02/ite-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b29cb193904e21beb4e19c3dd24339532cc4dca4fe61334eea26036a96c208f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Feb 2020 05:06:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: "5e4e13cb-3ff7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3oP%2FwuSizqkgYw37Qp3rVf5Y3u7cRugpfm61kKOppUSK5ybEjwuHqofJpAxtYUluosyidz8bhmC%2FN9lpcd2f3IwtR23erh8rPrz0QEDuKuH4wo1VFOicMYeM4u56HdPEJrWM0CXukPMdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883dedb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16375

GET
H2 200 yagi-212x212.jpg
busg18.pics/wp-content/uploads/2020/02/ 14 KB
15 KB 71ms
66ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2020/02/yagi-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d1584c3f083140a234febdbd2a1066a0c596f3a848d7731662d704e259908da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Feb 2020 05:06:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: "5e4e13d6-38f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HDpNB0oV%2Bt5%2F1hs5SVUo0EchygP3gk11n8%2FfPYCss0twoyj850rO1QFo%2BN11yazoQxBLMWXf%2FFzQTzYFy%2FaRsjuLzsRO8k0t9UHT7TIO%2F5mWGYIo9LtOOU6mbof9TJcqijSipYRMJIoR%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883defb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14580

GET
H2 200 mizugame-212x212.jpg
busg18.pics/wp-content/uploads/2020/02/ 16 KB
16 KB 85ms
81ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2020/02/mizugame-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8b5a78a0b5f69c1e5867edcbc4d87c63802061095571067f6064223fc16879c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Feb 2020 05:06:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: "5e4e13cd-3fc1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrDiYDFuMX1PzpWzjP4E8MuoUM%2F1inf5k9UfIDy5Fw9DxxNDart2pNY8hnL%2BRMi%2BFjPsh1Qi7wmL%2B%2FTNY3lAWwCbA6b8rkuK4txjeDbD7lWfhUb%2FDoUgt84rexf%2BvLTvxUBKwXZN0JyxeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883df0b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16321

GET
H2 200 uo-212x212.jpg
busg18.pics/wp-content/uploads/2020/02/ 15 KB
15 KB 85ms
81ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2020/02/uo-212x212.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d516bfb03e8fdc8ce6bbb71098cf217cc2350a5e4742961abb63b99d1658647b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 20 Feb 2020 05:06:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: "5e4e13d5-3a62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PCMA9RLb9XNsL9xHczAVlR7EtIQqaqIru41AS5Xebjfik0pc%2FK3aX7fz%2FrwtdEJTIIT3KKkTVKIPvjIKArh%2FrJ0grqJd0m7Pzx1plTx5r0%2BFYP3%2FNwKIjhKSppIV6TDPgVRWviYgxJViA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883df1b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14946

GET
H2 200 icon_social_fb.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 224 KB
169 KB 87ms
83ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/icon_social_fb.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39e1568a36ae00ec00740c0fff97689ef509d52b3de2241947209312e9f42c46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:41:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: W/"651a6617-3802f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pS4nAnBcRAS3u9DIojbXHesJjxrsyy95t9Vn2O0pfjn%2BbOWair5QlKOyOvKhel2gIrsXkk0cH7h6yaBqopT23h1uJ3qy24TujZVKpKF2ZX8B%2FFEQWnxkl6ZJREVJaCFR1No%2FadT%2F93pjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983883df4b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 icon_social_x.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 239 KB
179 KB 88ms
84ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/icon_social_x.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a2a4626833823f4d38df7c0336d7a89d00b59acdaf55e5bdebf528261ef5d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:41:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: W/"651a6617-3bb44"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kYWvBNjZF%2F6dkTDISe5h5W2fYpmtsn%2FrC%2FJVZoj3KPDNa4qd2i1GxgAs%2FZ5yGyOAImeeiadXCee1AFJSxtP9oDt9naSD5rB32n3dYE%2BVacl%2BFb9X7SO11Cm%2BFb%2BGu0%2F8RWOOInk1B7wo3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983883df5b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 icon_social_insta.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 3 KB
2 KB 85ms
81ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/icon_social_insta.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59d0515933a4b95bc271028f17e001daf5ad4c9aae86716d0fdac771d0776172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:41:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: W/"651a6617-c7e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPJtid%2F8Fs831WA%2BHnYl%2BCB5fa0AKVo4B7x48kC%2BiK9uhkQZsFyfhQ32oEliC%2FhRIcSip3AFxZY%2FToKQZXDOHkorO98Q7g3vr2vRG5qln%2BBfr21i4mTGkD1A6p4KBm5zWMRu8S1uYPB5TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983883df8b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 icon_social_yt.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 239 KB
179 KB 92ms
89ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/icon_social_yt.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75b5ce1abd68dd9b187a033b3de93af58f160b821323d633ba9fb832a4c83835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:41:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: W/"651a6617-3ba9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4MJJAjqAlAt6nTEBaCyG5qF95XqXfU1e1cL6hx77oItr0Bw1yoyncmeJIQxyfkc%2BzNDMp%2FIlvtexCRTBQ2UJGotXVFAyXQJ1PD7Qs8lF8dSo42VfpPVMDfot8De4w8LLvcg7dTJBTcpFyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983883df9b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 icon_social_line.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 57 KB
43 KB 86ms
83ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/icon_social_line.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed0b5cb130539b65b62b7a490db68c66d11499a9a1f5356b3de68ca358d48040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 02 Oct 2023 06:41:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: W/"651a6617-e4d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tFxJaFb98XGF7Cj0CbZeUBOBzZ2uXT4YOLy3tKh04ZQorKm8UMd7M%2Fc1EQuRE872LHWqfZmGoDEX%2F%2F9qwooVB8Av45pfeFL8ozmf5TStzFRuxDW%2FkqmN2q6g4DhOd2Ps6PG%2FsDptDV8s%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983883dfab746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 footerblock_magazine_logo.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 2 KB
1 KB 85ms
82ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/footerblock_magazine_logo.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b4d3a0dfdaf461371a91d7c7a144d2abc4f9aa78873550382b505d715478b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: W/"59baaebc-864"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEbL2Jg3qgcWd52fD%2BpYICAWqxN1XZLj4n7TS9pZtb28KawYkDyWkIc7KHMFynZhDa%2FigJoMZoz7w5FQV4brhadSdUh8yxhLPDWB%2B9W5KuR8GXcSzJZlbi7H0bhFxpbma8d9GMA5fOi02A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983883dfbb746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 icon_eternal.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 215 B
454 B 91ms
88ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/icon_eternal.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84172a021c02de27c2c6ed9c5020ac6353f4e4b00983990f157fb7992ee42098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: W/"59baaebc-d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2Q8dp%2Fg32xjAXDcGTccPwDvSV0FZ7%2B%2FxPXRcCQD36NIp4e%2B43068GJMefFjyQZo2U%2Fj1tMNUXQGIwjI6Ozeli%2F2cxhtlDtG5uzy2pK5%2BkM%2FzNSdkhRGr7ZrGdMVVWt%2BJc%2F3aMw3XINckw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983883dfcb746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 202401g-hyoushi-1-1.jpg
busg18.pics/wp-content/uploads/2023/11/ 379 KB
380 KB 92ms
89ms Image
image/jpeg 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/uploads/2023/11/202401g-hyoushi-1-1.jpg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 940f3e5c6b0fb28b70e9f1456d0cacbe287fd6832bde053c0a0d9f0df5ba4ea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Nov 2023 10:22:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: "655c84ff-5edb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6XU5mIalkMaPPOCSDnygL0qR0fgPehnRaxFMgti5GHVDw8TM0DKR0ZZSe2A5YC0PEtjPmb5xk1dB%2B%2B4sXkKMHOyPxYWR73%2Fe5f5K9Oiz%2FhYLmTDdFN53oeCc4lJ%2FZ%2FET%2F7PCFgdgNm5lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883dfeb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 388532

GET
H2 200 iphone_img_half.png
busg18.pics/wp-content/themes/biteki_new/common/img/ 97 KB
98 KB 87ms
84ms Image
image/png 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/img/iphone_img_half.png
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37eee9859e2acb07f6e3a12f083933db514b6f471dec6dbb236783e6fa5b3760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Aug 2018 03:33:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: "5b87657f-1857a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4n5Y0uKQUetK42%2FUp%2B3X39gcQVZ1%2BQPvEo3p6vA8x21%2Bh7SIVdor37ZrIlqhyTWqgqLQBTsaw%2B9OxpYuqMEO4vUALuvt4FufoQRy8qb%2FVRQfy0fHUFSpEz8Kp8c6gWF7POO7wa1tW%2Bsmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883dffb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 99706

GET
H2 200 LINE_APP_iOS.png
busg18.pics/wp-content/themes/biteki_new/common/img/ 22 KB
22 KB 87ms
84ms Image
image/png 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/img/LINE_APP_iOS.png
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e93437eb5ec0dcdece92d1562fcd435d1d521cca5c013d2d9e15b544a1d8a39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 00:08:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: "63854d63-56df"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ie4OaiM9CFGVgQcRy1jKX5NhQbLWRLUNFftzKtJAyiguR2YpTRfTWEdXpUacpDt7gFqqEY0RFUhjmPDlKNNNoyxGK8u1KKSTzcEXdpPcZZDCjhbcsrNaQ34qziCX9c6lAqe9DvIwFJoFVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883e01b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 22239

GET
H2 200 LINE_icon.png
busg18.pics/wp-content/themes/biteki_new/common/img/ 12 KB
12 KB 86ms
83ms Image
image/png 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/img/LINE_icon.png
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abfb533bb3f7ffe5c78c1f4f257b9cb4aa313df48f6ef4d0b920ceb81ceb399f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 00:08:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: "63854d63-2eab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arUnqB2jvtRnz6JeEgXo4Ac20eTV%2B8h3xx1vlcr0rnCQVuaqfxzAPrnbpi97iR9Z3n25k1eU1%2FUDFbn7O9KDdLxKl0nhLlDmmgCtgJcHnq88Xm4q53HTsCXydOk6JdcRQEczIbAdL9CQhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883e03b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11947

GET
H2 200 ja.png
scdn.line-apps.com/n/line_add_friends/btn/ 4 KB
4 KB 242ms
8ms Image
image/png 2.20.65.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scdn.line-apps.com/n/line_add_friends/btn/ja.png

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.20.65.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-65-72.deploy.static.akamaitechnologies.com

Software

VOS /

Resource Hash

faf3a5b0232e4515f5c4b91225ab985faa6813ee78d0123a560def12ebe56597

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-amz-version-id: xWFP0rtfWImkRCFnPZv2gKTdFLYjbBM
strict-transport-security: max-age=15768000
date: Fri, 22 Dec 2023 15:49:16 GMT
last-modified: Thu, 29 Sep 2022 08:14:43 GMT
server: VOS
x-amz-request-id: tx000009ff59df66cd73c5f-0063d231bc-11d40699-jp2
etag: "f42b3c37b5aa83b2e9c93883a77e8851"
content-type: image/png
x-amz-storage-class: STANDARD
x-rgw-object-type: Normal
cache-control: public, max-age=30282478
accept-ranges: bytes
content-length: 3973
expires: Sat, 07 Dec 2024 03:37:14 GMT

GET
H2 200 LINENEWS_icon.png
busg18.pics/wp-content/themes/biteki_new/common/img/ 15 KB
15 KB 91ms
89ms Image
image/png 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/img/LINENEWS_icon.png
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df76c2645eb74485a9f91aed0613a326bbd7ba4e70e555e9c25b141da92d6f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 00:08:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: "63854d63-3b15"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6mgV2io%2BEK6KY0sNi4C62UipqhN9OuyMQu%2FjEVzOG1aTveV8TcMyichBYNrvRxPjRZchQm8McDZWraztHf6DvN5g%2FgbuOhWBxhYh8gmTAuyVu2xqgdG4sFYH77dSNRwvsOz6JlxhxR1wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883e06b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15125

GET
H2 200 footerblock_sitemap_logo_white.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 2 KB
1 KB 87ms
84ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/footerblock_sitemap_logo_white.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c123d29d5d12b26fce40551852dce1cd2ffb2dbf45f2b0cb663071df8fed76d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: W/"59baaebc-97c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiY6iAnuDF%2BV4HFy4Ypzm2CjlL3Dq7%2BRhbsNQSFSbFlVgBkrWoteQipVcyPLAFamiJ5pn3yEXletDDY146cqIy4S7MKVc7yrP24Tt2OZanvEzzTa2KsyxEbl%2Bf1EupHNCKMlawLtbFquuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983883e07b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 to_top.png
busg18.pics/wp-content/themes/biteki_new/common/images/ 1 KB
2 KB 86ms
83ms Image
image/png 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/images/to_top.png
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62a7c91cb18dfbfdc047bbe4ae0be740598abd621717c054b50508121d40305e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: "59baaebc-4f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOk9aaVSfpcZnLJ0AYKrvqz81u6%2F3rktzis4EYA8h1Cob6xPQ1rvKZmFvoW9vniWyBmIiGFqy4W2nmRWEP6MkGv0KM6IjVCRTc55NnAkyGMg950mQVNhzIqBXs185sIFjZJdVIG%2BhFS35A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983883e08b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1271

GET
H2 200 site Show response
shogakukan-web-api.net/rest/get-common-footer/ 28 KB
5 KB 79ms
21ms Script
application/javascript 65.9.86.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://shogakukan-web-api.net/rest/get-common-footer/site?id=biteki&target=FooterArea

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.86.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-86-111.ams1.r.cloudfront.net

Software

Resource Hash

e72735b82bc4e30f56735cb44576d5d1c7766713d2d6eb23cc57abc49a86269e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 08:16:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 bf5caee39117de5337c47c748b716e80.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
age: 199957
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-origin-response-at: 2023-12-20 17:16:39
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: P2EByRauu-Tbu0fb2nyH4aLLQh0y-k2kb1VJ9PCfUpz72Nbn5Sm9PA==

GET
H2 200 autoptimize_9e10ba0dba1c87244d27c921e9327bda.js Show response
busg18.pics/wp-content/cache/autoptimize/js/ 326 KB
87 KB 94ms
92ms Script
application/javascript 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://busg18.pics/wp-content/cache/autoptimize/js/autoptimize_9e10ba0dba1c87244d27c921e9327bda.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f087df50d6940430029279ca46f65f1b8600c0be9c8b3dfc1a24c8c60b98c141

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Dec 2023 03:04:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: W/"656e932a-5161b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAhiSXPsz5h%2FKYqulcqXCALjeZFuw2LeQPpkbJ5lSozQbqo0V3ZeHE8wEVOpLb%2FVzKQFjrqGOD%2BwRc6nGJl9ai2tweAR%2FmiCRKm782dkeSAwsDYulrsZqxUJmTJyFsDxgSj5KJtepdpD0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 839983883e09b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 160ms
51ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 15:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1611
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 22 Dec 2023 17:22:25 GMT

GET
H/1.1 200
OK bi.js Show response
bs.nakanohito.jp/b3/ 55 KB
19 KB 1116ms
552ms Script
application/javascript 124.33.183.216
UCOM ARTERIA Netw...

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.nakanohito.jp/b3/bi.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 124.33.183.216 Nakano, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS: 124x33x183x216.ap124.ftth.ucom.ne.jp
Software: nginx /
Resource Hash: 5a5c1b28a8004a0171f9c3bca2858bba94564d5c95eb988dce03c16cf4f0167d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 21 Dec 2023 10:03:09 GMT
Server: nginx
ETag: W/"65840d5d-dd6f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=10800, public
Connection: close
Expires: Fri, 22 Dec 2023 18:49:17 GMT

GET
H2 200 itm.js Show response
dmp.im-apps.net/js/9534/0001/ 3 KB
1 KB 67ms
8ms Script
application/javascript 2a02:26f0:480:25::1726:6212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/js/9534/0001/itm.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7f141e0aadd367a659b4fc281b5237c61f8f31ca60ad711d64e7294ddc4bb9c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-amz-version-id: e3SVFwCXrMnBXHiAVB6aTNMhU7hOcWdK
content-encoding: gzip
date: Fri, 22 Dec 2023 15:49:16 GMT
last-modified: Mon, 28 Mar 2016 02:44:23 GMT
etag: "87dc41ce284c4f1a8b850d20008b19ea"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=12288
accept-ranges: bytes
content-length: 1008
expires: Fri, 22 Dec 2023 19:14:04 GMT

GET
H2 200 lognos.js Show response
img.macromill.com/js/us000932eym/2000015291-f2/ 4 KB
5 KB 305ms
235ms Script
application/javascript 108.157.4.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.macromill.com/js/us000932eym/2000015291-f2/lognos.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-24.dus51.r.cloudfront.net
Software: Apache /
Resource Hash: 1108c21c532be0b9551a8769f45fe165140cf7f48a7e2f213440986867a22e1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
last-modified: Fri, 26 Mar 2021 07:54:03 GMT
server: Apache
x-amz-cf-pop: DUS51-P2
etag: "10fe-5be6bd5e6bcc0"
x-cache: Miss from cloudfront
p3p: CP='NON UNI CUR OUR'
content-type: application/javascript
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 4350
x-amz-cf-id: X4Y4Q07K8fCnwbOrZGc9RCGwqWvpRoMS_wAgKljhaWdLTF1bs_MXmw==

GET
H2 200 segment Show response
sync.im-apps.net/imid/ 108 B
581 B 287ms
237ms Script
application/javascript 34.149.101.235
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.im-apps.net/imid/segment?token=NXOXe5JGQJYxiIkb8Mzm7Q&callback=Rtoaster._imTrack
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.101.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.101.149.34.bc.googleusercontent.com
Software: /
Resource Hash: f467518861595ea51a80baeb392e953411e147e2b006fda5a2df95d456849f35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cache-control: private, max-age=3000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108
content-type: application/javascript

GET
H/1.1 200
OK lift_widget.js Show response
l.logly.co.jp/ 87 KB
19 KB 520ms
239ms Script
text/javascript 18.66.248.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift_widget.js?adspot_id=4278370
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-43.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a8e46d5756b139e7b716a1351644b03bb44e3fa18ff91e9f9fe5441a42f0fea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 15:49:16 GMT
Content-Encoding: gzip
Via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: DUS51-P1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
X-Cache: Miss from cloudfront
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
X-Amz-Cf-Id: K_9V7yPzSDbusidUNcYHnbrMgSjOSLZhyqbSyRaGZooL1EwO92OAwA==

GET
H/1.1 200
OK biteki.js Show response
api.popin.cc/searchbox/ 133 KB
37 KB 1095ms
533ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/biteki.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 2d69751155a132dd4ea24d06d5f8d53adf24dc3d780535ab4269ac4fac00393d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:17 GMT
x-amz-version-id: 7WWF2BB5X.qstc.i6cSsI.it4C8_FzXm
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.55.25
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Tue, 05 Dec 2023 09:20:33 GMT
Server: nginx
ETag: W/"1f7eab1d0ae36bce6cfc8e701caa0286"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 22 Dec 2023 16:49:17 GMT

GET
H/1.1 200
OK lift_widget.js Show response
l.logly.co.jp/ 87 KB
19 KB 274ms
238ms Script
text/javascript 18.66.248.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift_widget.js?adspot_id=4185318
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-43.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 1beef0027dcb27e4a7db4b170f087a045a024841e00cf9e479df5fbb2ed10002

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 15:49:16 GMT
Content-Encoding: gzip
Via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: DUS51-P1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
X-Cache: Miss from cloudfront
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
X-Amz-Cf-Id: GAiGz127FvqV_QrDoTZ0c_S5MJur8oahHKy1IRz0vQSS3P5M6db1HQ==

GET
H2 200 sdk.js Show response
connect.facebook.net/ja_JP/ 3 KB
3 KB 25ms
9ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

545a3f15171f75dcf5c3bc8ad152b71163f0181776fbdd06248154cf53886ded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 15:49:16 GMT
content-md5: 83d9vS3sWckO5JQGPoPYuw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints
x-fb-debug: Nc4na2Uupe6CjLeMY3X+icI6/LMocSumxNAguqKpu4lRGaprXHcDC6NKADRukqehT1qEW+gRkGnR35p6KlF3MA==
x-fb-content-md5: be0bdd6f29201fc007ebfd33a11dd839
cross-origin-opener-policy: same-origin-allow-popups
etag: "92ca6bcae0a78257cb66ec8a4e72e8d2"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 22 Dec 2023 15:55:10 GMT

GET
H2 200 bg2.png
busg18.pics/wp-content/themes/biteki_new/common/images/ 13 KB
13 KB 26ms
26ms Image
image/png 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/images/bg2.png
Requested by: Host: busg18.pics
URL: https://busg18.pics/wp-content/cache/autoptimize/css/autoptimize_284a8605b4a44aad6ba9102f33541bc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85490cec7ffc506647607b9da2ee23b9822e1670657a420a3d246abc9b9e9f4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/wp-content/cache/autoptimize/css/autoptimize_284a8605b4a44aad6ba9102f33541bc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4350
etag: "59baaebc-3369"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgeBwoJ1FXGP4353czKmu1TXETIF6eP71hPg2MDJAIWYu%2BgCcfV74G7iHcmLFSaJn1KZGVTzxF%2BnGrVw8eQJ2PkwZDjjV0DmsH8P%2FoSJ%2FkFPzXBbj3nYMg0j1JXW4LVt07VkMzhwHXTa9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983895f44b746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13161

GET
H2 200 icon_search_g.svg
www.biteki.com/wp-content/themes/biteki_new/common/svg/ 883 B
1 KB 837ms
512ms Image
image/svg+xml 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/themes/biteki_new/common/svg/icon_search_g.svg

Requested by

Host: busg18.pics
URL: https://busg18.pics/wp-content/cache/autoptimize/css/autoptimize_284a8605b4a44aad6ba9102f33541bc2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

4914a4eb339be7eeb29276670d4e1aa5f20cd7177d888e9bec03de5192670768

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 608
x-cache: HIT
x-ua-device
content-length: 883
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
server: nginx/1.16.0
etag: "373-55928ccc765a0"
vary
x-varnish: 138798743 139754835, 193569823 196510715
content-type: image/svg+xml
cache-control: max-age=86400
x-cache-varnish: HIT
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:16 GMT

GET
H2 200 icon_arrow_bread.svg
www.biteki.com/wp-content/themes/biteki_new/common/svg/ 322 B
681 B 838ms
513ms Image
image/svg+xml 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/themes/biteki_new/common/svg/icon_arrow_bread.svg

Requested by

Host: busg18.pics
URL: https://busg18.pics/wp-content/cache/autoptimize/css/autoptimize_284a8605b4a44aad6ba9102f33541bc2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

4728eed86f5f28dee17afe787d91f315f0d3971569a5f22a8d754dccfa675e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 609
x-cache: HIT
x-ua-device
content-length: 322
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
server: nginx/1.16.0
etag: "142-55928ccc75dd0"
vary
x-varnish: 146216727 139518452, 192689476 193895409
content-type: image/svg+xml
cache-control: max-age=86400
x-cache-varnish: HIT
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:16 GMT

GET
H2 200 contents-parts.png
www.biteki.com/wp-content/themes/biteki_new/common/images/ 5 KB
5 KB 582ms
257ms Image
image/png 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/themes/biteki_new/common/images/contents-parts.png

Requested by

Host: busg18.pics
URL: https://busg18.pics/wp-content/cache/autoptimize/css/autoptimize_284a8605b4a44aad6ba9102f33541bc2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

0297a5dc16aed3779970aa407dbc22de2f11a375c192b2519d6dd67d903756a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 601
x-cache: HIT
x-ua-device
content-length: 4986
last-modified: Thu, 31 Aug 2023 04:16:49 GMT
server: nginx/1.16.0
etag: "137a-60430501cb943"
vary
x-varnish: 142785786 139882244, 190699338 190363614
content-type: image/png
cache-control: max-age=86400
x-cache-varnish: HIT
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:16 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81b9e8a15168eebd6faf19c2a197d6ce6d9281fabad1bfbfc34e6fc257491892

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 icon_arrow_prev.svg
www.biteki.com/wp-content/themes/biteki_new/common/svg/ 194 B
552 B 748ms
748ms Image
image/svg+xml 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/themes/biteki_new/common/svg/icon_arrow_prev.svg

Requested by

Host: busg18.pics
URL: https://busg18.pics/wp-content/cache/autoptimize/css/autoptimize_284a8605b4a44aad6ba9102f33541bc2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

6e149a0ebb5e297dde5fc2b49bc940f4e2f42124d8203cbed8a41c47be23028c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 605
x-cache: HIT
x-ua-device
content-length: 194
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
server: nginx/1.16.0
etag: "c2-55928ccc75dd0"
vary
x-varnish: 142785784 139882232, 197070729 193930471
content-type: image/svg+xml
cache-control: max-age=86400
x-cache-varnish: HIT
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 icon_arrow.svg
busg18.pics/wp-content/themes/biteki_new/common/svg/ 783 B
731 B 26ms
26ms Image
image/svg+xml 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/svg/icon_arrow.svg
Requested by: Host: busg18.pics
URL: https://busg18.pics/wp-content/cache/autoptimize/css/autoptimize_284a8605b4a44aad6ba9102f33541bc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41068f4ad7966f6bc28b5888e3a25619cf94354edacf21b2d832a5c94b826623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/wp-content/cache/autoptimize/css/autoptimize_284a8605b4a44aad6ba9102f33541bc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4346
etag: W/"59baaebc-30f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwO6etlCYu%2Bo2j%2BSrjD6DtKkFq8hJl97OQU14q8hnL9TlmCPDDQLHiH2O8U30yMiVtO9yO2zinfkqr8Gmnzt%2BVAsFlK2lEBUbS2jcubFl%2FDMDGUjNLmYZ06YfUbQHyahoD1cxlMEKPhFgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 839983895f4bb746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 sideblock_backnumber_bg.png
busg18.pics/wp-content/themes/biteki_new/common/images/ 34 KB
35 KB 27ms
27ms Image
image/png 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/images/sideblock_backnumber_bg.png
Requested by: Host: busg18.pics
URL: https://busg18.pics/wp-content/cache/autoptimize/css/autoptimize_284a8605b4a44aad6ba9102f33541bc2.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f728a9a6aeebe8586c4a933d52c678cdc7d008dd9e5c944a57d0736e471d4b8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/wp-content/cache/autoptimize/css/autoptimize_284a8605b4a44aad6ba9102f33541bc2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4348
etag: "59baaebc-89ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYMTyCZt63U00p4ZBBiOAlgENZnh56KW1DFdMr%2FLPghucSuGvOH22x%2B4MaJ4aeQPzj44%2FZgXxguKNLrOK%2BGxHw%2FL127NN14hjQNavptLa58Vk01UKsK9eh6ymz91viymbX72bvsqTjxNHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 839983895f4cb746-AMS
alt-svc: h3=":443"; ma=86400
content-length: 35327

GET
H2 200 footerblock_calendar_bg.png
www.biteki.com/wp-content/themes/biteki_new/common/images/ 49 KB
49 KB 748ms
748ms Image
image/png 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/themes/biteki_new/common/images/footerblock_calendar_bg.png

Requested by

Host: busg18.pics
URL: https://busg18.pics/wp-content/cache/autoptimize/css/autoptimize_284a8605b4a44aad6ba9102f33541bc2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

64674d59b71fb30e4c87fdbc6c6120cae055b32d961e22ebc33d4d873c18a29b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 608
x-cache: HIT
x-ua-device
content-length: 50147
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
server: nginx/1.16.0
etag: "c3e3-55928ccc34ec0"
vary
x-varnish: 138798745 144778404, 199003176 198640447
content-type: image/png
cache-control: max-age=86400
x-cache-varnish: HIT
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
DATA 200
OK truncated
/ 396 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13c56719c3bcb6a37dd6faea1a2b9071ecfa97369d6fb0a42cc235ab9b587df1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 308DE6_0_0.woff2
busg18.pics/wp-content/themes/biteki_new/common/webfonts/ 15 KB
16 KB 34ms
34ms Font
application/octet-stream 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/webfonts/308DE6_0_0.woff2
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e4b99b195179e415c40fc30275d90b384b26cc8130344b1b98cd55ebb0d7aef

Request headers

Referer: https://busg18.pics/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4347
etag: W/"59baaebc-3df7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsBeDwoxU2EYjnFwFitkY9ltMd55X3neYXZ68ORJveKc4kyqS%2F7I3Y8WOb7LKZvrxsC8g8BEXwTyPj6rKcSyWREqTEsBX9zsnohS99dw1%2FRdV7HO0mt7DHMDItKVBfo5MqOxsi6a0qFX0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
cf-ray: 839983896f57b746-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 308DE6_1_0.woff2
busg18.pics/wp-content/themes/biteki_new/common/webfonts/ 20 KB
21 KB 27ms
27ms Font
application/octet-stream 2606:4700:3034::ac43:d9e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://busg18.pics/wp-content/themes/biteki_new/common/webfonts/308DE6_1_0.woff2
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:d9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b273f093f3efc5927a36060d5b836737cc0eac3bce80632d1f76f32025e9040

Request headers

Referer: https://busg18.pics/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4346
etag: W/"59baaebc-5170"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkpVARJ1K4s%2FiIdT1%2B9evWO8mFwT6NvkxmHakgeb6ex86dFF67Cn811xA9J5LAzAttcu3JIb0NCITHrqcT7w%2BYQHTKBPX7y6i4grQvO0GhDUlb7iOKE6CrIDCdeB8cEulG84d%2Bp5Le6B8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
cf-ray: 839983896f5ab746-AMS
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK YnVzZzE4LnBpY3M= Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
463 B 37ms
9ms XHR
application/json 2.18.161.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/YnVzZzE4LnBpY3M=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-178.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:16 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=7896
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 6514ead9107e91d0517134d63620d9ab
Content-Length: 16
Expires: Fri, 22 Dec 2023 18:00:52 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
371 B 7ms
7ms Image
image/gif 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Sun, 21 Jan 2024 15:49:16 GMT
date: Fri, 22 Dec 2023 15:49:16 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: busg18.pics
URL: https://busg18.pics/wp-content/cache/autoptimize/js/autoptimize_9e10ba0dba1c87244d27c921e9327bda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 22:07:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 22:07:28 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 192ms
82ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: busg18.pics
URL: https://busg18.pics/wp-content/cache/autoptimize/js/autoptimize_9e10ba0dba1c87244d27c921e9327bda.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 22 Dec 2023 15:49:16 GMT

GET
H2 200 icon_arrow_big_prev.svg
www.biteki.com/wp-content/themes/biteki_new/common/svg/ 323 B
682 B 715ms
715ms Image
image/svg+xml 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/themes/biteki_new/common/svg/icon_arrow_big_prev.svg

Requested by

Host: busg18.pics
URL: https://busg18.pics/wp-content/cache/autoptimize/css/autoptimize_284a8605b4a44aad6ba9102f33541bc2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

ad43253c5a7020f4b05e184d49db9ba32565ec1e291cdb4e0e1792606921d124

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 603
x-cache: HIT
x-ua-device
content-length: 323
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
server: nginx/1.16.0
etag: "143-55928ccc75dd0"
vary
x-varnish: 147037041 144194688, 199295264 196941789
content-type: image/svg+xml
cache-control: max-age=86400
x-cache-varnish: HIT
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 icon_arrow_big_next.svg
www.biteki.com/wp-content/themes/biteki_new/common/svg/ 324 B
683 B 715ms
715ms Image
image/svg+xml 110.232.194.35
BIT-ISLE Equinix ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.biteki.com/wp-content/themes/biteki_new/common/svg/icon_arrow_big_next.svg

Requested by

Host: busg18.pics
URL: https://busg18.pics/wp-content/cache/autoptimize/css/autoptimize_284a8605b4a44aad6ba9102f33541bc2.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

110.232.194.35 , Japan, ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP),

Reverse DNS

cloud-isle.jp

Software

nginx/1.16.0 /

Resource Hash

3a5745c0199a15ac68b732f4ae353632d2610d6e013863762b6a74ec7365186d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish-v4, 1.1 varnish-v4
strict-transport-security: max-age=300
age: 603
x-cache: HIT
x-ua-device
content-length: 324
last-modified: Thu, 14 Sep 2017 16:30:52 GMT
server: nginx/1.16.0
etag: "144-55928ccc759e8"
vary
x-varnish: 143708962 146677976, 196023039 187321085
content-type: image/svg+xml
cache-control: max-age=86400
x-cache-varnish: HIT
accept-ranges: bytes
expires: Sat, 23 Dec 2023 15:49:17 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 02:18:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48618
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 21 Dec 2024 02:18:58 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 56 B
71 B 189ms
87ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=busg18.pics

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af78b52e724e210addb3dcaa84f1c573ca094774bb0d55abf2910c9d4c899f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47
x-xss-protection: 0
expires: Fri, 22 Dec 2023 15:49:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
78 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KXR170ZX48&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS2HF4S

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a625aaf6b2aa565c56bc43f4e8fbdec6c03939ea23f427f622cd61859b2d6a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79430
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Dec 2023 15:49:16 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 22 Dec 2023 15:49:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: vyQDlU/hXvGkhccHnTNhPaePV7G6fbx/qjFkb/EsEgstU8deBeiuOSJI2/w6XCXKLT1YlySDROCO5E/qoRNTrA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 lt.js Show response
d.line-scdn.net/n/line_tag/public/release/v1/ 32 KB
10 KB 43ms
8ms Script
application/javascript 2.20.65.72
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.20.65.72 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-20-65-72.deploy.static.akamaitechnologies.com

Software

VOS /

Resource Hash

d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-amz-version-id: aLHCm1toaevjRzyK9ZlkfyErvpEL9I2
strict-transport-security: max-age=15768000
content-encoding: gzip
date: Fri, 22 Dec 2023 15:49:17 GMT
x-amz-request-id: tx0000006918b62e065fa5b-00651a6066-13dd9984-jp2
content-length: 9865
x-amz-expiration: expiry-date="Sat, 02 Dec 2023 00:00:00 GMT", rule-id="bucket_lifecycle"
last-modified: Mon, 02 Oct 2023 06:16:39 GMT
server: VOS
etag: "02e4691c0dcc2f7ecef2712fb0f24921"
vary: Accept-Encoding
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: max-age=2557636
accept-ranges: bytes
expires: Sun, 21 Jan 2024 06:16:33 GMT

GET
H2 200 gaat.js Show response
js.glossom.jp/ 32 KB
33 KB 585ms
12ms Script
application/javascript 2a04:4e42::738
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js.glossom.jp/gaat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS2HF4S
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::738 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a43f11f8ac8634637da8838ba5991791d5624a37dec376a62658bdf613530469

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Tue, 05 Dec 2023 02:57:18 GMT
date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish
age: 2530
x-guploader-uploadid: ABPtcPrhyhZxpiICcLSWyPBaVOR-mQNKm7Tce1QqzplPKbgx0DDbIS_W0J1luK5JfqGy1HFhoIoIhuxJbQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 32731
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Mon, 29 Aug 2022 06:50:42 GMT
server: UploadServer
x-timer: S1703260158.596367,VS0,VE1
etag: "3417e0bc3a28904778ca245f7bc79969"
x-goog-hash: crc32c=utZ43A==, md5=NBfgvDookEd4yiRfe8eZaQ==
x-goog-generation: 1661755842567426
content-language: en
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 32731
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 itm.js Show response
dmp.im-apps.net/js/1010434/0001/ 1 KB
928 B 7ms
7ms Script
text/javascript 2a02:26f0:480:25::1726:6212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/js/1010434/0001/itm.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 871e3dfbc4b95c33cbb7cd16ce3137863659711975b4a729951044f3448f6260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-amz-version-id: CDem3tkTX9Y.uXWkGw4ndNCAbncEfWEi
content-encoding: gzip
date: Fri, 22 Dec 2023 15:49:16 GMT
last-modified: Mon, 07 Mar 2022 10:30:41 GMT
etag: "4efa1b3b40f08ecea885298128cc5e2b"
vary: Accept-Encoding
content-type: text/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=1781
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 654
expires: Fri, 22 Dec 2023 16:18:57 GMT

GET
H/1.1 200
OK td_btk_access.js Show response
d-cache.microad.jp/js/ 4 KB
2 KB 950ms
257ms Script
application/javascript 138.113.139.220
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://d-cache.microad.jp/js/td_btk_access.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS2HF4S
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.113.139.220 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: a8d2d8520f01b9788b750863e3c2b287d61de94d9707c9978588eb34668865f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:17 GMT
Content-Encoding: gzip
Via: 1.1 PSrbdbOSA2fk135:0 (W), 1.1 PSrbdjTYO3to127:14 (W)
Last-Modified: Fri, 14 Jun 2019 00:23:51 GMT
Server: PWS/8.3.1.0.8
ETag: "10a9-gzip"
X-Ws-Request-Id: 6585affd_PSrbdjTYO3bv126_27163-47210
Content-Type: application/javascript
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Cache-Control: public, max-age=2592000
X-Px: ht PSrbdjTYO3to127HND
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1887
Expires: Tue, 02 Jan 2024 02:36:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 123 KB
47 KB 78ms
78ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PMKZFK&l=itm_dl1_9534

Requested by

Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/9534/0001/itm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f153db1eb36674ed4d15a1451e24571181e39f4c8986c11b46c1a540dd726c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48136
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Dec 2023 15:49:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 112 KB
31 KB 174ms
65ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d78680b021294f5efee49ac5eca0df15d000d1c1a41b07d38a9a55bc45d5391e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 15:39:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Dec 2023 15:49:16 GMT

GET
H2 200 segment Show response
sync.im-apps.net/imid/ 117 B
503 B 238ms
238ms Script
application/javascript 34.149.101.235
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.im-apps.net/imid/segment?callback=_itm_.c1010434.ia_cb&token=VXoW9wEaCAYxiIkb8Mzm7Q&need_created=True
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/1010434/0001/itm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.101.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.101.149.34.bc.googleusercontent.com
Software: /
Resource Hash: a1f072e561d3d4d0f0b7e1eff183dc4bd044d70511d70b39041b63f0fe572942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cache-control: private, max-age=3000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
content-type: application/javascript

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 893
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 22 Dec 2023 16:34:23 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
205 B 58ms
58ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1911377374&t=pageview&_s=1&dl=https%3A%2F%2Fbusg18.pics%2F&ul=en-us&de=UTF-8&dt=%E9%89%84%E5%88%86%E3%81%9F%E3%81%A3%E3%81%B7%E3%82%8A%EF%BC%81%E6%9E%9C%E7%89%A9%EF%BC%95%E9%81%B8%E3%80%90%E3%81%8A%E3%81%99%E3%81%99%E3%82%81%E3%83%AC%E3%82%B7%E3%83%94%E3%80%91%20%7C%20%E7%BE%8E%E7%9A%84.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAgEAjAAAAACAAI~&jid=1852102832&gjid=444056916&cid=1050775466.1703260157&tid=UA-10554241-48&_gid=538160950.1703260157&_slc=1&z=511745852

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://busg18.pics/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://busg18.pics
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
346 B 159ms
53ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-10554241-48&cid=1050775466.1703260157&jid=1852102832&gjid=444056916&_gid=538160950.1703260157&_u=KGDAgEAjAAAAAGAAI~&z=690133690

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://busg18.pics/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 22 Dec 2023 15:49:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://busg18.pics
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
68 B 59ms
59ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1911377374&t=pageview&_s=1&dl=https%3A%2F%2Fbusg18.pics%2F&ul=en-us&de=UTF-8&dt=%E9%89%84%E5%88%86%E3%81%9F%E3%81%A3%E3%81%B7%E3%82%8A%EF%BC%81%E6%9E%9C%E7%89%A9%EF%BC%95%E9%81%B8%E3%80%90%E3%81%8A%E3%81%99%E3%81%99%E3%82%81%E3%83%AC%E3%82%B7%E3%83%94%E3%80%91%20%7C%20%E7%BE%8E%E7%9A%84.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAgEAjAAAAAGAAI~&jid=1402644982&gjid=350325507&cid=1050775466.1703260157&tid=UA-10554241-65&_gid=538160950.1703260157&_slc=1&z=877478845

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://busg18.pics/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://busg18.pics
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 159ms
54ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-10554241-65&cid=1050775466.1703260157&jid=1402644982&gjid=350325507&_gid=538160950.1703260157&_u=KGDAgEAjAAAAAGAAI~&z=1009395190

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://busg18.pics/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 22 Dec 2023 15:49:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://busg18.pics
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 beacon.html Show response
cf.im-apps.net/imid/ Frame 9797 2 KB
2 KB 16ms
7ms Document
text/html 2a02:26f0:480:25::1726:6212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.im-apps.net/imid/beacon.html
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7edf5b2eb4905d5fcb547ca8e06b4e85c048eb127354ca301dad6b1b5582e64f

Request headers

Referer: https://busg18.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=86400
content-encoding: gzip
content-length: 1396
content-type: text/html
date: Fri, 22 Dec 2023 15:49:16 GMT
etag: "d7f3fa711e38a217c1172315ab7de5f0"
expires: Sat, 23 Dec 2023 15:49:16 GMT
last-modified: Tue, 03 Oct 2023 07:45:50 GMT
p3p: CP="NOI PSD OTR"
vary: Accept-Encoding
x-amz-replication-status: PENDING
x-amz-server-side-encryption: AES256

GET
H2 200 tdim-1.1.0.min.js Show response
cf.im-apps.net/sdk/ 7 KB
3 KB 8ms
7ms Script
application/javascript 2a02:26f0:480:25::1726:6212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.im-apps.net/sdk/tdim-1.1.0.min.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 84e2f272052d386779f00694399d4dcbbad2def9c0e1f56e7ab16d133c2cef57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
content-encoding: gzip
last-modified: Wed, 24 Mar 2021 09:39:26 GMT
etag: "e040eeb7304bf1ef26817cabe817bc07"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=604800
x-amz-replication-status: PENDING
accept-ranges: bytes
content-length: 2847
expires: Fri, 29 Dec 2023 15:49:17 GMT

GET
H2 200 set
sync.im-apps.net/imid/ Frame 9797 43 B
435 B 238ms
238ms Image
image/gif 34.149.101.235
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.im-apps.net/imid/set?no_sync=1
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.101.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.101.149.34.bc.googleusercontent.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
cache-control: private, max-age=3000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 101ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-KXR170ZX48&gtm=45je3bt0v885896179z878307386&_p=1703260156080&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1050775466.1703260157&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703260156&sct=1&seg=0&dl=https%3A%2F%2Fbusg18.pics%2F&dt=%E9%89%84%E5%88%86%E3%81%9F%E3%81%A3%E3%81%B7%E3%82%8A%EF%BC%81%E6%9E%9C%E7%89%A9%EF%BC%95%E9%81%B8%E3%80%90%E3%81%8A%E3%81%99%E3%81%99%E3%82%81%E3%83%AC%E3%82%B7%E3%83%94%E3%80%91%20%7C%20%E7%BE%8E%E7%9A%84.com&en=page_view&_fv=1&_ss=1&ep.post_id_sgk=538244&ep.post_title_sgk=%E9%89%84%E5%88%86%E3%81%9F%E3%81%A3%E3%81%B7%E3%82%8A%EF%BC%81%E6%9E%9C%E7%89%A9%EF%BC%95%E9%81%B8%E3%80%90%E3%81%8A%E3%81%99%E3%81%99%E3%82%81%E3%83%AC%E3%82%B7%E3%83%94%E3%80%91&ep.post_date_sgk=2023-11-07%2017%3A30%3A18&ep.post_modified_sgk=2023-11-07%2017%3A31%3A21&ep.post_type_sgk=life-style&ep.term_sgk=&ep.postmeta_sgk=&ep.category_sgk=%E9%A3%9F%E3%83%BB%E3%83%AC%E3%82%B7%E3%83%94&ep.tag_sgk=%E3%81%9D%E3%81%AE%E4%BB%96%EF%BC%88%E9%A3%9F%E3%83%BB%E3%83%AC%E3%82%B7%E3%83%94%EF%BC%89&tfd=1579
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KXR170ZX48&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://busg18.pics
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 53ms
52ms Ping
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KXR170ZX48&cid=1050775466.1703260157&gtm=45je3bt0v885896179z878307386&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KXR170ZX48&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://busg18.pics
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 187ms
75ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KXR170ZX48&cid=1050775466.1703260157&gtm=45je3bt0v885896179z878307386&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1122669989

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 903 B
1 KB 375ms
122ms XHR
application/json 34.237.119.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=930635&slot=%7Bid:div-gpt-ad-1532149380246-0,ss:%5B1.1,200.2000,350.1000%5D,p:/18319668/biteki-pc/walljack-left_200x2000_top,t:display%7D&slot=%7Bid:div-gpt-ad-1532149466132-0,ss:%5B1.1,200.2000,350.1000%5D,p:/18319668/biteki-pc/walljack-right_200x2000_top,t:display%7D&slot=%7Bid:div-gpt-ad-1532149565970-0,ss:%5B1.1,1200.250,1200.450%5D,p:/18319668/biteki-pc/walljack-middle_1200x250_top,t:display%7D&slot=%7Bid:div-gpt-ad-1523947981624-0,ss:%5B1.1,970.250,728.90%5D,p:/18319668/biteki-pc/billboard-header_970x250_inner,t:display%7D&slot=%7Bid:div-gpt-ad-1523853068424-0,ss:%5B300.250%5D,p:/18319668/biteki-pc/rectangle-bottomleft_300x250_inner,t:display%7D&slot=%7Bid:div-gpt-ad-1523853134037-0,ss:%5B300.250%5D,p:/18319668/biteki-pc/rectangle-bottomright_300x250_inner,t:display%7D&slot=%7Bid:div-gpt-ad-1523852836334-0,ss:%5B300.600,1.1,300.250%5D,p:/18319668/biteki-pc/rectangle-premium_300x250_inner,t:display%7D&slot=%7Bid:div-gpt-ad-1523852947516-0,ss:%5B300.250,300.600%5D,p:/18319668/biteki-pc/rectangle-rightcolumnmiddle_300x250_inner,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=e34a54d8-bb5c-ce99-1253-c5b2e8a0b8b9&url=https%253A%252F%252Fbusg18.pics%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.119.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-119-189.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 821ede88c20629a967a843953a53e9f02b56121d765d45ed772c877132ba1eb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
server: nginx
x-server-name: app29.va.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://busg18.pics
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 utm.png
img.macromill.com/access/us000932eym/2000015291-f2/ 68 B
599 B 471ms
470ms Image
image/png 108.157.4.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.macromill.com/access/us000932eym/2000015291-f2/utm.png?r=&qs=&p=key1%3D%26key2%3D%26key3%3D%26key4%3D%26key5%3D%26key6%3D%26key7%3D%26key8%3D%26key9%3D%26key10%3D
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-24.dus51.r.cloudfront.net
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
last-modified: Fri, 22 Dec 2023 15:49:17 GMT
x-amz-cf-pop: DUS51-P2
etag: "b57248e07c365005a74c4e5d8def9fbb"
x-cache: Miss from cloudfront
content-type: image/png
p3p: CP='NON UNI CUR OUR'
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-length: 68
x-amz-cf-id: lnzWlMyRhbhWFcAOD2CgucBBA05YUlIxw2Xsndv2XCwQpkETfSMNcA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 2 KB
1 KB 181ms
154ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=538244.html&srcUrl=https%3A%2F%2Fbusg18.pics%2Ffeed.rss&idx=0&rand=63694&widgetJSId=AR_1&va=true&et=true&format=html&px=315&py=22677&vpd=21477&cw=640&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010564&sig=UDeHowNa&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fbusg18.pics%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 68ba2188449745c493ad970332492a55fe2130b1b35508d195f4fee25990a6b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Fri, 22 Dec 2023 15:49:17 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1703260157.279205,VS0,VE146
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21938-LGA, cache-fra-eddf8230061-FRA
x-traceid: c1ce3aa5d68f4823de1654459a98bb67
accept-ranges: bytes
content-length: 939
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 188ms
79ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-10554241-48&cid=1050775466.1703260157&jid=1852102832&_u=KGDAgEAjAAAAAGAAI~&z=1610783398

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 76ms
76ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-10554241-48&cid=1050775466.1703260157&jid=1852102832&_u=KGDAgEAjAAAAAGAAI~&z=1610783398

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
324 B 77ms
77ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-10554241-65&cid=1050775466.1703260157&jid=1402644982&_u=KGDAgEAjAAAAAGAAI~&z=1801091206

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 79ms
78ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-10554241-65&cid=1050775466.1703260157&jid=1402644982&_u=KGDAgEAjAAAAAGAAI~&z=1801091206

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj35zS0w.woff2
fonts.gstatic.com/s/notosansjp/v52/ 13 KB
13 KB 165ms
54ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj35zS0w.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

539b381a6e0a5a49d299867d9ab722ad7e41d01f07bbcb6bed4518b63f8d4b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 04:03:14 GMT
x-content-type-options: nosniff
age: 560762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13064
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 04:03:14 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2
fonts.gstatic.com/s/notosansjp/v52/ 42 KB
42 KB 265ms
154ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1ef167e3112a81527dac4791653d424da6848e92d7c642fa2ebd2e64f5656ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 01:48:38 GMT
x-content-type-options: nosniff
age: 568838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42600
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:11:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 01:48:38 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.115.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 259ms
148ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9566b2575ca4044c6c56271539fd2e015dc99c8a087460967de796d518dc9e65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:06:11 GMT
x-content-type-options: nosniff
age: 92585
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10812
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:33:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 14:06:11 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.116.woff2
fonts.gstatic.com/s/notosansjp/v52/ 9 KB
10 KB 234ms
124ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a04927eed0d57c4cad3d56e933bdeb5a9e06de9d9ebabbe99a732547f341e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 21:05:04 GMT
x-content-type-options: nosniff
age: 153852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9688
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:40:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 21:05:04 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.114.woff2
fonts.gstatic.com/s/notosansjp/v52/ 9 KB
9 KB 244ms
134ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10b0b9c13cd849d49186e2420fd0e6045e68012133b097b1c356ffbc9e6b4b76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 04:57:28 GMT
x-content-type-options: nosniff
age: 298308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9216
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:15:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 04:57:28 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.113.woff2
fonts.gstatic.com/s/notosansjp/v52/ 9 KB
9 KB 223ms
113ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d52ecdb7ab2edc1b144f2d86c9c567c26a9ce5f2d64416702d7eb854a849660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:27:11 GMT
x-content-type-options: nosniff
age: 598925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9120
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:01:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 17:27:11 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.88.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 328ms
218ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.88.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

172559f2bd12127a0d6fe83651ddc78eda1b1186b35e4985a232d2231761ddda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 05:54:17 GMT
x-content-type-options: nosniff
age: 294899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11072
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:01:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 05:54:17 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.117.woff2
fonts.gstatic.com/s/notosansjp/v52/ 7 KB
7 KB 325ms
215ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5be922c61278c45cc283eabbf51616c700e5faf818106af7b1f3bd4dbaeac87d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 18:43:22 GMT
x-content-type-options: nosniff
age: 335154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7352
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:40:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 18:43:22 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.95.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 174ms
64ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.95.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b4b2fa8a7e58b9de65587fd3e3258296b48b80eb3d66a57b712fea55608599

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 11:47:04 GMT
x-content-type-options: nosniff
age: 100932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11176
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:37:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 11:47:04 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.108.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 359ms
250ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.108.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f22977485ef9ecffafcd8cb81a2a6c71888debef654c7853135691c8b51deef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 04:01:30 GMT
x-content-type-options: nosniff
age: 301666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11808
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 04:01:30 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.106.woff2
fonts.gstatic.com/s/notosansjp/v52/ 13 KB
13 KB 345ms
235ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.106.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c16c1a385dd5f554ec1319058879b3a92534f04f38b80e183d30f2e0ae341b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 20:08:44 GMT
x-content-type-options: nosniff
age: 330032
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12980
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:57:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 20:08:44 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.112.woff2
fonts.gstatic.com/s/notosansjp/v52/ 9 KB
10 KB 357ms
247ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ac6dd53729b34b5a69face9edaa0029b1e0ecc6d31e405bbf6a9f785d2b0411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:51:06 GMT
x-content-type-options: nosniff
age: 284290
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:37:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:51:06 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.109.woff2
fonts.gstatic.com/s/notosansjp/v52/ 9 KB
9 KB 365ms
255ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db8f96bcf12465c1514dcf50df78b437f875221e220f976d1956ea038426a355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:55:02 GMT
x-content-type-options: nosniff
age: 284054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9160
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:31:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:55:02 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.110.woff2
fonts.gstatic.com/s/notosansjp/v52/ 10 KB
10 KB 329ms
221ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

801e002ecc49cda34ba6522e68b42677d5c66a3213d3cc031a719d1e704d20e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:17:43 GMT
x-content-type-options: nosniff
age: 282693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9872
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:06:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:17:43 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.83.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
12 KB 207ms
99ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.83.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01ea06fadcdcc5b9096b7b3bf5ae6edff46dff5451a72dd831f3f9657fc1bf68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 19:09:25 GMT
x-content-type-options: nosniff
age: 333591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11660
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:30:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 19:09:25 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.99.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 401ms
293ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.99.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20b7a5950e315383860c3ce5e34d9ec7fb1eb587343006d6808f71ba3212ff42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:38:06 GMT
x-content-type-options: nosniff
age: 310270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11776
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:57:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 01:38:06 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.107.woff2
fonts.gstatic.com/s/notosansjp/v52/ 10 KB
10 KB 349ms
242ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.107.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

229ee2a86094bf96086c2e19a274362a4f8eb1a0e11bd29907b1bef3eaf3fab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:04:31 GMT
x-content-type-options: nosniff
age: 283485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10212
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:51:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:04:31 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.105.woff2
fonts.gstatic.com/s/notosansjp/v52/ 10 KB
10 KB 347ms
239ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.105.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

596ad9a5fcc4869aedde664a49349b86a742fe5374496188eecc18e58fca019e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:58:46 GMT
x-content-type-options: nosniff
age: 283830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10472
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:34:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:58:46 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.111.woff2
fonts.gstatic.com/s/notosansjp/v52/ 10 KB
10 KB 407ms
300ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe4da0ee63d24cd5275b5e9fa83c1cf1ac6a49f6ab7f3b28264d8b0d17193cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 21:47:44 GMT
x-content-type-options: nosniff
age: 324092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10424
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:11:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 21:47:44 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.104.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 410ms
302ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27329635c6d8a92442b7687d3f2dc58e63868e5e9dc5a00bccb8e0392b374d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 21:11:23 GMT
x-content-type-options: nosniff
age: 326273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10972
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:17:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 21:11:23 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.93.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 336ms
229ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.93.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34458ad63b26d3f1340af710c0aa2b6bd8569cbb0954fa50f091a47668832913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 21:53:16 GMT
x-content-type-options: nosniff
age: 323760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10836
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:06:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 21:53:16 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.98.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
12 KB 407ms
301ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.98.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

336cd79c5396009a4b029d0bb3fd797e60b7089179e2f4daf15c1c5f7bdad33a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 22:36:41 GMT
x-content-type-options: nosniff
age: 321155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11504
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:36:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 22:36:41 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.89.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 350ms
245ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.89.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e2215127c515b7dc453590643e65e1d18304350946c7f03c4ef2038aee3b022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:04:31 GMT
x-content-type-options: nosniff
age: 283485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11128
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:15:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:04:31 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.91.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 330ms
225ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.91.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69b226236c373ba0134423fc579434b927f0719fce7870c8f1fc4c780eb0ee68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 23:22:45 GMT
x-content-type-options: nosniff
age: 59191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12056
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:51:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 23:22:45 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.100.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 296ms
191ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.100.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab57df5663b01787c125bd46926f1e6bb69580f240732e6d2e031829298576d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:04:31 GMT
x-content-type-options: nosniff
age: 283485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12564
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:02:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 09:04:31 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.96.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 389ms
284ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.96.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8adff0b9d2a3a5e05bdde6b49e96dd175e7f0dcfe913e92da09e413a134cd5ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 04:43:01 GMT
x-content-type-options: nosniff
age: 558375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12056
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:17:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 04:43:01 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.101.woff2
fonts.gstatic.com/s/notosansjp/v52/ 10 KB
10 KB 303ms
198ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.101.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d0a42b5d3fa69a1748d3ed353da45ade9a77d9f47ee0d3bb7b6741f3da3224e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 00:41:43 GMT
x-content-type-options: nosniff
age: 313653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10152
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 00:41:43 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.76.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 371ms
267ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.76.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

861d0b760d3b4e3d5f3ddd6f0470487c2e4abbd0b0ed5ee76239764fea3a1dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 23:18:54 GMT
x-content-type-options: nosniff
age: 318622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11356
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:11:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 23:18:54 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.87.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 308ms
203ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.87.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e727e46a1327bfd94fd16ddbce83cabdd5912c9af96a89cd4468284608d8763c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:39:28 GMT
x-content-type-options: nosniff
age: 310188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12056
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:17:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 01:39:28 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.84.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 393ms
288ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.84.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d3eacb76438a47b9e0c06bde1deafb35494c70c8eba25fbd504bda2a8eb45f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:10:48 GMT
x-content-type-options: nosniff
age: 311908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11568
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:06:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 01:10:48 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.94.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 387ms
282ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.94.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11bc7c3bf3ffde058348daba9b705a6cf5cdc536bfde64ac65b2c17055cdcfac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 19:35:38 GMT
x-content-type-options: nosniff
age: 591218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12212
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:39:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 19:35:38 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.103.woff2
fonts.gstatic.com/s/notosansjp/v52/ 10 KB
10 KB 315ms
212ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.103.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c10b4be23311add1ec14d62f14a2e77cafae70f88c44703336c937381a2a2ca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 21:38:38 GMT
x-content-type-options: nosniff
age: 324638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10272
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:37:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 21:38:38 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.92.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 388ms
286ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.92.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c743315a0f331b5fdf548079b9504acf9b9908810d628b71a4f643b42227e024

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:31:39 GMT
x-content-type-options: nosniff
age: 91057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11500
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 14:31:39 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.78.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
13 KB 383ms
280ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.78.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

325974629518ee22837d1d0b997b09311191fd4a6e7e11f4f6e7d32731ad9812

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 19:04:22 GMT
x-content-type-options: nosniff
age: 333894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12780
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:01:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 19:04:22 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.81.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 310ms
207ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.81.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

995ed30e5971e1618595e2edd929a155b4f884697fcbb108f920217a25ae002a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 23:01:41 GMT
x-content-type-options: nosniff
age: 319655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11024
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:57:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 23:01:41 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.118.woff2
fonts.gstatic.com/s/notosansjp/v52/ 10 KB
10 KB 394ms
292ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc7fe45db078b8395d7995216bc97c7ebf483b939096068d1f6494d6fd1056da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 17:18:27 GMT
x-content-type-options: nosniff
age: 340249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9836
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:29:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 17:18:27 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.86.woff2
fonts.gstatic.com/s/notosansjp/v52/ 10 KB
11 KB 359ms
258ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.86.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0df1160d44113ec606cbf1e131df9ce8d5d7ff1654310c3cd1607ba76cc9931f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:49 GMT
x-content-type-options: nosniff
age: 309267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10668
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:39:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 01:54:49 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.90.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 370ms
268ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.90.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d3fd918fd4182842380a269c9e4886f2ca444d55c051af3c0427faa5dd3b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 23:25:33 GMT
x-content-type-options: nosniff
age: 59023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12104
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:57:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 23:25:33 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.102.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 372ms
271ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.102.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd53835e5cff2d7d1e4e2c45efb1b0cddf361f523292cbaaad19cfce2789f96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 04:26:59 GMT
x-content-type-options: nosniff
age: 300137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11428
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:58:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 04:26:59 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.75.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 364ms
264ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.75.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4afd6fa84d3326769d6825ea59364242043286ce72947e3bf23aa51c2340528d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 20:31:43 GMT
x-content-type-options: nosniff
age: 328653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11980
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:06:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 20:31:43 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.97.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 353ms
253ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.97.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3c8880af2036f993508cad14cc12013df18d109ffe5cbf324161e0d52361d1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:53:05 GMT
x-content-type-options: nosniff
age: 284171
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11076
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:15:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:53:05 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.85.woff2
fonts.gstatic.com/s/notosansjp/v52/ 10 KB
11 KB 395ms
295ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.85.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

809262703aa650bd67618053e805248de84befd9be08b4c614b5de9bc9b8ca67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 03:37:41 GMT
x-content-type-options: nosniff
age: 303095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10652
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:58:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 03:37:41 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.69.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 361ms
262ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.69.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12b9c5f653ab78b781cf757c4e9bd7dbdbc64cfd5bb6951e0b2e9b345fd48260

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 14:18:16 GMT
x-content-type-options: nosniff
age: 351060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11492
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:15:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 14:18:16 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.77.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 359ms
260ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.77.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd2f0c3be92e362ef9ec6fe6bd785c234a94eca0c521905f218a7cfebb0dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:13:23 GMT
x-content-type-options: nosniff
age: 52553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10932
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:39:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Dec 2024 01:13:23 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.74.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 377ms
279ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.74.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

960a8e41a56a21bf1c68ab8197d6b5b565a271633edd576719bbd0c3cf5ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 20:11:36 GMT
x-content-type-options: nosniff
age: 329860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11420
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:06:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 20:11:36 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.79.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 375ms
277ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.79.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efa72846e62a8d9a4d74967f90125d592ac0f212813a93f9f6e76bc13ee58438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 03:34:18 GMT
x-content-type-options: nosniff
age: 303298
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12228
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:36:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 03:34:18 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.82.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 328ms
232ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.82.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405d8ed8bf81bc7c12e4a3d86562a74c883c19cb29fdefe285c45289650a1c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 04:00:46 GMT
x-content-type-options: nosniff
age: 215310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11908
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:40:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 04:00:46 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.72.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 380ms
290ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d87adffa6872b2908994e1d0fc5f5c6bd93649d98fa08f1d9c37bd331aa485de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 06:35:38 GMT
x-content-type-options: nosniff
age: 292418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12516
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:40:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 06:35:38 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.73.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 364ms
275ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.73.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81c79d7d0049349e0e035f25fed83869058d45ffa2acb408fcc9e15fb1a29d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 19:23:36 GMT
x-content-type-options: nosniff
age: 591940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11940
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:28:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 19:23:36 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.66.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 359ms
273ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.66.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e009054d80be96f40559f2aecfc93281fd39970a4fbff3e4ff44241c4e082355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 02:17:20 GMT
x-content-type-options: nosniff
age: 567116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11596
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:42:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 02:17:20 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.67.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 369ms
291ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.67.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

701f91582021a2c6e50e28eaf2ae14286431f53e209da07a166a0da842cab52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 14:30:48 GMT
x-content-type-options: nosniff
age: 91108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10968
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:39:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Dec 2024 14:30:48 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.80.woff2
fonts.gstatic.com/s/notosansjp/v52/ 11 KB
11 KB 254ms
183ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.80.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6473a8cac7416737b799474d7e48303f1aee13072faf32f1071d9ebcc85470db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 00:27:16 GMT
x-content-type-options: nosniff
age: 314520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11312
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:33:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 00:27:16 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.62.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 366ms
298ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.62.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

891e657e9226101b5aa3ddbc1f291a1c455a548e9df7f3b1351c1a8a98bd48e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 06:01:00 GMT
x-content-type-options: nosniff
age: 294496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11884
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:33:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 06:01:00 GMT

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.65.woff2
fonts.gstatic.com/s/notosansjp/v52/ 12 KB
12 KB 364ms
296ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.65.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3627f48460d0cb1d2b5a60472b076666830a7ec46a2accd944e4f9cc3c9f01e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 20 Dec 2023 21:36:17 GMT
x-content-type-options: nosniff
age: 151979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12224
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:30:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Dec 2024 21:36:17 GMT

GET
H2 403 /
rt.rtoaster.jp/t/ 0
0 49ms
11ms Script
text/html 104.102.50.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.rtoaster.jp/t/?a=RTA-4c13-9d99ea668add&m=&l=https%3A%2F%2Fbusg18.pics%2F&r=&p=item_code%3DBITEKI_538244%0Aitm_sids%3DIk3u9LBIVIk&i=0.2812403499178713&c=UTF-8
Requested by: Host: js.rtoaster.jp
URL: https://js.rtoaster.jp/Rtoaster.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.50.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-50-246.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
71 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJBSX7X&l=itm_dl1_1010434

Requested by

Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/1010434/0001/itm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2f5e77bd9b7dc32466144e81008267b0901bf32c9d339e640624ecae562ad59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72305
x-xss-protection: 0
last-modified: Fri, 22 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 22 Dec 2023 15:49:16 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ja_JP/ 298 KB
85 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ja_JP/sdk.js?hash=50d1a33ef572072580f1821e9dc221ca

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

056c4c3abd3cd3f8ac7996aebd6ae24ea03cbf9698780ca4f550438f1e45f897

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://busg18.pics/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 22 Dec 2023 15:49:16 GMT
content-md5: FDBBZbRHTvB2IY89ywpCeg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87056
reporting-endpoints
x-fb-debug: aIaDCT2wOt+TchRaXVEwj5GWcjsJWzbKAfUK1Fm3hUr0aSlbiNJ+3Wc2xTYMibvMAMAiz60xmdtarncQuIBStg==
x-fb-content-md5: d50fd85d48e3ae0b1cbe4ba2a0ca90f6
cross-origin-opener-policy: same-origin-allow-popups
etag: "21ac8e356fcf8b99b8c85ef40eca800f"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 21 Dec 2024 14:27:41 GMT

GET
H3 200 934368936736490 Show response
connect.facebook.net/signals/config/ 144 KB
37 KB 95ms
95ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/934368936736490?v=2.9.138&r=stable&domain=busg18.pics

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

49e4b138d77f5760066dd544d1353cfe620342738a100dca935bb93bd451586a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 22 Dec 2023 15:49:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 5dYiFFWm3uPCf/zHtDlCUI0l4mgbEkSAiZBhMBeSh0oNYuNp3GwQnAg25V72wazHJL7cKtSS74lsFH9DTUL+sw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

set
sync.im-apps.net/imid/ Frame 9797
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=intimatemerger_dmp&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=intimatemerger_dmp&google_cm=&google_tc=
https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEPV1eqJ7wEvK1rsCcxkYJ7c&google_cver=1

43 B
92 B

236ms
235ms

Image
image/gif

34.149.101.235
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEPV1eqJ7wEvK1rsCcxkYJ7c&google_cver=1
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol: H2
Server: 34.149.101.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.101.149.34.bc.googleusercontent.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
cache-control: private, max-age=3000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEPV1eqJ7wEvK1rsCcxkYJ7c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cs
yjtag.yahoo.co.jp/ Frame 9797
Redirect Chain

https://yjtag.yahoo.co.jp/csx?tp=wAiXPd0
https://sync.im-apps.net/imid/redirect?gdpr=1&cid=8144&tid=yid&uidpfx=%26uid%3D&url=https%3A%2F%2Fyjtag.yahoo.co.jp%2Fcs%3Fbtt%3Dqj1o7lbvm98gL4TuZp7caQOJpSjXWwABdmp6UQDkTVc%26tp%3DwAiXPd0
https://yjtag.yahoo.co.jp/cs?btt=qj1o7lbvm98gL4TuZp7caQOJpSjXWwABdmp6UQDkTVc&tp=wAiXPd0&uid=Yn_QnrngSOeY0KAU42Ac8A&gdpr=1

0
197 B

236ms
235ms

Image
text/plain

54.65.24.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yjtag.yahoo.co.jp/cs?btt=qj1o7lbvm98gL4TuZp7caQOJpSjXWwABdmp6UQDkTVc&tp=wAiXPd0&uid=Yn_QnrngSOeY0KAU42Ac8A&gdpr=1

Requested by

Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html

Protocol

Server

54.65.24.54 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-65-24-54.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
x-bt-requestid: aa664960-a0e1-11ee-93fb-0000ac1c42a8
x-content-type-options: nosniff
cache-control: private, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://yjtag.yahoo.co.jp/cs?btt=qj1o7lbvm98gL4TuZp7caQOJpSjXWwABdmp6UQDkTVc&tp=wAiXPd0&uid=Yn_QnrngSOeY0KAU42Ac8A&gdpr=1
date: Fri, 22 Dec 2023 15:49:17 GMT
cache-control: private, max-age=3000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 9797 43 B
395 B 223ms
191ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=980&p_user_id=Yn_QnrngSOeY0KAU42Ac8A

Requested by

Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-response-time: 184
date: Fri, 22 Dec 2023 15:49:17 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: bbb6461bdd7f2f8c
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: fdd66b5ca0853f92a2e45531d14ee8a1c721a0bb4a27601658367b74b8c2d6c2
content-length: 43

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9797 70 B
149 B 96ms
29ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=intmerger&ttd_tpi=1
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:16 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1 200
200 asr
aid.send.microad.jp/ Frame 9797 43 B
464 B 937ms
309ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/asr?v=1&code=9KxCwSzdigA&format=pixel&enc_params=Yn_QnrngSOeY0KAU42Ac8A

Requested by

Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:17 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 9797 0
166 B 53ms
16ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fb6.im-apps.net%2F1007854%2Fmap%2F%23PM_USER_ID
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 22 Dec 2023 15:49:16 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

set
sync.im-apps.net/imid/ Frame 9797
Redirect Chain

https://b1sync.zemanta.com/usersync/intimatemerger/?cb=https%3A%2F%2Fsync.im-apps.net%2Fimid%2Fset%3Fcid%3D1006749%26tid%3Dzid%26uid%3D__ZUID__&gdpr=0&gdpr_consent=&us_privacy=
https://sync.im-apps.net/imid/set?cid=1006749&tid=zid&uid=&gdpr=0

43 B
56 B

238ms
238ms

Image
image/gif

34.149.101.235
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.im-apps.net/imid/set?cid=1006749&tid=zid&uid=&gdpr=0
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol: H3
Server: 34.149.101.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.101.149.34.bc.googleusercontent.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
cache-control: private, max-age=3000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

Redirect headers

Location: https://sync.im-apps.net/imid/set?cid=1006749&tid=zid&uid=&gdpr=0
Pragma: no-cache
Date: Fri, 22 Dec 2023 15:49:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 100
Content-Type: text/html; charset=utf-8

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 25ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=934368936736490&ev=PageView&dl=https%3A%2F%2Fbusg18.pics%2F&rl=&if=false&ts=1703260156955&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1703260156954.997169822&cs_est=true&ler=empty&it=1703260156846&coo=false&rqm=GET

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 22 Dec 2023 15:49:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

activityi;dc_pre=COLLhsWyo4MDFfzNOwIdZxUI2Q;src=8731124;type=invmedia;cat=ufj070;ord=4886078669641;auiddc=2129863965.1703260157;u1=1010434;u2=0;gtm=45He3bt0v860142837;gcd=11l1l1l1l1;dma_cps=sypham;... Show response
8731124.fls.doubleclick.net/ Frame D182
Redirect Chain

https://8731124.fls.doubleclick.net/activityi;src=8731124;type=invmedia;cat=ufj070;ord=4886078669641;auiddc=2129863965.1703260157;u1=1010434;u2=0;gtm=45He3bt0v860142837;gcd=11l1l1l1l1;dma_cps=sypha...
https://8731124.fls.doubleclick.net/activityi;dc_pre=COLLhsWyo4MDFfzNOwIdZxUI2Q;src=8731124;type=invmedia;cat=ufj070;ord=4886078669641;auiddc=2129863965.1703260157;u1=1010434;u2=0;gtm=45He3bt0v8601...

507 B
410 B

82ms
78ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8731124.fls.doubleclick.net/activityi;dc_pre=COLLhsWyo4MDFfzNOwIdZxUI2Q;src=8731124;type=invmedia;cat=ufj070;ord=4886078669641;auiddc=2129863965.1703260157;u1=1010434;u2=0;gtm=45He3bt0v860142837;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fbusg18.pics%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJBSX7X&l=itm_dl1_1010434

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

f8a7ad878155dca953fec89ef8d5928545e4f1fd0dbb92a0b77c11102d92ae1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://busg18.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 301
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 15:49:17 GMT
expires: Fri, 22 Dec 2023 15:49:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 15:49:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8731124.fls.doubleclick.net/activityi;dc_pre=COLLhsWyo4MDFfzNOwIdZxUI2Q;src=8731124;type=invmedia;cat=ufj070;ord=4886078669641;auiddc=2129863965.1703260157;u1=1010434;u2=0;gtm=45He3bt0v860142837;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fbusg18.pics%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 beacon.html Show response
cf.im-apps.net/imid/ Frame 6807 2 KB
2 KB 7ms
7ms Document
text/html 2a02:26f0:480:25::1726:6212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cf.im-apps.net/imid/beacon.html
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 7edf5b2eb4905d5fcb547ca8e06b4e85c048eb127354ca301dad6b1b5582e64f

Request headers

Referer: https://busg18.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=86400
content-encoding: gzip
content-length: 1396
content-type: text/html
date: Fri, 22 Dec 2023 15:49:17 GMT
etag: "d7f3fa711e38a217c1172315ab7de5f0"
expires: Sat, 23 Dec 2023 15:49:17 GMT
last-modified: Tue, 03 Oct 2023 07:45:50 GMT
p3p: CP="NOI PSD OTR"
vary: Accept-Encoding
x-amz-replication-status: PENDING
x-amz-server-side-encryption: AES256

GET
H2 200 log.js Show response
dmp.im-apps.net/sdk/ 71 KB
23 KB 9ms
8ms Script
text/javascript 2a02:26f0:480:25::1726:6212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/log.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e0fcccc60d9e199431efe12dc8a20650a2c8860a4e2e403f953e03c9a16ace6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-amz-version-id: o8BHUbCkzkAkV8kcBln1vNUxMImIaFAg
content-encoding: gzip
date: Fri, 22 Dec 2023 15:49:17 GMT
last-modified: Fri, 22 Dec 2023 12:16:20 GMT
etag: "f694d2411443ff0bbab8ca8569672c74"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
p3p: CP="NOI PSD OTR"
cache-control: public, max-age=10118
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 22959
expires: Fri, 22 Dec 2023 18:37:55 GMT

GET
H2 200 beacon.gif
atm.im-apps.net/a/ 43 B
231 B 282ms
234ms Image
image/gif 34.120.216.28
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://atm.im-apps.net/a/beacon.gif?cid=1004154&c1=1010434&c2=GTM-WJBSX7X&c3=&c4=100&c5=&d=%2Fintimatemergercomplete
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.216.28 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 28.216.120.34.bc.googleusercontent.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
25 KB 332ms
332ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=896466930385474&correlator=1635319994268643&eid=31080056%2C31080115&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=18319668%2Cbiteki-pc%2Cwalljack-left_200x2000_top%2Cwalljack-right_200x2000_top%2Cwalljack-middle_1200x250_top%2Cbillboard-header_970x250_inner%2Crectangle-bottomleft_300x250_inner%2Crectangle-bottomright_300x250_inner%2Crectangle-premium_300x250_inner%2Crectangle-rightcolumnmiddle_300x250_inner&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9&prev_iu_szs=1x1%7C200x2000%7C350x1000%2C1x1%7C200x2000%7C350x1000%2C1x1%7C1200x250%7C1200x450%2C1x1%7C970x250%7C728x90%2C300x250%2C300x250%2C300x600%7C1x1%7C300x250%2C300x250%7C300x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1703260157130&lmt=1703260157&adxs=0%2C1400%2C200%2C315%2C315%2C655%2C985%2C985&adys=0%2C0%2C0%2C142%2C22746%2C22746%2C211%2C239&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C1%7C2%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fbusg18.pics%2F&vis=1&psz=1600x0%7C1600x0%7C1600x0%7C1600x0%7C320x-1%7C300x-1%7C300x28%7C300x28&msz=200x0%7C200x0%7C1200x0%7C1600x0%7C300x-1%7C300x-1%7C300x0%7C300x0&fws=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1050775466.1703260157&ga_sid=1703260157&ga_hid=1911377374&ga_fc=true&dlt=1703260156066&idt=632&prev_scp=id%3Da9b34dba-a0e1-11ee-9608-0eedbe6adc7d%26vw%3D40%2C50%2C60%7Cid%3Da9b34dbb-a0e1-11ee-9608-0eedbe6adc7d%26vw%3D40%2C50%2C60%7Cid%3Da9b34dbc-a0e1-11ee-9608-0eedbe6adc7d%26vw%3D40%2C50%2C60%7Cid%3Da9b34dbd-a0e1-11ee-9608-0eedbe6adc7d%26vw%3D40%2C50%2C60%7Cid%3Da9b34dbe-a0e1-11ee-9608-0eedbe6adc7d%26vw%3D40%2C50%7Cid%3Da9b34dbf-a0e1-11ee-9608-0eedbe6adc7d%26vw%3D40%2C50%7Cid%3Da9b34dc0-a0e1-11ee-9608-0eedbe6adc7d%26vw%3D40%2C50%7Cid%3Da9b34dc1-a0e1-11ee-9608-0eedbe6adc7d%26vw%3D40&cust_params=category_biteki%3Dlife-style%26url_biteki%3Dhttps%253A%252F%252Fwww.biteki.com%252F%26opeaud%3D33%252C37%252C38%252Ck%252C4a%252C4b%252C4e%252C2f%252C3g%252C3h%252C3j%252C3p%252C1p%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow&adks=2481090360%2C1874995465%2C667969305%2C3840979417%2C3677108485%2C4260764332%2C1157246081%2C273080894&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d8d763c8de6431273a0a2fc524d5505976d98772748595c2b30e380e1cec86f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25667
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,-1,5000201889
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-1,138309213646
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://busg18.pics
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 22B8 6 KB
3 KB 182ms
59ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://busg18.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 15:49:17 GMT
expires: Sat, 21 Dec 2024 15:49:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/da154528/www-widgetapi.vflset/ 216 KB
67 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 14:54:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3317
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68553
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 21 Dec 2024 14:54:00 GMT

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
597 B 8ms
8ms Script
text/javascript 2a02:26f0:480:25::1726:6212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: l.logly.co.jp
URL: https://l.logly.co.jp/lift_widget.js?adspot_id=4278370
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"
content-type: text/javascript
cache-control: private, max-age=14400
content-length: 445
expires: Fri, 22 Dec 2023 19:49:17 GMT

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 685ms
684ms Script
text/plain 18.66.248.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4278370&widget_id=9657&auc_id=&callback=_lgy_lift_callback_4278370&render_id=MTcwMzI2MDE1Nl8xX2VjMDFiNDZjZTdlMA%3D%3D&url=https%3A%2F%2Fbusg18.pics%2F&ref=
Requested by: Host: l.logly.co.jp
URL: https://l.logly.co.jp/lift_widget.js?adspot_id=4278370
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-43.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 15:49:18 GMT
Via: 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: DUS51-P1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: iiAg9YRCtYL82WiEjpMLGzP-4N5pnUXYXPKS2n9aUSJlaJS9VwnbZw==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 677ms
677ms Script
text/plain 18.66.248.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4185318&widget_id=3015&auc_id=&callback=_lgy_lift_callback_4185318&render_id=MTcwMzI2MDE1Nl8xX2VjMDFiNDZjZTdlMA%3D%3D&url=https%3A%2F%2Fbusg18.pics%2F&ref=
Requested by: Host: l.logly.co.jp
URL: https://l.logly.co.jp/lift_widget.js?adspot_id=4185318
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-43.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 15:49:18 GMT
Via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: DUS51-P1
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: yYjUd0pz0HkWg8snGy1BXYJcnztPRZVkRfvgD4toTyrGJg3mn_9VLQ==

GET
H3 200 segment Show response
sync.im-apps.net/imid/ 143 B
157 B 237ms
237ms Script
application/javascript 34.149.101.235
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.im-apps.net/imid/segment?token=NXOXe5JGQJYxiIkb8Mzm7Q&callback=TDIM.callback.tij17032601571882341.im_callback&need_created=True
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/sdk/tdim-1.1.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.101.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.101.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 9291b2cca23e946dc35c3d4570695705ade0446fd1a9ba0f6abd951f82fa3608

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
cache-control: private, max-age=3000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143
content-type: application/javascript

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 902ms
251ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=e6d241fa-9fd8-4661-961d-f71015b3b8b3&b_u=https%3A%2F%2Fbusg18.pics%2F&b_d=busg18.pics&b_p=%2F&b_t=%E9%89%84%E5%88%86%E3%81%9F%E3%81%A3%E3%81%B7%E3%82%8A%EF%BC%81%E6%9E%9C%E7%89%A9%EF%BC%95%E9%81%B8%E3%80%90%E3%81%8A%E3%81%99%E3%81%99%E3%82%81%E3%83%AC%E3%82%B7%E3%83%94%E3%80%91%20%7C%20%E7%BE%8E%E7%9A%84.com&c_t=lap&t_id=5bc195a0-c934-4a1f-98d1-427a2674e683&s_id=2e8978f8-486f9fed&x4=100&e=pv&v=3.4.1&_t=1703260157196
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:18 GMT
Cache-Control: private, no-store, no-cache, must-revalidate
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3

200

set
sync.im-apps.net/imid/ Frame 6807
Redirect Chain

https://sync.dmp.fout.jp/serve/?id=3920&mt=47
https://sync.im-apps.net/imid/set?cid=3947&tid=foid&uid=zvIY4YOg0wsBDmrHsOk1y4epvdI

43 B
56 B

238ms
237ms

Image
image/gif

34.149.101.235
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.im-apps.net/imid/set?cid=3947&tid=foid&uid=zvIY4YOg0wsBDmrHsOk1y4epvdI
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol: H3
Server: 34.149.101.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.101.149.34.bc.googleusercontent.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:18 GMT
cache-control: private, max-age=3000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 22 Dec 2023 15:49:18 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://sync.im-apps.net/imid/set?cid=3947&tid=foid&uid=zvIY4YOg0wsBDmrHsOk1y4epvdI
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

set
sync.im-apps.net/imid/ Frame 6807
Redirect Chain

https://sync.shinobi.jp/v2/sync/ne?r=https%3A%2F%2Fsync.im-apps.net%2Fimid%2Fset%3Fcid%3D10338%26tid%3Dsid%26uid%3D
https://sync.im-apps.net/imid/set?cid=10338&tid=sid&uid=3fe7bd62-08ac-48d9-a4d0-19d6e7311fdf

43 B
56 B

236ms
236ms

Image
image/gif

34.149.101.235
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.im-apps.net/imid/set?cid=10338&tid=sid&uid=3fe7bd62-08ac-48d9-a4d0-19d6e7311fdf
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol: H3
Server: 34.149.101.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.101.149.34.bc.googleusercontent.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:18 GMT
cache-control: private, max-age=3000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: openresty
p3p: CP='UNI CUR OUR'
access-control-allow-origin: *
location: https://sync.im-apps.net/imid/set?cid=10338&tid=sid&uid=3fe7bd62-08ac-48d9-a4d0-19d6e7311fdf
cache-control: no-cache , must-revalidate
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 53700
tags.bluekai.com/site/ Frame 6807 62 B
218 B 198ms
146ms Image
image/gif 2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/53700?limit=1&id=Yn_QnrngSOeY0KAU42Ac8A
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 22 Dec 2023 15:49:17 GMT
content-length: 62
content-type: image/gif

GET
H3

200

set
sync.im-apps.net/imid/ Frame 6807
Redirect Chain

https://cr-p10000.ladsp.com/pid/10000
https://cr-p10000.ladsp.com/cr/10000
https://sync.im-apps.net/imid/set?cid=7064&tid=lid&uid=ATmd1AVg9VGnks8AED1M6Fx5480nEA

43 B
56 B

236ms
236ms

Image
image/gif

34.149.101.235
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.im-apps.net/imid/set?cid=7064&tid=lid&uid=ATmd1AVg9VGnks8AED1M6Fx5480nEA
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol: H3
Server: 34.149.101.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.101.149.34.bc.googleusercontent.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:18 GMT
cache-control: private, max-age=3000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
via: 1.1 de6f29922e4f6a0a826069fcec45fde6.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: DUS51-P4
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://sync.im-apps.net/imid/set?cid=7064&tid=lid&uid=ATmd1AVg9VGnks8AED1M6Fx5480nEA
cache-control: no-cache
content-length: 0
x-amz-cf-id: SmR4BgfywYHbOSfG4ob6OVQzHkVnizxFzWhqhpL2_ih0194ukuSxhg==
expires: -1

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 6807
Redirect Chain

https://dpm.demdex.net/ibs:dpid=14701&dpuuid=Yn_QnrngSOeY0KAU42Ac8A
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=14701&dpuuid=Yn_QnrngSOeY0KAU42Ac8A

42 B
715 B

30ms
30ms

Image
image/gif

54.194.146.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=14701&dpuuid=Yn_QnrngSOeY0KAU42Ac8A

Requested by

Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html

Protocol

Server

54.194.146.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-146-163.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-076076086.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: eb+AOAajTYs=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-052072f40.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: lmL53xi9RBI=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=14701&dpuuid=Yn_QnrngSOeY0KAU42Ac8A
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3

200

set
sync.im-apps.net/imid/ Frame 6807
Redirect Chain

https://gum.criteo.com/sync?c=263&r=1&a=1&u=https%3A%2F%2Fsync.im-apps.net%2Fimid%2Fset%3Fcid%3D1000531%26tid%3Dgid%26uid%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=263&r=1&a=1&u=https%3A%2F%2Fsync.im-apps.net%2Fimid%2Fset%3Fcid%3D1000531%26tid%3Dgid%26uid%3D%40USERID%40
https://sync.im-apps.net/imid/set?cid=1000531&tid=gid&uid=ZdaGBiyQJuFgQ4424FOv7Rm16n2roCy8

43 B
56 B

238ms
238ms

Image
image/gif

34.149.101.235
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.im-apps.net/imid/set?cid=1000531&tid=gid&uid=ZdaGBiyQJuFgQ4424FOv7Rm16n2roCy8
Requested by: Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol: H3
Server: 34.149.101.235 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 235.101.149.34.bc.googleusercontent.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cf.im-apps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
cache-control: private, max-age=3000
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

Redirect headers

location: https://sync.im-apps.net/imid/set?cid=1000531&tid=gid&uid=ZdaGBiyQJuFgQ4424FOv7Rm16n2roCy8
date: Fri, 22 Dec 2023 15:49:16 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 903205
content-length: 0

POST
H2 204 tracker
b.im-apps.net/ 0
186 B 290ms
235ms Ping
text/plain 34.120.190.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.im-apps.net/tracker
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/log.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.190.172 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.190.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://busg18.pics/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://busg18.pics
date: Fri, 22 Dec 2023 15:49:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 7ms
7ms Script
application/javascript 2a02:26f0:480:25::1726:6212
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:25::1726:6212 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a4ff1a40b43ba34c62af7cf45052ceb1c13245f71b78d2f95e608cdf40f0cdb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-amz-version-id: L0stj9fu2baJtFSqDN5xi.x1sC_BpRf6
content-encoding: gzip
date: Fri, 22 Dec 2023 15:49:17 GMT
last-modified: Tue, 28 Nov 2023 07:46:54 GMT
etag: "e6a2a84ae62614db599e7097dbb3813f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2438
expires: Fri, 22 Dec 2023 18:49:17 GMT

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
171 B 349ms
270ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01HJ93EXBQ0ZT48BXD1MB6HPCP
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

access-control-allow-origin: https://busg18.pics
date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 dc_pre=COLLhsWyo4MDFfzNOwIdZxUI2Q;src=8731124;type=invmedia;cat=ufj070;ord=4886078669641;auiddc=*;u1=1010434;u2=0;gtm=45He3bt0v860142837;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;...
adservice.google.com/ddm/fls/z/ Frame D182 42 B
401 B 203ms
89ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COLLhsWyo4MDFfzNOwIdZxUI2Q;src=8731124;type=invmedia;cat=ufj070;ord=4886078669641;auiddc=*;u1=1010434;u2=0;gtm=45He3bt0v860142837;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fbusg18.pics%2F

Requested by

Host: 8731124.fls.doubleclick.net
URL: https://8731124.fls.doubleclick.net/activityi;dc_pre=COLLhsWyo4MDFfzNOwIdZxUI2Q;src=8731124;type=invmedia;cat=ufj070;ord=4886078669641;auiddc=2129863965.1703260157;u1=1010434;u2=0;gtm=45He3bt0v860142837;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fbusg18.pics%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8731124.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pageviews Show response
in.treasuredata.com/js/v3/event/cosmi_9534/ 137 B
358 B 438ms
99ms Script
application/javascript 52.45.249.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/cosmi_9534/pageviews?api_key=7848%2Fc36d29f4b95a6b844abc08749d0e41de472dcb62&data=eyJ1dG1hIjoidW5kZWZpbmVkIiwiY3VzdG9tX3R5cGUiOiJ1bmRlZmluZWQiLCJjdXN0b21fcmFuayI6InVuZGVmaW5lZCIsImN1c3RvbV9wcmljZSI6InVuZGVmaW5lZCIsImNhdGVnb3J5IjoibGlmZS1zdHlsZSIsImltaWQiOiJZbl9RbnJuZ1NPZVkwS0FVNDJBYzhBIiwiaW1pZF9jcmVhdGVkIjoxNzAzMjYwMTU2LCJzZWdtZW50X2VpZHMiOiI5S0pxdDdlN0hrayIsInRkX2NsaWVudF9pZCI6ImIxNDYwNjFlLTY5ZDEtNDA0OS1jYmYwLWY1YzgwMjM0YTIwNyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi6YmE5YiG44Gf44Gj44G344KK77yB5p6c54mp77yV6YG444CQ44GK44GZ44GZ44KB44Os44K344OU44CRIHwg576O55qELmNvbSIsInRkX3VybCI6Imh0dHBzOi8vYnVzZzE4LnBpY3MvIiwidGRfaG9zdCI6ImJ1c2cxOC5waWNzIiwidGRfcGF0aCI6Ii8iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjI4IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfdmVyc2lvbiI6InRkaW1qczEuMi41In0%3D&modified=1703260157188&callback=TDIM.callback.tij17032601571882341.td_callback

Requested by

Host: cf.im-apps.net
URL: https://cf.im-apps.net/sdk/tdim-1.1.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.249.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-249-56.compute-1.amazonaws.com

Software

Resource Hash

649a714547a694fbdbc215dbedff1349f1fe9975f77b3eb1b46f64b26605e18e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:18 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 106
Content-Type: application/javascript

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
356 B 371ms
92ms Fetch
text/plain 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=f75b0da0700d060e3d9d3e3a59da60cf_-1_1703260157366&tm=984&eT=0&widgetWidth=640&widgetHeight=0&widgetX=315&widgetY=23206&wRV=2010564&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=684&oo=true&lo=1133&obreq=1088&mvreq=1633&mvres=2315&cet=4g&to=1703260155114.3&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:17 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 91a64559e3a87aa10f53babe64ee644c
Content-Length: 6

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 2 KB
1 KB 211ms
211ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=538244.html&srcUrl=https%3A%2F%2Fbusg18.pics%2Ffeed.rss&idx=1&rand=21068&widgetJSId=AR_2&va=true&et=true&format=html&t=NDg0MjI2Yjk3ZGQxMGJkZmQwNjg0ODI1YmIzZDVmZTQ=&px=315&py=23176&vpd=21976&cw=640&settings=true&recs=true&key=NANOWDGT01&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=1&activeTab=true&version=2010564&sig=UDeHowNa&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fbusg18.pics%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 963589c5c0456c821783dc689064c1255c875402311b161c4b109bfc354bc2a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Fri, 22 Dec 2023 15:49:17 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1703260157.439149,VS0,VE204
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21968-LGA, cache-fra-eddf8230061-FRA
x-traceid: 465ff5991013ca2de5847865615a7b1a
accept-ranges: bytes
content-length: 937
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame 171F 4 KB
2 KB 12ms
12ms Document
text/html 184.30.17.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer: https://busg18.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Fri, 22 Dec 2023 15:49:17 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Fri, 29 Dec 2023 15:49:17 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 container.html Show response
41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DCDE 6 KB
3 KB 52ms
51ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://busg18.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 15:49:17 GMT
expires: Sat, 21 Dec 2024 15:49:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8120 0
0 90ms
90ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2dW7ssiPNgOeLmvo7pY1bAQoicc5AcmqUhtD_FoYJjpCz6TrcL2hpXSwn6HjSdSJzqTYxCYMFZjZ9Wi51nEartGVq7-8kl_WCkG-LWP-ubR6NnE4hyG5xxZVW8BEgoTNIuCjmLA6m88H1pMthfRjW4WAXNe0bZyB85Hu7uSLjKwmTaQcUtf1Xl8vjwYVhqj8BaCXyrpLeaAGZG7bbeaA_1FT3S3tRvjpVfSbH0Fpuzf9mN-BEvLBOEscLEyJiJtbe1uMIlFrRMDiAjLdqr_pJA0jEIrdZBxg8R2BBFFS4N7lJoyM6YVawnDoavZ7GIyVtIT0QCInHFKA2sHJjIITnCQU19lnNdvD4ReEtpa4E9stki1hohMdIBHcBqHayqwu3&sai=AMfl-YTOutfxRCCXXEKZYdyGNh34EN3Y54R1LFMn5ijT3xCYan7Fi-ZW924V0ACoTSpLl2qY8v_FXl9AiEWotBjislR8D6Ruea24lEQuinX13ioUZ1u9X1pwv2_QgaymfQ&sig=Cg0ArKJSzM_-0sdAGm_0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 85CE 47 KB
13 KB 310ms
107ms Script
application/javascript 34.237.119.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=930635&campId=300x250&pubId=33711428&chanId=21702921002&placementId=5000201889&pubCreative=138309213646&pubOrder=2503394866&cb=1608489060&adsafe_par&impId=a9b34dc1-a0e1-11ee-9608-0eedbe6adc7d
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.119.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-119-189.compute-1.amazonaws.com
Software: /
Resource Hash: a9e8b9c1835f278ce12dee5160d5f11c1a573b8d1ffdba0de79ab8e23fd6316d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8120 203 KB
65 KB 212ms
103ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 15:49:17 GMT

GET
H2

200

15811652767643750783
tpc.googlesyndication.com/pimgad/ Frame 8120
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD75IewVxCsAhj6ASgBMgjfpH9LCn1Gsg
https://tpc.googlesyndication.com/pimgad/15811652767643750783

13 KB
14 KB

52ms
51ms

Image
image/png

2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pimgad/15811652767643750783

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68d9bea0210febda0161583bf5966c7bfeac07ce71059408625a33901b2e41d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Thu, 19 Dec 2024 01:40:58 GMT
date: Wed, 20 Dec 2023 01:40:58 GMT
x-content-type-options: nosniff
age: 223699
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13556
x-xss-protection: 0
last-modified: Mon, 18 Mar 2019 11:10:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

Redirect headers

date: Fri, 22 Dec 2023 05:58:36 GMT
x-content-type-options: nosniff
server: cafe
age: 35441
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/pimgad/15811652767643750783
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 21 Jan 2024 05:58:36 GMT

POST
H/1.1 200
OK / Show response
bs.nakanohito.jp/b3/ 0
375 B 279ms
278ms XHR
text/html 124.33.183.216
UCOM ARTERIA Netw...

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.nakanohito.jp/b3/
Requested by: Host: bs.nakanohito.jp
URL: https://bs.nakanohito.jp/b3/bi.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 124.33.183.216 Nakano, Japan, ASN17506 (UCOM ARTERIA Networks Corporation, JP),
Reverse DNS: 124x33x183x216.ap124.ftth.ucom.ne.jp
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://busg18.pics/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 22 Dec 2023 15:49:17 GMT
Server: nginx
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://busg18.pics
P3P: policyref="http://b.nakanohito.jp/w3c/p3p.xml", CP="NOI DSP COR ADM DEV PSA OUR IND UNI COM NAV INT STA"
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame DCDE 18 KB
8 KB 116ms
51ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:17:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 22 Dec 2023 16:17:50 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DCDE 36 KB
14 KB 212ms
101ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce44d9d3620877fb90e5a0dc690fb51323242adfd601d2d327e623488f94c67d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 04:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14395
x-xss-protection: 0
server: cafe
etag: 62258312933698035
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 04:12:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DCDE 3 KB
1 KB 178ms
67ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:17:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19892
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 10:17:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame DCDE 20 KB
9 KB 162ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50098
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 01:54:19 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DCDE 0
0 60ms
60ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSVxeLyp0n7It8Hw_64rcv2rYs68bG_cIteBmFRtLCscFlj8o0lG5FpxhvlDOTJVkM6RcI-ozODBeH1mwaAAyrQelKP8A
Requested by: Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCDE 203 KB
64 KB 268ms
204ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 15:49:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame DCDE 23 KB
9 KB 168ms
57ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60540
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 23:00:17 GMT

GET
H2 200 d6f0c749d887aad2c139d059c77da0c7.json Show response
js.glossom.jp/json/ 965 B
1 KB 24ms
8ms Fetch
application/json 2a04:4e42::738
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js.glossom.jp/json/d6f0c749d887aad2c139d059c77da0c7.json
Requested by: Host: js.glossom.jp
URL: https://js.glossom.jp/gaat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::738 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4e458a81ad4af6b43616dae2e1dceeb3ae1d61e951652a2755a8cf094498b558

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Fri, 22 Dec 2023 13:33:57 GMT
date: Fri, 22 Dec 2023 15:49:17 GMT
via: 1.1 varnish
age: 948
x-guploader-uploadid: ABPtcPoWGoSNeHnxgb0x5DAgeaODS6NuuGln2XCvuaVDoLTNnWWyilPsH4JPH8FOhAbmvy4h2s5RhkTrag
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-length: 965
x-served-by: cache-fra-eddf8230063-FRA
last-modified: Fri, 22 Dec 2023 12:22:02 GMT
server: UploadServer
x-timer: S1703260158.630630,VS0,VE2
etag: "ed81b9122e0c191b91270dd97af9f994"
vary: Origin
x-goog-generation: 1703247722817716
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=Y52YXQ==, md5=7YG5Ei4MGRuRJw3Zevn5lA==
cache-control: public, max-age=3600
access-control-allow-methods: GET,HEAD,POST
x-goog-stored-content-length: 965
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 ope-mediaconsortium.js Show response
cdn.opecloud.com/ 71 KB
15 KB 52ms
10ms Script
application/javascript 108.157.4.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.opecloud.com/ope-mediaconsortium.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-16.dus51.r.cloudfront.net
Software: nginx/1.24.0 /
Resource Hash: 3561c9a17d4efea30c4e792274577aedd29c32ed614e0f1f79dd8f808b06227c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:03:38 GMT
content-encoding: gzip
via: 1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
last-modified: Tue, 19 Dec 2023 10:22:44 GMT
server: nginx/1.24.0
x-amz-cf-pop: DUS51-P2
age: 2740
etag: W/"65816ef4-11d9e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=604800, public
x-amz-cf-id: 0Ny8CpzRhvTKasOOe3VUsIAjJcsTgUT8BMwqxaaDSEXUSDe_ghFzMw==
expires: Fri, 29 Dec 2023 15:03:38 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 36ms
6ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230091-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4YKEL52KHF

Requested by

Host: js.glossom.jp
URL: https://js.glossom.jp/gaat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5daf96d193f1c7cc27e54944135ce083edec8467ef31782cffe29b624558a227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Dec 2023 15:49:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 79ms
79ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4YKEL52KHF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TS2HF4S

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

718ca92f50befdf24810931bbb887575f155a242714bd25c55874b297f411b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91686
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Dec 2023 15:49:17 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 58ms
58ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1911377374&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbusg18.pics%2F&ul=en-us&de=UTF-8&dt=%E9%89%84%E5%88%86%E3%81%9F%E3%81%A3%E3%81%B7%E3%82%8A%EF%BC%81%E6%9E%9C%E7%89%A9%EF%BC%95%E9%81%B8%E3%80%90%E3%81%8A%E3%81%99%E3%81%99%E3%82%81%E3%83%AC%E3%82%B7%E3%83%94%E3%80%91%20%7C%20%E7%BE%8E%E7%9A%84.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Quant&ea=ReadRate&el=0%25&_u=KGDAgEAjAAAAAGAAI~&jid=1216688721&gjid=827143737&cid=1050775466.1703260157&tid=UA-193632926-16&_gid=538160950.1703260157&_slc=1&z=247471184

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://busg18.pics/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://busg18.pics
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 53ms
53ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-193632926-16&cid=1050775466.1703260157&jid=1216688721&gjid=827143737&_gid=538160950.1703260157&_u=KGDAgEAjAAAAAGAAI~&z=1654510390

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://busg18.pics/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 22 Dec 2023 15:49:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://busg18.pics
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 52ms
52ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1911377374&t=pageview&_s=2&dl=https%3A%2F%2Fbusg18.pics%2F&ul=en-us&de=UTF-8&dt=%E9%89%84%E5%88%86%E3%81%9F%E3%81%A3%E3%81%B7%E3%82%8A%EF%BC%81%E6%9E%9C%E7%89%A9%EF%BC%95%E9%81%B8%E3%80%90%E3%81%8A%E3%81%99%E3%81%99%E3%82%81%E3%83%AC%E3%82%B7%E3%83%94%E3%80%91%20%7C%20%E7%BE%8E%E7%9A%84.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGDAgEAjAAAAAGAAI~&jid=&gjid=&cid=1050775466.1703260157&tid=UA-193632926-16&_gid=538160950.1703260157&z=1852603090

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 13:42:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7624
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame 7F54 495 B
664 B 1038ms
242ms Document
text/html 35.74.209.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: l.logly.co.jp
URL: https://l.logly.co.jp/lift_widget.js?adspot_id=4278370
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.74.209.225 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-74-209-225.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://busg18.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Fri, 22 Dec 2023 15:49:18 GMT
etag: "65850819-1ef"
last-modified: Fri, 22 Dec 2023 03:52:57 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D399
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
555 B

30ms
7ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: l.logly.co.jp
URL: https://l.logly.co.jp/lift_widget.js?adspot_id=4278370
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://busg18.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Dec 2023 15:49:17 GMT
ETag: "280525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 22 Dec 2023 15:49:17 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
356 B 249ms
92ms Fetch
text/plain 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=9600b94e0d73a7b64e58cbdd4be550cb_-1_1703260157533&tm=1201&eT=0&widgetWidth=640&widgetHeight=0&widgetX=315&widgetY=23206&wRV=2010564&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=213&oo=true&lo=1133&obreq=1088&mvreq=2321&mvres=2534&cet=4g&to=1703260155114.3&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:17 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 9e3e40de901b43559c385d12298c025e
Content-Length: 6

GET
H2 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame DCDE 59 KB
23 KB 106ms
105ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 23:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318238
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 17 Dec 2024 23:25:19 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D399 45 KB
13 KB 16ms
14ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 0365692d8e0d5051941db1f32f5f61d913d45be260b6030f38616703a3a51d4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 22 Dec 2023 14:29:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81558
Connection: keep-alive
Content-Length: 13201
Expires: Sat, 23 Dec 2023 14:28:35 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame D399 7 B
380 B 56ms
8ms XHR
application/json 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: f2725c115d816cae2dce6044d9cf3fcf
Expires: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 77ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4YKEL52KHF&gtm=45je3bt0v9100406918&_p=1703260156080&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1050775466.1703260157&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703260157&sct=1&seg=0&dl=https%3A%2F%2Fbusg18.pics%2F&dt=%E9%89%84%E5%88%86%E3%81%9F%E3%81%A3%E3%81%B7%E3%82%8A%EF%BC%81%E6%9E%9C%E7%89%A9%EF%BC%95%E9%81%B8%E3%80%90%E3%81%8A%E3%81%99%E3%81%99%E3%82%81%E3%83%AC%E3%82%B7%E3%83%94%E3%80%91%20%7C%20%E7%BE%8E%E7%9A%84.com&en=scroll&_fv=1&_ss=1&_ee=1&epn.percent_scrolled=0&tfd=2708
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4YKEL52KHF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://busg18.pics
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 53ms
53ms Ping
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4YKEL52KHF&cid=1050775466.1703260157&gtm=45je3bt0v9100406918&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4YKEL52KHF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://busg18.pics
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 87ms
87ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4YKEL52KHF&cid=1050775466.1703260157&gtm=45je3bt0v9100406918&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1589778447

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B26189844.308361386;dc_ver=99.292;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=153378422;ord=sdu0bv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCXhyM_a-FZZTiDOui9u8PqOWEyAmwkLL... Show response
ad.doubleclick.net/ddm/adj/N834873.3159GOOGLE/ Frame DCDE 94 KB
35 KB 172ms
85ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N834873.3159GOOGLE/B26189844.308361386;dc_ver=99.292;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=153378422;ord=sdu0bv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCXhyM_a-FZZTiDOui9u8PqOWEyAmwkLLZdKWo29W4Ef_Ror3AARABIIyk0yFgleKQgqAHoAGmiKLZA8gBCakCmXW2BN1CqT7gAgCoAwHIAwKqBIwCT9A_BNTNUOTKCS8PbLNUMFZGHxdhA4MOgfx4wHNWMF3B-gszMuPmmdos55V9Wjtq1Nqf-O8RfO2nY3ex9a88VbTKUvtBVKFbhkQICPqzvh14FWttQHeMLx83YGpp1jvTZdmC3KfLqU9dDoyd7gHECKhLlWdWvaT00zYr44jjJs8SMcwNCL-IILEvPPeTnd3RAGRXpFYLGgMoJoob8NGDnZzRdjtDO06D3k-tr1mOk5Q7kaA4TIgiX7UPSWfzK-L2zU_JuOqEBNE1hLJR3VUysJkoQWmo0yfq5n2JxZrjllj_QqSwgO_Bq43Ad2vP7Hzk-8LhdRks17S-ydNHDupWwvpT67-vgHbVmSXUTcAEmIiX-bAE4AQBiAXd_MutNKAGEYAHu_nzoQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj3woPFsqODA4AKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQLaDBEKCxCAr_qFt_jVjMMBEgIBA6oNAkRFyA0B4g0TCLichMWyo4MDFWuR_QcdqDIBmdgTDdAVAfgWAYAXAQ%26ase%3D2%26gclid%3DEAIaIQobChMI1NSFxbKjgwMVa5H9Bx2oMgGZEAEYASAAEgKa5fD_BwE%26num%3D1%26cid%3DCAQSOwAvHhf_N0gFTOoGYxNqDG9oSHOWXV-id-_r7SutH0qBDXCTu_Epo18nyfR5WRT4ARS0291tMq129V4HGAE%26sig%3DAOD64_3v9T4D3Dc98fslYk8dFCMdISW73Q%26client%3Dca-pub-5926142822591200%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fbusg18.pics%2F$0;xdt=1;crlt=DdlalOTw*n;stc=1;chaa=1;sttr=169;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

2e996c3c794ff6f3d953f0ea28e3eae198d8a493eaeaaa4e83fdef842fdd8c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35532
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8120 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50c8eb4c5df5450445502181eeb1cde94d9e84fbe9120bcb13a9a1b111a353c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 main.19.8.466.js Show response
static.adsafeprotected.com/ Frame 85CE 213 KB
67 KB 40ms
8ms Script
application/javascript 2600:9000:223f:e600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.466.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930635&campId=300x250&pubId=33711428&chanId=21702921002&placementId=5000201889&pubCreative=138309213646&pubOrder=2503394866&cb=1608489060&adsafe_par&impId=a9b34dc1-a0e1-11ee-9608-0eedbe6adc7d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:53:12 GMT
x-amz-version-id: xzgJjX2ySahBlQ72zDUgnxljnut_sNmJ
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 759366
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 13 Dec 2023 19:37:51 GMT
server: AmazonS3
etag: W/"eac384b0904b6f5677cb58a4d4e104c8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: NkhXpBtx8hXmFjH5Pr_A2QoAo9368pdraPhbbiBg1xGjl8i_BBmK1w==

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/1.9.2/ 34 KB
13 KB 86ms
20ms Script
application/javascript 3.160.212.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/1.9.2/td.min.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.212.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-212-25.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac195780e6b3c57034d94552b0f55c450879151bee089547f4de05b0db8b5a37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 24 Nov 2023 20:01:43 GMT
Content-Encoding: gzip
Via: 1.1 e7e7f392b3d444a9690697e824d644ec.cloudfront.net (CloudFront)
Age: 2404056
X-Amz-Cf-Pop: MXP53-P3
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Thu, 21 Dec 2017 00:23:31 GMT
Server: AmazonS3
Etag: W/"502f07067956c3fc1e64f138e8e4322b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: PmLf60MbqZ0ovEKKs9zRSetL9kBehC37IoTANM4Z34MEfNuusnfRVQ==

GET
H/1.1 200
200 aid Show response
aid.send.microad.jp/ 23 B
530 B 310ms
310ms Script
text/javascript 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to

Full URL

https://aid.send.microad.jp/aid?code=wAfDYNqni1s&v=v1&cb=microadTd.BTK.sync

Requested by

Host: d-cache.microad.jp
URL: https://d-cache.microad.jp/js/td_btk_access.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

f10db3e3971151644679b15eed1dbc9c9ce14057e2e2827a24fb976ab04eab43

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:18 GMT
Strict-Transport-Security: max-age=3600
X-Content-Type-Options: nosniff
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 23
X-XSS-Protection: 1; mode=block

GET
H2 200 tr
universe.send.microad.jp/ 43 B
370 B 942ms
309ms Image
image/gif 202.233.84.7
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://universe.send.microad.jp/tr?service_id=1367&url=https%3A%2F%2Fbusg18.pics%2F&url_macro=&referrer=&referrer_macro=&cbt=1811703260157973&kv_set=%5B%7B%7D%5D

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.233.84.7 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:19 GMT
strict-transport-security: max-age=86400;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8120 0
0 90ms
89ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBRe0Kd-Ru_C8jEvzFTqrVw3Vvay8EprJ-oERVqKkAq_sdgHLnxhdvM2BUlSl9g8m2sc2JmhLMOzBLD1IH0_AxwTJ7cwWrBtRmVBryZMkzGCtMCcF3q0rpwNE-s2pXLmwTH_OMkA3wTZeLggeMB0JIhytrvVPfY5gYb6eAoxjpr-gB5b1-TujhWzcK0R-YP3193B5kC9TiQLljUvMyWP79LAusWV_U0UN2DBx8O3jX_nbqDLEAkbk2j497wrjTo6ahlbr32ITaeP1tws_1oF31RtT0iW6Vrtnf_TdctNnbTGTAEfe_xyw16nApvPbZEe6qL5hJwjak_3iCTmYDjx8qWESal5ywxF9GH3XxItaw_LD1zjLaQVUlmyV6lkxLs2EEjKE&sai=AMfl-YRH61gq9fb0zXzw4MCieafsO2u5FaPCIref5yAutMQMpgUeZ9dX14VtG8aOzTSfmIvIpKVNWJ62xTmsxfuXn0NmhPfAvlThFoPP0c2JKhXLRZIsYit2_IeqHt4avw&sig=Cg0ArKJSzLbEBxw_UNaNEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Dec 2023 15:49:18 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/766968/55786941/ Frame DCDE 255 KB
77 KB 191ms
33ms Script
application/javascript 99.81.22.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/766968/55786941/skeleton.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.22.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-22-6.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5dd9eccbe1921e6ccc4d7f4e4c6533a7598b4d3d09dc991e88f56b3852d89de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame DCDE 111 KB
39 KB 210ms
51ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
Origin: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 20:46:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 22 Dec 2023 20:46:38 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame DCDE 11 KB
4 KB 210ms
52ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N834873.3159GOOGLE/B26189844.308361386;dc_ver=99.292;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=153378422;ord=sdu0bv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3Dl%26ai%3DCXhyM_a-FZZTiDOui9u8PqOWEyAmwkLLZdKWo29W4Ef_Ror3AARABIIyk0yFgleKQgqAHoAGmiKLZA8gBCakCmXW2BN1CqT7gAgCoAwHIAwKqBIwCT9A_BNTNUOTKCS8PbLNUMFZGHxdhA4MOgfx4wHNWMF3B-gszMuPmmdos55V9Wjtq1Nqf-O8RfO2nY3ex9a88VbTKUvtBVKFbhkQICPqzvh14FWttQHeMLx83YGpp1jvTZdmC3KfLqU9dDoyd7gHECKhLlWdWvaT00zYr44jjJs8SMcwNCL-IILEvPPeTnd3RAGRXpFYLGgMoJoob8NGDnZzRdjtDO06D3k-tr1mOk5Q7kaA4TIgiX7UPSWfzK-L2zU_JuOqEBNE1hLJR3VUysJkoQWmo0yfq5n2JxZrjllj_QqSwgO_Bq43Ad2vP7Hzk-8LhdRks17S-ydNHDupWwvpT67-vgHbVmSXUTcAEmIiX-bAE4AQBiAXd_MutNKAGEYAHu_nzoQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbEC2AcA0ggfCIDhgBAQARgdMgKqAjoCgEBIvf3BOlj3woPFsqODA4AKA5gLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQLaDBEKCxCAr_qFt_jVjMMBEgIBA6oNAkRFyA0B4g0TCLichMWyo4MDFWuR_QcdqDIBmdgTDdAVAfgWAYAXAQ%26ase%3D2%26gclid%3DEAIaIQobChMI1NSFxbKjgwMVa5H9Bx2oMgGZEAEYASAAEgKa5fD_BwE%26num%3D1%26cid%3DCAQSOwAvHhf_N0gFTOoGYxNqDG9oSHOWXV-id-_r7SutH0qBDXCTu_Epo18nyfR5WRT4ARS0291tMq129V4HGAE%26sig%3DAOD64_3v9T4D3Dc98fslYk8dFCMdISW73Q%26client%3Dca-pub-5926142822591200%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Fbusg18.pics%2F$0;xdt=1;crlt=DdlalOTw*n;stc=1;chaa=1;sttr=169;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 23:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57922
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Jan 2024 23:43:56 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame DCDE 41 KB
14 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 596650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 18:05:08 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 6BDF 1 KB
1001 B 203ms
52ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23748
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 09:13:30 GMT
etag: 48472445140208031
expires: Sat, 23 Dec 2023 09:13:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DCDE 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce2506bb4135cb1096c195e82b6b83b783e6f56f0bcf3823d02725cb61592dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E002 38 KB
13 KB 52ms
51ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 282951
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:13:27 GMT
expires: Wed, 18 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 531ms
531ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/biteki.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:18 GMT
x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.25
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Fri, 22 Dec 2023 16:49:18 GMT

GET
H/1.1 200 recommend Show response
discoveryplus.popin.cc/popin_discovery/ 52 KB
23 KB 1308ms
731ms Script
application/javascript 119.63.198.176
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://discoveryplus.popin.cc/popin_discovery/recommend?mode=new&rid=300284&url=https%3A%2F%2Fbusg18.pics%2F&&device=pc&media=busg18.pics&extra=windows&agency=popinag&topn=50&ad=10&r_category=all&uid=57b62095f2675b2aa7a1703256558183&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjI4IFNhZmFyaS81MzcuMzYiLCJ1c2VyX3RkX3JlZmVycmVyIjoiIiwidXNlcl90ZF9wYXRoIjoiLyIsInVzZXJfdGRfY2hhcnNldCI6InV0Zi04IiwidXNlcl90ZF9sYW5ndWFnZSI6ImVuLXVzIiwidXNlcl90ZF9jb2xvciI6IjI0LWJpdCIsInVzZXJfdGRfdGl0bGUiOiIlRTklODklODQlRTUlODglODYlRTMlODElOUYlRTMlODElQTMlRTMlODElQjclRTMlODIlOEElRUYlQkMlODElRTYlOUUlOUMlRTclODklQTklRUYlQkMlOTUlRTklODElQjglRTMlODAlOTAlRTMlODElOEElRTMlODElOTklRTMlODElOTklRTMlODIlODElRTMlODMlQUMlRTMlODIlQjclRTMlODMlOTQlRTMlODAlOTElMjAlN0MlMjAlRTclQkUlOEUlRTclOUElODQuY29tIiwidXNlcl90ZF91cmwiOiJodHRwczovL2J1c2cxOC5waWNzLyIsInVzZXJfdGRfcGxhdGZvcm0iOiJXaW4zMiIsInVzZXJfdGRfaG9zdCI6ImJ1c2cxOC5waWNzIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTcwMzI2MDE1ODE4NCwiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&alg=ltr&callback=_p6_9ae91dab3b1c
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/biteki.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 724640a5260f52e19ff71a5825b27e6bb8b5ba35673d0ec08dc2c3bf9f26aaef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:19 GMT
Content-Encoding: gzip
Server: nginx/1.13.5
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 156 KB
43 KB 546ms
545ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/biteki.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 2c78537370db283e881520b103a2f8198613f89d54eaa13dd566137d029c8fc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:18 GMT
x-amz-version-id: Ob3Rg3l4X4hYCDKCZi4TBB1j2gDUvWNq
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Thu, 14 Dec 2023 10:19:50 GMT
Server: nginx
ETag: W/"7f4851f932ed60220942b1f8c3704083"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 22 Dec 2023 16:49:18 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 829ms
265ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yOCBTYWZhcmkvNTM3LjM2IiwiYXBpX2hvc3QiOiJqcC5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJidXNnMTgucGljcyIsInVybCI6Imh0dHBzOi8vYnVzZzE4LnBpY3MvIiwibG9jIjoiaHR0cHM6Ly9idXNnMTgucGljcy8iLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjggU2FmYXJpLzUzNy4zNiIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSJ9&t=1703260158185
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:19 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 801ms
266ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6ImpwLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImJ1c2cxOC5waWNzIiwidXJsIjoiaHR0cHM6Ly9idXNnMTgucGljcy8iLCJ1aWQiOiI1N2I2MjA5NWYyNjc1YjJhYTdhMTcwMzI1NjU1ODE4MyIsInRkX3RpdGxlIjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjYsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yOCBTYWZhcmkvNTM3LjM2In0=&t=1703260158187
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:19 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2

200

pbfs.gif
tagger.opecloud.com/appnexus/
Redirect Chain

https://mediaconsortium.tagger.opecloud.com/mediaconsortium/v2/pixel.gif?url=https%3A%2F%2Fbusg18.pics%2F&ref=&tref=&tz=-1&screen=1600x1200x24&dcRegion=eu-central-1&cmpstatus=notrequired&e=%5B%5D&f...
https://mediaconsortium.tagger.opecloud.com/mediaconsortium/v2/pixel.gif?e=%5B%5D&tref=&url=https%3A%2F%2Fbusg18.pics%2F&tz=-1&trackability-redirect=true&ref=&fpid=7016bc7e-92f1-4411-ae5c-3d0b6dafa...
https://cm.g.doubleclick.net/pixel?google_nid=1plusx_dmp&google_cm&state=2-0ZE1On5Hy%2FpAQq88B77%2FlZ4FzxKMBMk%3D&source=mediaconsortium
https://tagger.opecloud.com/dbm/opecs.gif?state=2-0ZE1On5Hy%2FpAQq88B77%2FlZ4FzxKMBMk%3D&source=mediaconsortium&google_gid=CAESEMThPSGIkUTc7TVNH9VU6lQ&google_cver=1
https://secure.adnxs.com/getuid?https%3A%2F%2Ftagger.opecloud.com%2Fappnexus%2Fpbfs.gif%3Fsource%3Dmediaconsortium%26state%3D2-MjHOLRntpVq%252BEKhqaNXNXGbnoTuipss%253D%26puid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Ftagger.opecloud.com%252Fappnexus%252Fpbfs.gif%253Fsource%253Dmediaconsortium%2526state%253D2-MjHOLRntpVq%25252BEKhqaNXNXGbnoTuipss%25...
https://tagger.opecloud.com/appnexus/pbfs.gif?source=mediaconsortium&state=2-MjHOLRntpVq%2BEKhqaNXNXGbnoTuipss%3D&puid=4150191517615403994

35 B
211 B

12ms
12ms

Image
image/gif

18.194.126.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tagger.opecloud.com/appnexus/pbfs.gif?source=mediaconsortium&state=2-MjHOLRntpVq%2BEKhqaNXNXGbnoTuipss%3D&puid=4150191517615403994
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Server: 18.194.126.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-126-143.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 51
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
an-x-request-uuid: 485179ec-337c-4fd9-841f-06f6cc538ab3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://tagger.opecloud.com/appnexus/pbfs.gif?source=mediaconsortium&state=2-MjHOLRntpVq%2BEKhqaNXNXGbnoTuipss%3D&puid=4150191517615403994
x-proxy-origin: 185.213.155.165; 185.213.155.165; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame E002 39 KB
15 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:32:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 10:32:57 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 6BDF 0
104 B 136ms
67ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEFQjcnCphOqOi8crVaHf5DE&google_cver=1&google_push=AXcoOmTVt3kCXQM2EVBHek0Nd5KiCPrWhXLPA8fAFbkW_lYpBwyioQREJ4mpwrpcqA1mePKE_-HL4aQcElTHZj0TcZxLhZS4y8Hz_g
Requested by: Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6BDF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENaGlonWGQQQ0OF95ABRtKg&google_push=AXcoOmQxIMSpQjSGySVcAxf2V-7B1fOsj97O1KwwVqBSCODRuVnK1J9hnc...

170 B
188 B

48ms
48ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENaGlonWGQQQ0OF95ABRtKg&google_push=AXcoOmQxIMSpQjSGySVcAxf2V-7B1fOsj97O1KwwVqBSCODRuVnK1J9hncJNfkW9eErHPP4TYyLBHiYSVo5aVyl6cnHpQhEu5LHR

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230031-FRA
pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1703260158.312243,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENaGlonWGQQQ0OF95ABRtKg&google_push=AXcoOmQxIMSpQjSGySVcAxf2V-7B1fOsj97O1KwwVqBSCODRuVnK1J9hncJNfkW9eErHPP4TYyLBHiYSVo5aVyl6cnHpQhEu5LHR
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 6BDF 70 B
148 B 30ms
29ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEF5r-739Fv8fdGCf5yhQn7M&google_cver=1&google_push=AXcoOmTz1LFf3nsUgjKws3vgvBBxJtMt-0QKxRYRj23QfZF6bFAeGseom0zNUBZ6IVAh4VE2OiV7hMzSy78tHuS3hytsH9tLggeZ6w
Requested by: Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:18 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6BDF
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESECga7mlZVK0AZOWDVi_BW7I&google_cver=1&google_push=AXcoOmTjNMPujfrG3SCfS-S-eowiW5V3QK7g97LBa09LAfm8gbhe_EKyFTSI6D3V_bb7F0GJ5W5L6WGwnCI2NErRnxyR3gE...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESECga7mlZVK0AZOWDVi_BW7I&google_cver=1&google_push=AXcoOmTjNMPujfrG3SCfS-S-eowiW5V3QK7g97LBa09LAfm8gbhe_EKyFTSI6D3V_bb7F0GJ5W5L6WGwnCI2NErRnxyR3...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTjNMPujfrG3SCfS-S-eowiW5V3QK7g97LBa09LAfm8gbhe_EKyFTSI6D3V_bb7F0GJ5W5L6WGwnCI2NErRnxyR3gEvnR5d7A

170 B
188 B

47ms
47ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTjNMPujfrG3SCfS-S-eowiW5V3QK7g97LBa09LAfm8gbhe_EKyFTSI6D3V_bb7F0GJ5W5L6WGwnCI2NErRnxyR3gEvnR5d7A

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmTjNMPujfrG3SCfS-S-eowiW5V3QK7g97LBa09LAfm8gbhe_EKyFTSI6D3V_bb7F0GJ5W5L6WGwnCI2NErRnxyR3gEvnR5d7A
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6BDF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOOETU5TfwNlk808rdME9Tk&google_cver=1&google_push=AXcoOmTLKlCK1KMMyQTgnb2oyPtwv4bSKZssx_s16g32SE0nIfYQliyYwVvFtagetiRjB6qQuO1KZqTb...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOOETU5TfwNlk808rdME9Tk&google_cver=1&google_push=AXcoOmTLKlCK1KMMyQTgnb2oyPtwv4bSKZssx_s16g32SE0nIfYQliyYwVvFtagetiRjB6qQuO1...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM4MjA5NjUxNzE5NDY1NDA2Mg&google_push=AXcoOmTLKlCK1KMMyQTgnb2oyPtwv4bSKZssx_s16g32SE0nIfYQliyYwVvFtagetiRjB6qQuO1KZq...

170 B
188 B

49ms
49ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM4MjA5NjUxNzE5NDY1NDA2Mg&google_push=AXcoOmTLKlCK1KMMyQTgnb2oyPtwv4bSKZssx_s16g32SE0nIfYQliyYwVvFtagetiRjB6qQuO1KZqTbUgzQSkNY5BBuBi8YGwXPFg

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM4MjA5NjUxNzE5NDY1NDA2Mg&google_push=AXcoOmTLKlCK1KMMyQTgnb2oyPtwv4bSKZssx_s16g32SE0nIfYQliyYwVvFtagetiRjB6qQuO1KZqTbUgzQSkNY5BBuBi8YGwXPFg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 6BDF 43 B
236 B 74ms
20ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFjzX_kiLosTt6UdBLExvNk&google_cver=1&google_push=AXcoOmSwgpqU_yShQKyA0SKOhm52V9_ukZNaiytBXydbR3Vh_ImAgOUjC9QFP5Z3-xKG_uDx4RhStFfV9lRYKwoHmd1sO7xMU4znPQ
Requested by: Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 6BDF 43 B
146 B 100ms
8ms Image
image/gif 18.198.94.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESENb-A9VZ5TIlfllOmHm-LvI&google_cver=1&google_push=AXcoOmTY53g2SChfypLPsd8iZsfxNq0rdBbbwSrggE-jHpL_R0Mt2DmANgODTPK29wpJyRmjCwLoj1PnFyU96NHZMRqi2tLMnkW6nxI
Requested by: Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.94.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-94-178.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 6BDF 0
12 B 43ms
43ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LhPlA_r9TNgLDZuyBbMBCp5o9DTwx4V3UvkwvfDyu7XmLjhccJafTR97nfFLAsC4u8P84qOw

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:18 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 220ms
192ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=58206101-4f2a-4378-98ce-cecc02a696b1&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ed97a160-6195-42d1-97cf-ccd84509d984&tw_document_href=https%3A%2F%2Fbusg18.pics%2F&tw_iframe_status=0&txn_id=o51ox&type=javascript&version=2.3.29

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-response-time: 186
date: Fri, 22 Dec 2023 15:49:18 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 08e820349dc22046
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 8af434971576e64adee25be0bf7c4f3c0cb05d24ebf3daa8318f4844230890c1
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
447 B 111ms
111ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=58206101-4f2a-4378-98ce-cecc02a696b1&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ed97a160-6195-42d1-97cf-ccd84509d984&tw_document_href=https%3A%2F%2Fbusg18.pics%2F&tw_iframe_status=0&txn_id=o51ox&type=javascript&version=2.3.29

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 22 Dec 2023 15:49:18 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 1f06c94273eff885
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: fdd66b5ca0853f92a2e45531d14ee8a1c721a0bb4a27601658367b74b8c2d6c2
content-length: 43

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame DCDE
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/766968/55786941/4.js?adContainerId=brand_safety__a-FZeicOsGc9u8Plf2XwAg&cbFunctionName=goog_wrapCb__a-FZeicOsGc9u8Plf2XwAg&true_pb=https%3A%2F%2Fstatic.adsafep...
https://static.adsafeprotected.com/4.js?adContainerId=brand_safety__a-FZeicOsGc9u8Plf2XwAg&cbFunctionName=goog_wrapCb__a-FZeicOsGc9u8Plf2XwAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpass...

1 KB
1 KB

9ms
8ms

Script
application/javascript

2600:9000:223f:e600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety__a-FZeicOsGc9u8Plf2XwAg&cbFunctionName=goog_wrapCb__a-FZeicOsGc9u8Plf2XwAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js
Requested by: Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:e600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-amz-version-id: vKEhI2DDF7x4y1d6KCleNAEq1uB6J8K1
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
date: Wed, 20 Dec 2023 19:37:42 GMT
x-amz-cf-pop: FRA56-P5
age: 159097
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 13 Dec 2023 19:37:39 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: oWgn43P6SQQz7gzW0SpPaARSVB-XsmDSZBN0cgubv_IPs6eRpNCqCg==

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: nginx
x-server-name: app01.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js?adContainerId=brand_safety__a-FZeicOsGc9u8Plf2XwAg&cbFunctionName=goog_wrapCb__a-FZeicOsGc9u8Plf2XwAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame EC06 91 KB
23 KB 8ms
8ms Script
application/javascript 2600:9000:223f:e600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 8005208
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: G1Q5_1Ow9xmmSOWQS4VruYxUzTe5mWJMAXXZjnvmuQ9zvLilezqWRw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DCDE 43 B
215 B 324ms
102ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=766968&asId=381b8d2f-8f34-056e-d310-bfa0299bbc60&tv=%7Bc:xxQGkW,pingTime:-3,time:40,type:v,clog:%5B%7Bpiv:-1,vs:o,r:h,w:300,h:0,t:13%7D,%7Bpiv:0,r:l.h,t:40%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:41,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l.h,bkn:%7Bpiv:%5B35~1,1~0%5D,as:%5B36~300.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZbs2Nc+11%7C12%7C13%7C14%7C15*.766968-55786941%7C151%7C152%7C161%7C17%7C18,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:14%7D&br=c
Requested by: Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: nginx
x-server-name: dt32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DCDE 43 B
215 B 323ms
103ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=766968&asId=381b8d2f-8f34-056e-d310-bfa0299bbc60&tv=%7Bc:xxQGkX,pingTime:-6,time:41,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:42,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l.h,bkn:%7Bpiv:%5B35~1,2~0%5D,as:%5B37~300.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZbs2Nc+11%7C12%7C13%7C14%7C15*.766968-55786941%7C151%7C152%7C161%7C17%7C18,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:14%7D&tpiLookup=ao:busg18.pics*&br=c
Requested by: Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: nginx
x-server-name: dt30.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DCDE 43 B
215 B 316ms
101ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=766968&asId=381b8d2f-8f34-056e-d310-bfa0299bbc60&tv=%7Bc:xxQGl4,pingTime:-2,time:48,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:568,mdZ:815,beA:819,beZ:820,mfA:823,cmA:823,inA:824,inZ:826,prA:826,prZ:829,si:833,poA:834,poZ:847,cmZ:847,mfZ:847,loA:861,loZ:862,ltA:867,ltZ:867%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:o,r:h,w:300,h:0,t:13%7D,%7Bpiv:0,r:l.h,t:40%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:48,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l.h,bkn:%7Bpiv:%5B35~1,8~0%5D,as:%5B43~300.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZbs2Nc+11%7C12%7C13%7C14%7C15*.766968-55786941%7C151%7C152%7C161%7C17%7C18,idMap:15*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:14,sinceFw:34,readyFired:true%7D&br=c
Requested by: Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: nginx
x-server-name: dt29.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCDE 203 KB
64 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Dec 2023 15:49:18 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/ Frame 9B60 83 KB
27 KB 164ms
52ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c77d86299bb6b3a906a066999665946dfc69ed1e90fec12d1b7fda549e3d5d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17356
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 27187
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 11:00:02 GMT
expires: Sat, 21 Dec 2024 11:00:02 GMT
last-modified: Tue, 28 Nov 2023 19:19:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DCDE 0
0 166ms
73ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssSzkFhRN40akdLzABQDKB_YneAhF5DAxKM_CWBdDD3IZL5yRQClYGYyOHW0z9iXZ6GtnZiYnRlc5XXxPvK4kylnn-bOCat63RL3pOUZeFF1PSDG94nlp6CM7E5YC-5eHePBnD_PmcUSbEScRveSlREhk_4qjIf9Yv-&sai=AMfl-YQ0QJi3JhrxNYs2ENYSKrnGMHyyS2O1B-QkSUfR9B7HAlvsdIOiisOINezdbA0bhUf7b5n5CGOoXqHXwF8i8CtLhpcwwBDv7tbQgQ&sig=Cg0ArKJSzCupl6UCOHlTEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=302&cbvp=1&cstd=301&cisv=r20231207.11483&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 29B8 91 KB
23 KB 8ms
8ms Script
application/javascript 2600:9000:223f:e600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:e600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 8005208
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: -s0XbNI48Ow2gUn-j9UlWKbC8eC2ACxlohackaXUzonb1UBTmsyv9g==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 130ms
130ms Image
image/gif 34.237.119.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=930635&campId=300x250&pubId=33711428&chanId=21702921002&placementId=5000201889&pubCreative=138309213646&pubOrder=2503394866&cb=1608489060&adsafe_par&impId=a9b34dc1-a0e1-11ee-9608-0eedbe6adc7d&adsafe_url=https%3A%2F%2Fbusg18.pics%2F&adsafe_type=abcedfq&adsafe_jsinfo=,id:a535e8ec-f3e1-46a0-8be5-f8efa979908e,c:xxQGlL,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-7949887ccd-r6trf,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:985.839.300.250,am:i,cc:985.839.300.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:476,mot:0,app:0,maw:0,fm:tZbs2GN+11%7C12%7C13%7C14%7C151%7C1521%7C153%7C154%7C16*.930635%7C161%7C17%7C18,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:488,oid:aa22ffc5-a0e1-11ee-8e0c-fe49e254bed2,v:19.8.466,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.119.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-119-189.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: nginx
x-server-name: app64.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 154ms
153ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930635&asId=a535e8ec-f3e1-46a0-8be5-f8efa979908e&tv=%7Bc:xxQGm1,pingTime:0,time:504,type:pf,im:%7BpBlk:497%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:488%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:504,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:488,wc:0.0.1600.1200,ac:985.839.300.250,am:i,cc:985.839.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B26~100%5D,as:%5B26~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tZbs2GN+11%7C12%7C13%7C14%7C151%7C1521%7C153%7C154%7C16*.930635%7C161%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:488%7D&br=c
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 155ms
155ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930635&asId=a535e8ec-f3e1-46a0-8be5-f8efa979908e&tv=%7Bc:xxQGm5,pingTime:-2,time:508,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:409,beZ:409,mfA:885,cmA:885,inA:885,inZ:888,prA:888,prZ:893,si:897,poA:897,bl:906,poZ:906,cmZ:906,mfZ:906,loA:914,loZ:916,ltA:917,ltZ:917,mdA:410,mdZ:820%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:488%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:508,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:488,wc:0.0.1600.1200,ac:985.839.300.250,am:i,cc:985.839.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B30~100%5D,as:%5B30~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tZbs2GN+11%7C12%7C13%7C14%7C151%7C1521%7C153%7C154%7C16*.930635%7C161%7C17%7C18,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:488,slid:%5Bgoogle_ads_iframe_/18319668/biteki-pc/rectangle-rightcolumnmiddle_300x250_inner_0,google_ads_iframe_/18319668/biteki-pc/rectangle-rightcolumnmiddle_300x250_inner_0__container__,div-gpt-ad-1523852947516-0,SideArea,MainArea,Wapper%5D,sinceFw:19,readyFired:true%7D&br=c
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: nginx
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E002 0
20 B 88ms
88ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQpqm_a-FZeicOsGc9u8Plf2XwAgAAAAAOAHgBAI&bg=!vL-lv_DNAAY3kmNgF5I7ADQBe5WfOMevQHqmk69KM0aJCneATWb361secxLDca20eyhI9V4tJbvcz3gRq_AyaisrFoHHAgAAAHFSAAAAAmgBBwoAFzKU2bZOLmwEvIPQyHun0wvoAUbchSAamQNde6W2Q5iwBHAcutb6V6CSxTrkT9adaBmey5EHr6mt3t_67NIdZv2OCt_g24WhVtwtFXulxZz5P7ITwTmh98363W1svESsTk-GdGJM9CRaHRJFpFr7C7xarmVlAhShkSVX756SPSFgmyjhutGFzOUkDBX6bAq_hA7b8evtDr8R4W7G_o8MLOWWX_m38GwQX5iQhKhwx2H7KrNT_hPwnSXlUL0VUzSL0KbeoGjT9cIoeid6oSZKnGgWX0dmCxI2T_9cjHfZ0g8RrEtO-iNX0GEv1eKRdJ-KkRz84XuxyZ_TMxKzWeFDVH7GXCzCL-bj0zYSJn2_v8CegDQ06EQWq__fNhGYDpjsyRAquIGNaikWKEThhk9LiEkz7jegKL_9Zo9Yat4lB6olUg7Cb1UmtH1RjivFsy7wbDbmogaogi-lMuDF5biUqx0ulcFJ3rZmeticrdO4QEv-u0FM7wQ3D3HhCh2YpCSEkSk0Bn8b1uSSuEBf5Y_K6zxFpJmPwcQEusRPjvkiStZeuvlEFhX8z9R0GH4cWJMj2MlxF7j4QPnlus677J1kLVe46XyvsgX7fHUyMtQ9hHQqpqsScfp6LodyuadfWZU6P1ENUA69OfIyrfQqdsWwHLl8AYvTgcZo8vBLWhm2S_hTBVVzuRP-nzZTwWTD-A24eP00LGmRrDXzyj24T-j9NwGjpyB9F6Eni7MDgu2tzPa2aeE7Xuo6-McdXDkJ-2uEwH3dhdL1IM63tp_sn1i8DxEPSOLQCnj_cfMEr1zuCq2xT3fzrlvY8MRiGntxfNOf021h46P-SihX8Cbmvx1822Wvt29LhZbfv46brVgU7KND3VTFmO5YxrCcv9Rvoa3r4h_t_nxWSXGvHamqLi0SHZiRcsYWmgIQnt3j1BFlcI5gNj_Dt3WP6nLX1yoEFhtsfU9OqK4TM0Ai0NOaVYrCwQCCnqwOBB0AiHLYnKPhUHgUbBdYbmuRLV8JIO8I7Z3KbJhAZ07qAXkEwl8UyQcca7gkRuUxdBX3aiihtKd5r3eB0LeVxJstN0Xfi5l7wfjL6UJ94GQJsjbp3WE7DltM5UpYMsrotBZuqcbV8qHQ5PdGCjwd_dHsAQE9GA8M4HfX7ckeXG2MKSOJIULVqkTXRt_hZDAaPhkJ

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 154ms
154ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930635&asId=a535e8ec-f3e1-46a0-8be5-f8efa979908e&tv=%7Bc:xxQGnn,time:588,type:e,im:%7BpWait:7%7D,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:588,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:488,wc:0.0.1600.1200,ac:985.839.300.250,am:i,cc:985.839.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B110~100%5D,as:%5B110~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tZbs2GN+11%7C12%7C13%7C14%7C151%7C1521%7C153%7C154%7C16*.930635%7C161%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:488%7D&br=c
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DCDE 43 B
216 B 172ms
100ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=766968&asId=381b8d2f-8f34-056e-d310-bfa0299bbc60&tv=%7Bc:xxQGnn,time:191,type:e,im:%7Bimprf:%7Bttecl:368,ecd:100,tsecr:3%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:81,o:110,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l.h,bkn:%7Bpiv:%5B35~1,70~0%5D,as:%5B105~300.0%5D%7D%7D,%7Bsl:i,t:110,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B81~100%5D,as:%5B81~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZbs2GN+11%7C12%7C13%7C14%7C15*.766968-55786941%7C151%7C152%7C16.930635%7C161%7C17%7C18,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:14,sis:117%7D&br=c
Requested by: Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: nginx
x-server-name: dt31.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 AirCanadaHorizontal.svg.js Show response
s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/ Frame 9B60 3 KB
1 KB 53ms
53ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/AirCanadaHorizontal.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87efe00b52483b10fd8a3a6aeebcdbe7f85647fffb4cdd00b73f6b7df222aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 11:00:08 GMT
date: Tue, 19 Dec 2023 11:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1447
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:19:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Skytrax-Logo.svg.js Show response
s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/ Frame 9B60 38 KB
8 KB 59ms
59ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/Skytrax-Logo.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8790106c39d616d072aa3f2a0b9e320745c6afb31ef2fecf56a1295e445019f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 11:00:08 GMT
date: Tue, 19 Dec 2023 11:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276550
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8235
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:19:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Prospecting-SP-300-x-600.svg.js Show response
s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/ Frame 9B60 11 KB
3 KB 54ms
54ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/Prospecting-SP-300-x-600.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c1fa2e1ed5a79874108dfd0e5fb940cfb2a27928b2ff3aa4d480a6f66b434b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Wed, 18 Dec 2024 11:00:03 GMT
date: Tue, 19 Dec 2023 11:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 276555
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2978
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:19:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 CTA-BOOK-NOW-PILL-DE.svg.js Show response
s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/ Frame 9B60 3 KB
1 KB 57ms
57ms Script
application/x-javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/CTA-BOOK-NOW-PILL-DE.svg.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2405c8a96e18b401fb29077cec82a119a7ef24591093f76439db6f77224e3c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Mon, 16 Dec 2024 11:00:02 GMT
date: Sun, 17 Dec 2023 11:00:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449356
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1130
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:19:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H/1.1 200
OK biteki_access_log Show response
in.treasuredata.com/js/v3/event/media_dmp_db/ 89 B
559 B 99ms
98ms Script
application/javascript 52.45.249.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/media_dmp_db/biteki_access_log?api_key=7474%2Fc29e4cb209d200238c5c9b5473526143cd4cf8ab&modified=1703260158613&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJhdWRpZW5jZV9pZCI6bnVsbCwibWV0YV9rZXl3b3JkcyI6IiIsInRkX3ZlcnNpb24iOiIxLjkuMiIsInRkX2NsaWVudF9pZCI6IjU5NGQzM2Q0LWUxZGUtNDU4NC05MzE1LWE2YmNlMTE3NzdhNCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLpiYTliIbjgZ%2FjgaPjgbfjgorvvIHmnpznianvvJXpgbjjgJDjgYrjgZnjgZnjgoHjg6zjgrfjg5TjgJEgfCDnvo7nmoQuY29tIiwidGRfZGVzY3JpcHRpb24iOiLlpbPmgKfjgavkuI3otrPjgZfjgYzjgaHjgarpiYTliIbjgILmiYvou73jgavmkYLlj5bjgafjgY3jgovjgajlrInjgZfjgYTjgafjgZnjgojjga3vvIEg5a6f44Gv6YmE5YiG44KS5ZCr44KA5p6c54mp44Gv44CB44K544O844OR44O844Gq44Gp44Gn5pmu6YCa44Gr6LKp5aOy44GV44KM44Gm44GE44KL44KC44Gu44KC5rKi5bGx44GC44KK44G%2B44GZ44CC5LuK5Zue44Gv44CB6YmE5YiG6LGK5a%2BM44Gq5p6c54mpNemBuOOCkuOBiuWxiuOBke%2B8gSDmhI%2ForZjnmoTjgavmkYLlj5bjgZnjgovnv5LmhaPjgpLjgaTjgZHjgb7jgZfjgofjgYbimaoiLCJ0ZF91cmwiOiJodHRwczovL2J1c2cxOC5waWNzLyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yOCBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJidXNnMTgucGljcyIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24ifQ%3D%3D&callback=TreasureJSONPCallback0

Requested by

Host: cdn.treasuredata.com
URL: https://cdn.treasuredata.com/sdk/1.9.2/td.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.249.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-249-56.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Fri, 22 Dec 2023 15:49:18 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

GET
DATA 200
OK truncated
/ Frame 9B60 6 KB
6 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f360198677982642b19eec063470d87f63619bc8e729b163d42a6407b3ab1286

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DCDE 0
0 73ms
73ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssSzkFhRN40akdLzABQDKB_YneAhF5DAxKM_CWBdDD3IZL5yRQClYGYyOHW0z9iXZ6GtnZiYnRlc5XXxPvK4kylnn-bOCat63RL3pOUZeFF1PSDG94nlp6CM7E5YC-5eHePBnD_PmcUSbEScRveSlREhk_4qjIf9Yv-&sai=AMfl-YQ0QJi3JhrxNYs2ENYSKrnGMHyyS2O1B-QkSUfR9B7HAlvsdIOiisOINezdbA0bhUf7b5n5CGOoXqHXwF8i8CtLhpcwwBDv7tbQgQ&sig=Cg0ArKJSzCupl6UCOHlTEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=569&vt=11&dtpt=267&dett=3&cstd=301&cisv=r20231207.11483&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Algonquin-Park_Ontario_Canada_shutterstock_offset_1870486327.jpg
s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/ Frame 9B60 116 KB
116 KB 72ms
72ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/Algonquin-Park_Ontario_Canada_shutterstock_offset_1870486327.jpg?

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b9f37a15c97df39f89e561ea896a0bc9fd9c38aa0850d73163ae2a4139d763e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 18:22:12 GMT
date: Mon, 18 Dec 2023 18:22:12 GMT
x-content-type-options: nosniff
age: 336426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119161
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:19:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gettyimages-1437776692-170667a.jpg
s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/ Frame 9B60 106 KB
106 KB 90ms
89ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/gettyimages-1437776692-170667a.jpg?

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79be38607fada2979f0ef6094616f6411e9d5249a7c331be54fddce243f3c011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Sat, 21 Dec 2024 10:20:43 GMT
date: Fri, 22 Dec 2023 10:20:43 GMT
x-content-type-options: nosniff
age: 19715
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108250
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:19:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Banff_Alberta_Canada_shutterstock_752019010.jpg
s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/ Frame 9B60 89 KB
89 KB 53ms
53ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/Banff_Alberta_Canada_shutterstock_752019010.jpg?

Requested by

Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13870d8ccb6bb42b8c0a91513368e8b2a75f47e80798a9f5853a1875a71b367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Sat, 21 Dec 2024 10:20:43 GMT
date: Fri, 22 Dec 2023 10:20:43 GMT
x-content-type-options: nosniff
age: 19715
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91160
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:19:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DCDE 43 B
215 B 99ms
99ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=766968&asId=381b8d2f-8f34-056e-d310-bfa0299bbc60&tv=%7Bc:xxQGq7,pingTime:-10,time:361,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjI4IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703260158667%7C%7Cdf3752ff1cb5d91ef89018e337d87b6c%7C%7Cf528b414fe72eb800af6b2bbc719ee0c%7C%7C30eecc3f7c5f8581fefbae64386f2578%7C%7C33f0e1dcda887b105b65f21e0c21d3b3%7C%7C4bfd1e52e6d2a061fab5dbfdba7a319f%7C%7C1311ecc9781efaed7e388b470b4e22d5%7C%7Ce3ab7282cb1b443c98bbc761a8246ba1%7C%7C1663701684%7D
Requested by: Host: 41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
URL: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame 7F54 0
268 B 242ms
242ms Script
text/plain 35.74.209.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.74.209.225 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-74-209-225.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 22 Dec 2023 15:49:18 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DCDE 0
0 99ms
99ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=C5bfL_a-FZZTiDOui9u8PqOWEyAmwkLLZdKWo29W4Ef_Ror3AARABIIyk0yFgleKQgqAHoAGmiKLZA8gBCakCmXW2BN1CqT7gAgCoAwHIAwKqBIkCT9A_BNTNUOTKCS8PbLNUMFZGHxdhA4MOgfx4wHNWMF3B-gszMuPmmdos55V9Wjtq1Nqf-O8RfO2nY3ex9a88VbTKUvtBVKFbhkQICPqzvh14FWttQHeMLx83YGpp1jvTZdmC3KfLqU9dDoyd7gHECKhLlWdWvaT00zYr44jjJs8SMcwNCL-IILEvPPeTnd3RAGRXpFYLGgMoJoob8NGDnZzRdjtDO06D3k-tr1mOk5Q7kaA4TIgiX7UPSWfzK-L2zU_JuOqEBNE1hLJR3VUysJkoQWmo0yfq5n2JxZrjllj_QqTygs5TVCZidMVts8N_23xSUT8mcr2Q0S7LtOn4QgR9x6cOH_X1J8AEmIiX-bAE4AQBiAXd_MutNJIFBAgEGAGSBQQIBRgEoAYRgAe7-fOhAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEPO9EdIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY98KDxbKjgwOACgPICwGiDBAqDgoM5LSxAu61sQK1uLEC4g0TCLichMWyo4MDFWuR_QcdqDIBmdgTDdAVAYAXAbIXHgocCAASFHB1Yi0xMDQ3NzgyMTY1ODY5NjA1GOTdEA&sigh=dZin4YycGsw&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_N0gFTOoGYxNqDG9oSHOWXV-id-_r7SutH0qBDXCTu_Epo18nyfR5WRT4ARS0291tMq129V4HGAE&cbvp=2&vis=1

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 22 Dec 2023 15:49:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Banff_Alberta_Canada_shutterstock_752019010.jpg
s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/ Frame 9B60 89 KB
89 KB 51ms
51ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/Banff_Alberta_Canada_shutterstock_752019010.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13870d8ccb6bb42b8c0a91513368e8b2a75f47e80798a9f5853a1875a71b367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Sat, 21 Dec 2024 10:20:43 GMT
date: Fri, 22 Dec 2023 10:20:43 GMT
x-content-type-options: nosniff
age: 19715
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91160
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:19:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 88ms
88ms Preflight
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 22 Dec 2023 15:49:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Algonquin-Park_Ontario_Canada_shutterstock_offset_1870486327.jpg
s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/ Frame 9B60 116 KB
116 KB 52ms
51ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/Algonquin-Park_Ontario_Canada_shutterstock_offset_1870486327.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b9f37a15c97df39f89e561ea896a0bc9fd9c38aa0850d73163ae2a4139d763e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Tue, 17 Dec 2024 18:22:12 GMT
date: Mon, 18 Dec 2023 18:22:12 GMT
x-content-type-options: nosniff
age: 336426
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119161
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:19:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 gettyimages-1437776692-170667a.jpg
s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/ Frame 9B60 106 KB
106 KB 56ms
56ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/gettyimages-1437776692-170667a.jpg?

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79be38607fada2979f0ef6094616f6411e9d5249a7c331be54fddce243f3c011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/321367045912397167/2023_EMEAI_DOM_DE_RT_0927_Canada_Always_On_Refresh_Prospecting_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

expires: Sat, 21 Dec 2024 10:20:43 GMT
date: Fri, 22 Dec 2023 10:20:43 GMT
x-content-type-options: nosniff
age: 19715
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108250
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 19:19:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8120 42 B
64 B 192ms
88ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_EQiW98DlmNZnfoC0sp3jkjeROcHT_1-YK2Fgiy7J86GuR4Yb6xTWN2ssZSZtnfaBs73ZVjI8FEMOyXVW_2i-XXY5kjr9Ahg0ejB0bX1BjrtgMk4sNK8r7XSfTcANGQZPe3tXg6yO38BQStUIwPUWTA&sig=Cg0ArKJSzPvA_c7qfAKkEAE&id=lidar2&mcvt=1000&p=839,985,1089,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=273080894&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703260157495&rpt=496&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 99ms
99ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930635&asId=a535e8ec-f3e1-46a0-8be5-f8efa979908e&tv=%7Bc:xxQGB8,pingTime:-10,time:1441,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjI4IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703260158667%7C%7Cdf3752ff1cb5d91ef89018e337d87b6c%7C%7Cf528b414fe72eb800af6b2bbc719ee0c%7C%7C30eecc3f7c5f8581fefbae64386f2578%7C%7C33f0e1dcda887b105b65f21e0c21d3b3%7C%7C4bfd1e52e6d2a061fab5dbfdba7a319f%7C%7C1311ecc9781efaed7e388b470b4e22d5%7C%7Ce3ab7282cb1b443c98bbc761a8246ba1%7C%7C1663701684,sca:%7Bspg:381b8d2f-8f34-056e-d310-bfa0299bbc60%7D%7D
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:19 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 101ms
100ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930635&asId=a535e8ec-f3e1-46a0-8be5-f8efa979908e&tv=%7Bc:xxQGCa,pingTime:1,time:1505,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:488%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1505,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:488,wc:0.0.1600.1200,ac:985.839.300.250,am:i,cc:985.839.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1027~100%5D,as:%5B1027~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:350,fm:tZbs2GN+11%7C12%7C13%7C14%7C151%7C1521%7C153%7C154%7C16*.930635%7C161%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:488,sis:640%7D&br=c
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:19 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 99ms
99ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930635&asId=a535e8ec-f3e1-46a0-8be5-f8efa979908e&tv=%7Bc:xxQGCb,pingTime:1,time:1506,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:488%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1506,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:488,wc:0.0.1600.1200,ac:985.839.300.250,am:i,cc:985.839.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1028~100%5D,as:%5B1028~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:350,fm:tZbs2GN+11%7C12%7C13%7C14%7C151%7C1521%7C153%7C154%7C16*.930635%7C161%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:488,sis:640,metricId:publ1,cmr:t%7D&br=c
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:19 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 100ms
99ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930635&asId=a535e8ec-f3e1-46a0-8be5-f8efa979908e&tv=%7Bc:xxQGCb,pingTime:1,time:1506,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:488%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1506,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:488,wc:0.0.1600.1200,ac:985.839.300.250,am:i,cc:985.839.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1028~100%5D,as:%5B1028~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:350,fm:tZbs2GN+11%7C12%7C13%7C14%7C151%7C1521%7C153%7C154%7C16*.930635%7C161%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:488,sis:640,metricId:grpm1,cmr:t%7D&br=c
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:19 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DCDE 43 B
215 B 100ms
99ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=766968&asId=381b8d2f-8f34-056e-d310-bfa0299bbc60&tv=%7Bc:xxQGCd,pingTime:1,time:1111,type:p,clog:%5B%7Bpiv:-1,vs:o,r:h,w:300,h:0,t:13%7D,%7Bpiv:0,r:l.h,t:40%7D,%7Bpiv:100,vs:i,r:,h:600,t:110%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:110,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l.h,bkn:%7Bpiv:%5B35~1,70~0%5D,as:%5B105~300.0%5D%7D%7D,%7Bsl:i,t:110,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:101,fm:tZbs2GN+11%7C12%7C13%7C14%7C15*.766968-55786941%7C151%7C152%7C16.930635%7C161%7C17%7C18,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:14,sis:117%7D&br=c
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:19 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DCDE 43 B
215 B 100ms
100ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=766968&asId=381b8d2f-8f34-056e-d310-bfa0299bbc60&tv=%7Bc:xxQGCd,pingTime:1,time:1111,type:pf,clog:%5B%7Bpiv:-1,vs:o,r:h,w:300,h:0,t:13%7D,%7Bpiv:0,r:l.h,t:40%7D,%7Bpiv:100,vs:i,r:,h:600,t:110%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:110,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l.h,bkn:%7Bpiv:%5B35~1,70~0%5D,as:%5B105~300.0%5D%7D%7D,%7Bsl:i,t:110,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:101,fm:tZbs2GN+11%7C12%7C13%7C14%7C15*.766968-55786941%7C151%7C152%7C16.930635%7C161%7C17%7C18,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:14,sis:117%7D&br=c
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:19 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK popin_send_cookie_set_fail.js Show response
api.popin.cc/test/ 14 KB
4 KB 269ms
269ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:19 GMT
x-amz-version-id: NVPBtcLlaQ0R5YVGUD48RBS0d2V00MrK
Content-Encoding: gzip
Last-Modified: Mon, 11 Oct 2021 03:29:29 GMT
Server: nginx
ETag: W/"27aab2e5fb58e044704790074416e410"
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Fri, 22 Dec 2023 16:49:19 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DCDE 42 B
64 B 89ms
88ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZ4r4bkTrMKnX4EJi9sYXZJURDPVQFrFPMIoHAFp1Wxcboo9hrTY7ySliO6ZFRUcFWFq31Jta3jOr_QMGGUTlTQZyDRSWG2GAp4DqfB9xCjx9rQV1zG5NTaQ&sig=Cg0ArKJSzO9jxSxLYDriEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=153378422&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703260157487&rpt=1058&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 99ms
99ms Script
application/javascript 52.45.249.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1703260159644&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiMzAwMjg0IiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkIiwidGltZV9zaG93X3NlY29uZHMiOjEsInJlcXVlc3RfYWQiOjEwLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjEwLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJqcC5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJidXNnMTgucGljcyIsInVybCI6Imh0dHBzOi8vYnVzZzE4LnBpY3MvIiwiZ2VvX2NvdW50cnkiOiJqcCIsImxvZ2lkIjoiMmU2NjBhZGUtYmQyYS00OTkyLWI5NTMtMzQ0ZTJjNDNjN2VhIiwidWlkIjoiNTdiNjIwOTVmMjY3NWIyYWE3YTE3MDMyNTY1NTgxODMiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI1OTRkMzNkNC1lMWRlLTQ1ODQtOTMxNS1hNmJjZTExNzc3YTQiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9idXNnMTgucGljcy8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjggU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiYnVzZzE4LnBpY3MiLCJ0ZF9wYXRoIjoiLyIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiY2xpZW50X2lkIjoiNTk0ZDMzZDQtZTFkZS00NTg0LTkzMTUtYTZiY2UxMTc3N2E0IiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.249.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-249-56.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Fri, 22 Dec 2023 15:49:19 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK logo.png
api.popin.cc/images/ 2 KB
3 KB 272ms
271ms Image
image/png 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:19 GMT
x-amz-version-id: null
Last-Modified: Tue, 02 Apr 2019 12:00:56 GMT
Server: nginx
ETag: "b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status: HIT from 10.252.55.25
Content-Type: image/png
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 2316
Expires: Fri, 22 Dec 2023 16:49:19 GMT

GET
H/1.1 200
OK axss.js Show response
assets-momentum.akamaized.net/js/ 56 KB
19 KB 54ms
8ms Script
application/javascript 2.16.164.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-momentum.akamaized.net/js/axss.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/biteki.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.164.17 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-164-17.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4c6344fcf107575e875e210ec777a9d2f846f6d4ed2a4ce0af12b1b8d22c5fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-amz-version-id: DzDbrvsR3cNxQ3bSSt33pCXAfPNv5N7e
Content-Encoding: gzip
x-amz-meta-pragma: no-cache
Date: Fri, 22 Dec 2023 15:49:19 GMT
X-Amz-Cf-Pop: FRA60-P3
x-amz-server-side-encryption: AES256
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 18414
Last-Modified: Thu, 13 Apr 2023 05:17:30 GMT
Server: AmazonS3
ETag: W/"03592d9268684455368d4559a44f7aa1"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-Amz-Cf-Id: csWsqpju6HtKVdL-SlRIJ2PDcI8lsNMh2mlAzVSofiuC4mXLRWcuFg==
Expires: Fri, 22 Dec 2023 15:49:19 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 267ms
265ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6ImpwLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImJ1c2cxOC5waWNzIiwidXJsIjoiaHR0cHM6Ly9idXNnMTgucGljcy8iLCJ1aWQiOiI1N2I2MjA5NWYyNjc1YjJhYTdhMTcwMzI1NjU1ODE4MyIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjU5NGQzM2Q0LWUxZGUtNDU4NC05MzE1LWE2YmNlMTE3NzdhNCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL2J1c2cxOC5waWNzLyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yOCBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJidXNnMTgucGljcyIsInRkX3BhdGgiOiIvIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI1OTRkMzNkNC1lMWRlLTQ1ODQtOTMxNS1hNmJjZTExNzc3YTQiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1703260159639
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:19 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 adlogs
log.popin.cc/log/popin_ads/ 66 B
222 B 268ms
267ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiMzAwMjg0IiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkIiwidGltZV9zaG93X3NlY29uZHMiOjEsInJlcXVlc3RfYWQiOjEwLCJkbWYiOiJtIiwicmVzcG9uc2VfYWQiOjEwLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJqcC5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJidXNnMTgucGljcyIsInVybCI6Imh0dHBzOi8vYnVzZzE4LnBpY3MvIiwiZ2VvX2NvdW50cnkiOiJqcCIsImxvZ2lkIjoiMmU2NjBhZGUtYmQyYS00OTkyLWI5NTMtMzQ0ZTJjNDNjN2VhIiwidWlkIjoiNTdiNjIwOTVmMjY3NWIyYWE3YTE3MDMyNTY1NTgxODMiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI1OTRkMzNkNC1lMWRlLTQ1ODQtOTMxNS1hNmJjZTExNzc3YTQiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9idXNnMTgucGljcy8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjggU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiYnVzZzE4LnBpY3MiLCJ0ZF9wYXRoIjoiLyIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiNTk0ZDMzZDQtZTFkZS00NTg0LTkzMTUtYTZiY2UxMTc3N2E0IiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1703260159645
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:19 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 758ms
249ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fbusg18.pics%2F&uid=57b62095f2675b2aa7a1703256558183&type=pc_pv&nid=pc&media=busg18.pics&r5=cc_NONE&t=1703260159645&tz=jp
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:20 GMT
last-modified: Thu, 29 Aug 2019 01:59:39 GMT
server: nginx
etag: "5d67318b-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 269ms
268ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoianAucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiYnVzZzE4LnBpY3MiLCJ1cmwiOiJodHRwczovL2J1c2cxOC5waWNzLyIsImdlb19jb3VudHJ5IjoianAiLCJsb2dpZCI6IjJlNjYwYWRlLWJkMmEtNDk5Mi1iOTUzLTM0NGUyYzQzYzdlYSIsInJpZCI6IjMwMDI4NCIsInVpZCI6IjU3YjYyMDk1ZjI2NzViMmFhN2ExNzAzMjU2NTU4MTgzIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiNTk0ZDMzZDQtZTFkZS00NTg0LTkzMTUtYTZiY2UxMTc3N2E0IiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IiIsInRkX3VybCI6Imh0dHBzOi8vYnVzZzE4LnBpY3MvIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjI4IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6ImJ1c2cxOC5waWNzIiwidGRfcGF0aCI6Ii8iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMjAuMC42MDk5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjU5NGQzM2Q0LWUxZGUtNDU4NC05MzE1LWE2YmNlMTE3NzdhNCIsImNhdGVnb3J5IjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1703260159645
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:19 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ 0
108 B 1149ms
261ms Image
text/plain 119.63.197.136
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI1OTRkMzNkNC1lMWRlLTQ1ODQtOTMxNS1hNmJjZTExNzc3YTQiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9idXNnMTgucGljcy8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjggU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiYnVzZzE4LnBpY3MiLCJ0ZF9wYXRoIjoiLyIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiIxODUuMjEzLjE1NS4xNjUiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJrZXkiOiJrZXkxNzAzMjYwMTU4MTg0Iiwibm93IjoxNzAzMjYwMTU5NjQ1LCJjbGllbnRfaWQiOiI1OTRkMzNkNC1lMWRlLTQ1ODQtOTMxNS1hNmJjZTExNzc3YTQiLCJ1cmwiOiJodHRwczovL2J1c2cxOC5waWNzLyIsInVpZCI6IjU3YjYyMDk1ZjI2NzViMmFhN2ExNzAzMjU2NTU4MTgzIiwic21qSWQiOiIiLCJkZXZpY2UiOiJwYyIsImRpc2hfbWVkaWEiOiJidXNnMTgucGljcyIsImRpc2hfY2F0ZWdvcnkiOiIiLCJkaXNoX2RvbWFpbiI6ImJ1c2cxOC5waWNzIiwidl9kaXNoX2xhYmVscyI6IiIsInZfZGlzaF90bGFiZWxzIjoiIiwibG9naWQiOiIyZTY2MGFkZS1iZDJhLTQ5OTItYjk1My0zNDRlMmM0M2M3ZWEiLCJhcGlfaG9zdCI6ImpwLnBvcGluLmNjIiwiZG9tYWluIjoiYnVzZzE4LnBpY3MiLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.63.197.136 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/plain

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 756ms
248ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fbusg18.pics%2F&uid=&type=pc_channel_pv&nid=pc&media=busg18.pics&r5=ch_standard&t=1703260159651&tz=jp
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:20 GMT
last-modified: Thu, 29 Aug 2019 01:59:39 GMT
server: nginx
etag: "5d67318b-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
222 B 269ms
269ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJzdGFuZGFyZCIsImV4cGVjdGVkX2FkIjo0LCJyZW5kZXJlZF9hZCI6NCwiYXBpX2hvc3QiOiJqcC5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJidXNnMTgucGljcyIsInVybCI6Imh0dHBzOi8vYnVzZzE4LnBpY3MvIiwiZ2VvX2NvdW50cnkiOiJqcCIsImxvZ2lkIjoiMmU2NjBhZGUtYmQyYS00OTkyLWI5NTMtMzQ0ZTJjNDNjN2VhIiwicmlkIjoiMzAwMjg0IiwidWlkIjoiNTdiNjIwOTVmMjY3NWIyYWE3YTE3MDMyNTY1NTgxODMiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI1OTRkMzNkNC1lMWRlLTQ1ODQtOTMxNS1hNmJjZTExNzc3YTQiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9idXNnMTgucGljcy8iLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjggU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoiYnVzZzE4LnBpY3MiLCJ0ZF9wYXRoIjoiLyIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiNTk0ZDMzZDQtZTFkZS00NTg0LTkzMTUtYTZiY2UxMTc3N2E0IiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1703260159651
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:19 GMT
last-modified: Thu, 13 Dec 2018 07:32:33 GMT
server: nginx/1.13.5
etag: "5c120b11-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 log.gif
r.popin.cc/ 35 B
186 B 758ms
250ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related&uid=57b62095f2675b2aa7a1703256558183&url=https%3A%2F%2Fbusg18.pics%2F&t=1703260159651
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:20 GMT
last-modified: Thu, 29 Aug 2019 01:59:39 GMT
server: nginx
etag: "5d67318b-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1

200

pbc
jp.popin.cc/popin_discovery/
Redirect Chain

https://jp-axia.m0mentum.net/clear/fraud/38?req=eyJpZCI6IjJlNjYwYWRlLWJkMmEtNDk5Mi1iOTUzLTM0NGUyYzQzYzdlYSIsImltcCI6W3siaWQiOiIxIiwidGFnaWQiOiJidXNnMTgucGljcyJ9XSwic2l0ZSI6eyJwYWdlIjoiaHR0cHM6Ly9id...
https://jp.popin.cc/popin_discovery/pbc?m0-response=XvxzDfxFQREIkFF2SsTuF89U4LP%2Fy57w3%2F43q%2BMmHZ6I9N34UWMjctrcdncdD94QB6qFr%2Bi6m3mG62HKJzeBqr6ZGWVVi3xVvhZ3pHQG228LUlke6tWq5W3BsD%2B2tW8spnQhRgJ...

0
163 B

766ms
250ms

Image
text/plain

119.63.198.176
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp.popin.cc/popin_discovery/pbc?m0-response=XvxzDfxFQREIkFF2SsTuF89U4LP%2Fy57w3%2F43q%2BMmHZ6I9N34UWMjctrcdncdD94QB6qFr%2Bi6m3mG62HKJzeBqr6ZGWVVi3xVvhZ3pHQG228LUlke6tWq5W3BsD%2B2tW8spnQhRgJ9zT9yBzG1rbbAAvUsLnXPFdwSfAgat9q4eXCxrby%2BJVXueN3jlT57PCFVjegU7HSpweGwLD4dM%2BFi%2FQexJUpUtCDP%2F6PRbjnvvxY%3D
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: HTTP/1.1
Server: 119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

Date: Fri, 22 Dec 2023 15:49:20 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: nginx/1.13.5
Connection: keep-alive
Content-Length: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:19 GMT
via: 1.1 google, 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
location: https://jp.popin.cc/popin_discovery/pbc?m0-response=XvxzDfxFQREIkFF2SsTuF89U4LP%2Fy57w3%2F43q%2BMmHZ6I9N34UWMjctrcdncdD94QB6qFr%2Bi6m3mG62HKJzeBqr6ZGWVVi3xVvhZ3pHQG228LUlke6tWq5W3BsD%2B2tW8spnQhRgJ9zT9yBzG1rbbAAvUsLnXPFdwSfAgat9q4eXCxrby%2BJVXueN3jlT57PCFVjegU7HSpweGwLD4dM%2BFi%2FQexJUpUtCDP%2F6PRbjnvvxY%3D
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DCDE 42 B
64 B 94ms
94ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssu1xQ5ylKCrlBZbh9yxnZNS7szJCkzqZzXTALBAo8PqKoC1Ivx9Y0uWiXVHiDp9CmZTIOsrj3pHa9rD42NPAgKdNI8tSdlarGPTbEMFRCalDR5cqKTrTIX7ObgKKMPpj5Zr7uivLPySPRP52OxRLXpq9ZY&sai=AMfl-YSxyD5nLlIFX3t22K4THyRj6ap1ZEpT_yzOCHVWLa7Msg7vadReQNXVCu22BKA3fIRSjkhZ-6hLBm1OHMJ9kWd7G_oQJ5ebcS7bIBznv3nXxmTYCeNiekHQQ2k&sig=Cg0ArKJSzBSMNviOs1k6EAE&cid=CAQSOwAvHhf_N0gFTOoGYxNqDG9oSHOWXV-id-_r7SutH0qBDXCTu_Epo18nyfR5WRT4ARS0291tMq129V4HGAE&id=lidar2&mcvt=1000&p=211,985,811,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1157246081&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703260157487&rpt=1282&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-rum-1.249.0.min.js Show response
js-agent.newrelic.com/ 44 KB
16 KB 131ms
22ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-rum-1.249.0.min.js

Requested by

Host: busg18.pics
URL: https://busg18.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

461f9f536c4dc41886fb453be7068b893e2817524bc24587fc0449c65aacec75

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://busg18.pics/
Origin: https://busg18.pics
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

x-amz-version-id: 3PbzC_N7CIB1L071r8FgkLVtaRZzQS.L
content-encoding: br
via: 1.1 varnish
date: Fri, 22 Dec 2023 15:49:20 GMT
strict-transport-security: max-age=300
x-amz-request-id: SWQ3J54HGNP2GS1E
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15747
x-amz-id-2: 0uX9qIMioxKSMLLDuZlycIXBh+/w5qPAdjOfIbOKLTTBn9wG8nFuwhO1832ahB/YbIJEBrmIcjo=
x-served-by: cache-fra-eddf8230037-FRA
last-modified: Thu, 14 Dec 2023 16:36:09 GMT
server: AmazonS3
x-timer: S1703260161.926796,VS0,VE0
etag: "2ccd2352d2d5668fd135b1090e86b079"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 214173

GET
H3

200

/
www.facebook.com/login/ Frame 248B
Redirect Chain

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39cf1568301488%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

124ms
124ms

Document
text/html

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df39cf1568301488%2526domain%253Dbusg18.pics%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fbusg18.pics%25252Ff3fb041952ea5e8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D550%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fbitekicom%26locale%3Dja_JP%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=50d1a33ef572072580f1821e9dc221ca

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://busg18.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 22 Dec 2023 15:49:21 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: yPGLOMsP/5uD4ydh2g3nxmk5I1Q1fs33b7W27RHNikuU3XdDJtSFBpQGkkBDa/A0UwZUEcGj74IhtvrQMp0q3w==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 15:49:20 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df39cf1568301488%2526domain%253Dbusg18.pics%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fbusg18.pics%25252Ff3fb041952ea5e8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D550%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fbitekicom%26locale%3Dja_JP%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
pragma: no-cache
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: dP7oxYVL9vmQ1CdAKqHx58294z730Nbewamu9Zwtc+DQIZg5+QfReK3KjFXvsQZdFcxVfUp/FmBYhuscsDDiGA==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 111ms
111ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f15f9baee02434c7d5c616c9b9d85a87155c298821fbc844d97e31eb1df6750a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12435
x-xss-protection: 0

GET
H2 200 bf308d05da1afd02_4202.js Show response
img.ak.impact-ad.jp/ut/ 22 KB
7 KB 96ms
6ms Script
text/javascript 151.101.129.19
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ak.impact-ad.jp/ut/bf308d05da1afd02_4202.js
Requested by: Host: busg18.pics
URL: https://busg18.pics/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.19 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 752388b066fc2d37de354a6dcbad0fff74749de6e1f74aa95ea4128f4c5405e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:20 GMT
content-encoding: br
via: 1.1 varnish
age: 75687
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 7336
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Mon, 30 Oct 2023 09:53:08 GMT
server: AmazonS3
x-timer: S1703260161.915182,VS0,VE0
etag: "94bd8d3bef2f8ccbc11687e0df7ba673"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 tracking.min.js Show response
img.ak.impact-ad.jp/ut/a1/ 175 KB
40 KB 6ms
6ms Script
text/javascript 151.101.129.19
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ak.impact-ad.jp/ut/a1/tracking.min.js
Requested by: Host: img.ak.impact-ad.jp
URL: https://img.ak.impact-ad.jp/ut/bf308d05da1afd02_4202.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.19 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49daf7bddb14b814b7423b31c4ff574e2c73fc909fe098a18acf44c42069e5b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:20 GMT
content-encoding: br
via: 1.1 varnish
age: 33937
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 41116
x-served-by: cache-fra-eddf8230094-FRA
last-modified: Mon, 14 Aug 2023 04:08:01 GMT
server: AmazonS3
x-timer: S1703260161.923771,VS0,VE0
etag: "16c2bb6deecc622dab084598d0635d47"
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache
accept-ranges: bytes
x-cache-hits: 289

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js?cb=31080056

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Dec 2023 15:49:20 GMT

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
271 B 97ms
27ms XHR
application/json 162.19.138.119
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: img.ak.impact-ad.jp
URL: https://img.ak.impact-ad.jp/ut/a1/tracking.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533570.ip-162-19-138.eu

Software

Resource Hash

8c082bece010e3d7fb4120f165a47bb64f589a22abcef2935485c58eb544f246

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://busg18.pics/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://busg18.pics
date: Fri, 22 Dec 2023 15:49:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

POST
H/1.1 200 58fb892c87 Show response
bam.nr-data.net/1/ 40 B
399 B 253ms
227ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/58fb892c87?a=68310735&v=1.249.0&to=ZFRTMkJZD0BUUkJaXV0ecAVEUQ5dGkJfXVVfVA%3D%3D&rst=5847&ck=0&s=455c51bb8c834300&ref=https://busg18.pics/&ap=1113&be=950&fe=4756&dc=436&at=SBNQRApDHE4%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1703260155114,%22n%22:0,%22dn%22:27,%22dne%22:27,%22c%22:27,%22s%22:43,%22ce%22:68,%22rq%22:68,%22rp%22:950,%22rpe%22:959,%22di%22:1346,%22ds%22:1363,%22de%22:1386,%22dc%22:5687,%22l%22:5688,%22le%22:5706%7D,%22navigation%22:%7B%7D%7D&fp=1340&fcp=1340
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-rum-1.249.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://busg18.pics/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 22 Dec 2023 15:49:21 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://busg18.pics
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230116-FRA

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1611 13 KB
5 KB 52ms
51ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://busg18.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 9236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 13:15:25 GMT
expires: Sat, 21 Dec 2024 13:15:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1361 829 B
998 B 60ms
60ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fbc59b605467945826301d8eaeb72115de0ec09183fdfda19a62357a65fa24d1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yPHYkzP1w69UC4OlvbY3gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://busg18.pics/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-yPHYkzP1w69UC4OlvbY3gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Dec 2023 15:49:21 GMT
expires: Fri, 22 Dec 2023 15:49:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 1270.json Show response
id5-sync.com/g/v2/ 251 B
528 B 41ms
8ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1270.json

Requested by

Host: img.ak.impact-ad.jp
URL: https://img.ak.impact-ad.jp/ut/a1/tracking.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

475c44afb1ce2aa0e8062f87e1fa0a6f6ffb767d573b2968f9e8a555bc487aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://busg18.pics/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://busg18.pics
date: Fri, 22 Dec 2023 15:49:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1611 39 KB
15 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 10:32:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 21 Dec 2024 10:32:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1361 0
0 85ms
85ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=896466930385474&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

GET
H2 200 combo Show response
penta.a.one.impact-ad.jp/ 21 B
264 B 325ms
275ms Script
text/javascript 107.178.248.96
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://penta.a.one.impact-ad.jp/combo?oid=bf308d05da1afd02&dd_rft=k&dd_jsonp=a1tracker.cb._10&fu=7b3f383a-9acd-4ae6-8a6b-490f7dc84432&i5=0&src=https%3A%2F%2Fbusg18.pics%2F&l=en-us&sr=1600x1200&vp=1600x1200&cd=24-bit&tgsrc=itm_a1common&dsc=%E5%A5%B3%E6%80%A7%E3%81%AB%E4%B8%8D%E8%B6%B3%E3%81%97%E3%81%8C%E3%81%A1%E3%81%AA%E9%89%84%E5%88%86%E3%80%82%E6%89%8B%E8%BB%BD%E3%81%AB%E6%91%82%E5%8F%96%E3%81%A7%E3%81%8D%E3%82%8B%E3%81%A8%E5%AC%89%E3%81%97%E3%81%84%E3%81%A7%E3%81%99%E3%82%88%E3%81%AD%EF%BC%81%20%E5%AE%9F%E3%81%AF%E9%89%84%E5%88%86%E3%82%92%E5%90%AB%E3%82%80%E6%9E%9C%E7%89%A9%E3%81%AF%E3%80%81%E3%82%B9%E3%83%BC%E3%83%91%E3%83%BC%E3%81%AA%E3%81%A9%E3%81%A7%E6%99%AE%E9%80%9A%E3%81%AB%E8%B2%A9%E5%A3%B2%E3%81%95%E3%82%8C%E3%81%A6%E3%81%84%E3%82%8B%E3%82%82%E3%81%AE%E3%82%82%E6%B2%A2%E5%B1%B1%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99%E3%80%82%E4%BB%8A%E5%9B%9E%E3%81%AF%E3%80%81%E9%89%84%E5%88%86%E8%B1%8A%E5%AF%8C%E3%81%AA%E6%9E%9C%E7%89%A95%E9%81%B8%E3%82%92%E3%81%8A%E5%B1%8A%E3%81%91%EF%BC%81%20%E6%84%8F%E8%AD%98%E7%9A%84%E3%81%AB%E6%91%82%E5%8F%96%E3%81%99%E3%82%8B%E7%BF%92%E6%85%A3%E3%82%92%E3%81%A4%E3%81%91%E3%81%BE%E3%81%97%E3%82%87%E3%81%86%E2%99%AA&dt=%E9%89%84%E5%88%86%E3%81%9F%E3%81%A3%E3%81%B7%E3%82%8A%EF%BC%81%E6%9E%9C%E7%89%A9%EF%BC%95%E9%81%B8%E3%80%90%E3%81%8A%E3%81%99%E3%81%99%E3%82%81%E3%83%AC%E3%82%B7%E3%83%94%E3%80%91%20%7C%20%E7%BE%8E%E7%9A%84.com

Requested by

Host: img.ak.impact-ad.jp
URL: https://img.ak.impact-ad.jp/ut/a1/tracking.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.248.96 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

96.248.178.107.bc.googleusercontent.com

Software

nginx /

Resource Hash

2d6d5e3df8497d60456dd670e3d0f470636ee4169706c20e63a1285ff32d6442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:21 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains;
server: nginx
content-type: text/javascript;charset=utf-8
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1611 0
10 B 51ms
51ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fO3bnQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

date: Fri, 22 Dec 2023 15:49:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 89ms
89ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=896466930385474&bg=!qaqlquXNAAY3kmNgF5I7ADQBe5WfOH0W9KsHftLHrzPN64wZz_Ejl-WBYLYG3_RTow4m8I5bUg2uNLWIKOL6eZ9wjqDFAgAAADdSAAAAAmgBB5kDBAk9_NH7qCDI4FmEZVLfM3ml6YLLLqAl3WgBoFSTR58_HRaqbKR6hrMtbvHqbyelmK8AgeM1vx5jrZ8AjmPAwx2_E-GCjrz-j8IyIdJnOBTBiiGXRJfPnaZhAnUCw37hY5f4fX9QF67gAFeb1gYLo7_OlJqMd6GR9x8roe9ilBCCLIBUznfyydeAjWASGKIkW9mnJc1CbbN2XMRnjMrPEn6brp96jAbILJsFjacEpNjZHAObI-6plv60Q9g6JzE3Uld4eSp7dNr2Os4VTFQKxcd6YyBNDp6LMVF3F32BGXgUGN-zetaEkmyUnoFG-iEAyjFuJpnYCpxYfI3iOkXeVewWGBf2iivYOYDq-At25GWoVpASUcmjjusLe6_an88-5KAgCswxZAD-tnxvgxTh0AfCAbOc5E7-U95SelpVSOd7FEoF90ydBYLU6RPewi31_sSRyG2tVB1VKLfJxCHtR1eiGFO1vlOw6iHNL1u52KJ5uirGkXUQa56zgd8fayHcH59zGzUbkBFWz5V8lXVG9l8VKlhOzzo0R7VsQZ3vOVT0eJET-00AcYZXW_XqO5zPEfDkuX1uEg8bYH_5tbFbbWeDhKsMgOfMzT7mY29LsvKvYEMuxewmTKwqvZZNe3hGypfJmzVSbzapb4FJP78Qz_QaDVgfrSYCE3hja7WjirdE0PEkh964UDRw0oBD3mxHXXCJ1y13aviO8rqknTGQUdrI-S9Wts1oZezQjcrmogZ-GFAS0vwkaPotV5opFppxoaAhNKddkj-H0iiDSCM0EXZsHpfCt4UEidKA3_X6pvEKHcwxBR0tquf5qSnTm6LBqnoXWxeKlXH8hxyOgCFIidJl5n7i84k5AcIXKE8mJqnKAcaFaOcUTeFYs_dbDZG6AAxpLGDQBItVwZpTa0qzZtSt72iEG-TXfHESxva7368Oac6TMMdt7Zjk12TiY2-EIsXeFd601nbcSk5sBtoZ4C9JR9C1JD1S0ZGNxY-sSuqcYD4Vt_bm3MDe3L8UzjPpWf5gw6M
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 35ms
35ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4YKEL52KHF&gtm=45je3bt0v9100406918&_p=1703260156080&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1050775466.1703260157&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1703260157&sct=1&seg=1&dl=https%3A%2F%2Fbusg18.pics%2F&dt=%E9%89%84%E5%88%86%E3%81%9F%E3%81%A3%E3%81%B7%E3%82%8A%EF%BC%81%E6%9E%9C%E7%89%A9%EF%BC%95%E9%81%B8%E3%80%90%E3%81%8A%E3%81%99%E3%81%99%E3%82%81%E3%83%AC%E3%82%B7%E3%83%94%E3%80%91%20%7C%20%E7%BE%8E%E7%9A%84.com&en=page_view&_ee=1&_et=2&tfd=7713
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4YKEL52KHF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://busg18.pics
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 99ms
99ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930635&asId=a535e8ec-f3e1-46a0-8be5-f8efa979908e&tv=%7Bc:xxQHEG,pingTime:5,time:5505,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:300,h:250,t:488%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5505,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:488,wc:0.0.1600.1200,ac:985.839.300.250,am:i,cc:985.839.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5027~100%5D,as:%5B5027~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:104,fm:tZbs2GN+11%7C12%7C13%7C14%7C151%7C1521%7C153%7C154%7C16*.930635%7C161%7C17%7C18,idMap:16*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:488,sis:640%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://busg18.pics/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:23 GMT
server: nginx
x-server-name: dt30.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DCDE 43 B
215 B 100ms
100ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=766968&asId=381b8d2f-8f34-056e-d310-bfa0299bbc60&tv=%7Bc:xxQHEJ,pingTime:5,time:5111,type:p,clog:%5B%7Bpiv:-1,vs:o,r:h,w:300,h:0,t:13%7D,%7Bpiv:0,r:l.h,t:40%7D,%7Bpiv:100,vs:i,r:,h:600,t:110%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:110,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l.h,bkn:%7Bpiv:%5B35~1,70~0%5D,as:%5B105~300.0%5D%7D%7D,%7Bsl:i,t:110,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:103,fm:tZbs2GN+11%7C12%7C13%7C14%7C15*.766968-55786941%7C151%7C152%7C16.930635%7C161%7C17%7C18,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:14,sis:117%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:23 GMT
server: nginx
x-server-name: dt31.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DCDE 43 B
215 B 99ms
99ms Image
image/gif 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=766968&asId=381b8d2f-8f34-056e-d310-bfa0299bbc60&tv=%7Bc:xxQHEJ,pingTime:5,time:5111,type:pf,clog:%5B%7Bpiv:-1,vs:o,r:h,w:300,h:0,t:13%7D,%7Bpiv:0,r:l.h,t:40%7D,%7Bpiv:100,vs:i,r:,h:600,t:110%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:110,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:13,wc:0.0.1600.1200,ac:NaN.NaN.300.0,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l.h,bkn:%7Bpiv:%5B35~1,70~0%5D,as:%5B105~300.0%5D%7D%7D,%7Bsl:i,t:110,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:103,fm:tZbs2GN+11%7C12%7C13%7C14%7C15*.766968-55786941%7C151%7C152%7C16.930635%7C161%7C17%7C18,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:14,sis:117%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.28 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Dec 2023 15:49:23 GMT
server: nginx
x-server-name: dt32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
busg18.pics/	1970-01-21 02:43:40	Name: wp_uuid_shogakukan_id_ Value: e3b16c87-21de-4458-8ae6-a7b3f161a92a
.busg18.pics/	1970-01-20 17:09:06	Name: _gid Value: GA1.2.538160950.1703260157
.busg18.pics/	1970-01-20 17:07:40	Name: _gat Value: 1
.busg18.pics/	1970-01-20 17:07:40	Name: _gat_hontai Value: 1
.busg18.pics/	1970-01-21 02:43:40	Name: _ga_KXR170ZX48 Value: GS1.1.1703260156.1.0.1703260156.60.0.0
.im-apps.net/	1970-01-21 02:43:40	Name: imid_created_secure Value: 1703260156
.im-apps.net/	1970-01-21 02:43:40	Name: imid_secure Value: Yn_QnrngSOeY0KAU42Ac8A
.busg18.pics/	1970-01-20 19:17:16	Name: _fbp Value: fb.1.1703260156954.997169822
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: wCuTAYLKMg0
.youtube.com/	1970-01-20 21:26:52	Name: VISITOR_INFO1_LIVE Value: 6Qxvt6L6PKQ
.busg18.pics/	1970-01-20 19:17:16	Name: _gcl_au Value: 1.1.2129863965.1703260157
.doubleclick.net/	1970-01-21 02:29:16	Name: IDE Value: AHWqTUlIwTkhFM0rXr_ghjM60ILnHdlH0nJVyraX7vE1ndtZ7z4ugdzjInozeZoSfEU
.twitter.com/	1970-01-21 02:43:40	Name: personalization_id Value: "v1_/3vVHsCqmOpgeQWdlXFSOA=="
.busg18.pics/	1970-01-21 02:43:40	Name: __lt__cid Value: e6d241fa-9fd8-4661-961d-f71015b3b8b3
.busg18.pics/	1970-01-20 17:07:41	Name: __lt__sid Value: 2e8978f8-486f9fed
img.macromill.com/	1970-01-21 01:51:49	Name: c Value: 172e917df1.029
busg18.pics/	1970-01-21 02:33:35	Name: _im_id.1010434 Value: dab92f3bb357b256.1703260157.
busg18.pics/	1970-01-20 17:07:41	Name: _im_ses.1010434 Value: 1
.busg18.pics/	1970-01-20 17:50:52	Name: _im_vid Value: 01HJ93EXBQ0ZT48BXD1MB6HPCP
.criteo.com/	1970-01-21 02:29:16	Name: uid Value: 23c1ba0a-c4a7-480e-a7a8-8d791fb81ba4
.demdex.net/	1970-01-20 21:26:52	Name: demdex Value: 74642203054900709450226161540807700190
.dpm.demdex.net/	1970-01-20 21:26:52	Name: dpm Value: 74642203054900709450226161540807700190
busg18.pics/	1970-01-21 01:53:16	Name: _tdim Value: b146061e-69d1-4049-cbf0-f5c80234a207
.busg18.pics/	1970-01-21 02:29:16	Name: __gads Value: ID=597cf15732b57484:T=1703260157:RT=1703260157:S=ALNI_MbzEqWdzvR-6Bo_n3UIg3bSGYg8mA
.busg18.pics/	1970-01-21 02:29:16	Name: __gpi Value: UID=00000d25bf710411:T=1703260157:RT=1703260157:S=ALNI_MZGdFng4SZNJ7dsvy8R7uLD-k6u4A
.busg18.pics/	1970-01-20 17:07:40	Name: _gat_quantTracker Value: 1
.busg18.pics/	1970-01-21 02:43:40	Name: _ga Value: GA1.1.1050775466.1703260157
.busg18.pics/	1970-01-21 02:43:40	Name: _ga_4YKEL52KHF Value: GS1.1.1703260157.1.1.1703260157.60.0.0
.yjtag.yahoo.co.jp/	1970-01-21 01:53:16	Name: bt3 Value: uyVSjbdGzb3veRB9TLwSJ8REF2fbsdLJx2UIS-XOuL4uGPoWajuwDgfVW-I6pwV7
.ladsp.com/	1970-01-20 17:07:43	Name: cr Value: 1
.doubleclick.net/	1970-01-20 21:26:52	Name: APC Value: AfxxVi6Ck1jCLMfHJeXfb_GCoNUxhmLfuLPfz6nrAjzTlT7Hf3M-ZQ
.fout.jp/	1970-01-21 02:43:40	Name: uid Value: zvIY4YOg0wsBDmrHsOk1y4epvdI
.busg18.pics/	1970-01-21 01:53:16	Name: _ss_pp_id Value: 57b62095f2675b2aa7a1703256558183
.ladsp.com/	1970-01-21 02:43:40	Name: smn_uid Value: 8VbnHn4EUGZ8QT_3ryTTJBA9TOhceeM
.adform.net/	1970-01-20 17:52:18	Name: C Value: 1
.de17a.com/	1970-01-21 01:46:04	Name: guid Value: 1.8830573347489695575
.twitter.com/	1970-01-21 02:43:40	Name: guest_id_marketing Value: v1%3A170326015834265512
.twitter.com/	1970-01-21 02:43:40	Name: guest_id_ads Value: v1%3A170326015834265512
.twitter.com/	1970-01-21 02:43:40	Name: guest_id Value: v1%3A170326015834265512
.adform.net/	1970-01-20 18:34:04	Name: uid Value: 1382096517194654062
.everesttech.net/	1970-01-21 01:53:16	Name: everest_g_v2 Value: g_surferid~ZYWv-gAI2p3fVABU
.sync.shinobi.jp/	1970-01-21 01:53:16	Name: ninja_dsp_uid Value: b5HsNrn7i2CvAhlDMFMt769b2e2W1lvUEXnpUhSAjJT4xA-S
.tagger.opecloud.com/	1970-01-21 01:53:16	Name: ope_uid Value: 2-3M7MKX6f1ScypxWCTi3kh0fSQOSi84mgd4EoUzQpCQZVJD6lnKsC8xm39JtZ9zO0hIP4Tw==
.adnxs.com/	1970-01-20 19:17:16	Name: uuid2 Value: 4150191517615403994
.line.me/	1970-01-21 02:43:40	Name: _ldbrbid Value: tr__k1y/XGWFr/5TnfmJFNwJAg==
.t.co/	1970-01-21 02:43:40	Name: muc_ads Value: 5aec7a0c-b938-4b87-b457-30bf1c677019
.in.treasuredata.com/	1970-01-21 02:43:40	Name: _td_global Value: bd698f30-8456-4009-88d3-1eb0afaac643
.popin.cc/	1970-01-21 01:53:16	Name: uid Value: 57b62095f2675b2aa7a1703256558183
.busg18.pics/	1970-01-21 02:43:40	Name: _td Value: 594d33d4-e1de-4584-9315-a6bce11777a4
.busg18.pics/	1970-01-21 02:43:40	Name: _a1_f Value: 7b3f383a-9acd-4ae6-8a6b-490f7dc84432

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://rt.rtoaster.jp/t/?a=RTA-4c13-9d99ea668add&m=&l=https%3A%2F%2Fbusg18.pics%2F&r=&p=item_code%3DBITEKI_538244%0Aitm_sids%3DIk3u9LBIVIk&i=0.2812403499178713&c=UTF-8 Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

41541c1a52ebdd1d3a27d54863fa283e.safeframe.googlesyndication.com
8731124.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
aid.send.microad.jp
ajax.googleapis.com
analytics.twitter.com
api.popin.cc
assets-momentum.akamaized.net
atm.im-apps.net
audiencedata.im-apps.net
b.im-apps.net
b1sync.zemanta.com
bam.nr-data.net
bs.nakanohito.jp
busg18.pics
c1.adform.net
cdn.adsafeprotected.com
cdn.opecloud.com
cdn.treasuredata.com
cf.im-apps.net
cm.g.doubleclick.net
connect.facebook.net
cr-p10000.ladsp.com
d-cache.microad.jp
d.line-scdn.net
d5p.de17a.com
dclk-match.dotomi.com
discoveryplus.popin.cc
dmp.im-apps.net
dpm.demdex.net
dt.adsafeprotected.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads4.g.doubleclick.net
gum.criteo.com
id5-sync.com
image6.pubmatic.com
img.ak.impact-ad.jp
img.macromill.com
in.treasuredata.com
inrecsys.popin.cc
jp-axia.m0mentum.net
jp.popin.cc
js-agent.newrelic.com
js.glossom.jp
js.rtoaster.jp
l.logly.co.jp
lb.eu-1-id5-sync.com
log.popin.cc
match.adsrvr.org
mcdp-nydc1.outbrain.com
mediaconsortium.profiles.tagger.opecloud.com
mediaconsortium.tagger.opecloud.com
mv.outbrain.com
pagead2.googlesyndication.com
penta.a.one.impact-ad.jp
pixel.adsafeprotected.com
r.popin.cc
region1.analytics.google.com
rt.rtoaster.jp
rtb.openx.net
s0.2mdn.net
scdn.line-apps.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
shogakukan-web-api.net
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.dmp.fout.jp
sync.im-apps.net
sync.logly.co.jp
sync.shinobi.jp
t.co
tagger.opecloud.com
tags.bluekai.com
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.line.me
universe.send.microad.jp
widget-pixels.outbrain.com
widgets.outbrain.com
www.biteki.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
yjtag.yahoo.co.jp
104.102.50.246
104.244.42.131
104.244.42.197
107.178.248.96
108.157.4.16
108.157.4.24
110.232.194.35
119.63.193.220
119.63.197.136
119.63.198.143
119.63.198.176
119.63.198.188
124.33.183.216
130.211.11.246
138.113.139.220
142.250.181.230
142.250.186.134
142.250.186.34
146.75.116.157
146.75.118.132
147.92.191.92
151.101.129.19
151.101.2.137
151.101.2.49
162.19.138.117
162.19.138.119
162.247.243.29
18.154.63.50
18.194.126.143
18.198.94.178
18.66.248.43
184.30.17.67
185.64.190.78
2.16.164.17
2.18.161.178
2.20.65.72
2.23.197.190
2001:4860:4802:32::36
202.228.215.62
202.232.238.40
202.233.84.1
202.233.84.7
213.155.156.182
216.58.212.162
23.56.200.105
23.56.202.187
2600:1901:0:e207::
2600:1f18:1aca:4281:d12:bfd4:3fe4:15c3
2600:9000:223f:e600:8:48e:53c0:93a1
2606:4700:3034::ac43:d9e1
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2006
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c1b::9d
2a02:2638:3::c
2a02:26f0:480:25::1726:6212
2a02:fa8:8806:13::1370
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::738
3.160.196.58
3.160.212.25
3.33.220.150
34.120.190.172
34.120.216.28
34.149.101.235
34.237.119.189
35.156.87.94
35.186.253.211
35.74.209.225
37.157.2.228
37.252.171.52
50.31.142.159
52.45.249.56
54.194.146.163
54.65.24.54
64.202.112.31
65.9.86.111
69.173.144.139
95.101.149.233
99.81.22.6
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01ea06fadcdcc5b9096b7b3bf5ae6edff46dff5451a72dd831f3f9657fc1bf68
0297a5dc16aed3779970aa407dbc22de2f11a375c192b2519d6dd67d903756a6
0365692d8e0d5051941db1f32f5f61d913d45be260b6030f38616703a3a51d4e
056c4c3abd3cd3f8ac7996aebd6ae24ea03cbf9698780ca4f550438f1e45f897
06867aead8e41350238771123050e58744efd7abb7c3a4a9fd82fe76d86c2eae
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cfebdb8437697ec92ece14079dbff4791066e9fd045cd90b1f59f03e643cef0
0df1160d44113ec606cbf1e131df9ce8d5d7ff1654310c3cd1607ba76cc9931f
0df76c2645eb74485a9f91aed0613a326bbd7ba4e70e555e9c25b141da92d6f5
0e2215127c515b7dc453590643e65e1d18304350946c7f03c4ef2038aee3b022
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
10b0b9c13cd849d49186e2420fd0e6045e68012133b097b1c356ffbc9e6b4b76
10d3fd918fd4182842380a269c9e4886f2ca444d55c051af3c0427faa5dd3b3f
1108c21c532be0b9551a8769f45fe165140cf7f48a7e2f213440986867a22e1b
11bc7c3bf3ffde058348daba9b705a6cf5cdc536bfde64ac65b2c17055cdcfac
12b9c5f653ab78b781cf757c4e9bd7dbdbc64cfd5bb6951e0b2e9b345fd48260
12c6f9e9783b58c70f585afbddee6744e66121ee2afd26f70d8327cb89b29475
13c56719c3bcb6a37dd6faea1a2b9071ecfa97369d6fb0a42cc235ab9b587df1
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14cf2170d1d495baa7129989ef46fc9f16cc5b26ea6094e669b795fb38cb272c
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
172559f2bd12127a0d6fe83651ddc78eda1b1186b35e4985a232d2231761ddda
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1a2a4626833823f4d38df7c0336d7a89d00b59acdaf55e5bdebf528261ef5d04
1beef0027dcb27e4a7db4b170f087a045a024841e00cf9e479df5fbb2ed10002
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d1584c3f083140a234febdbd2a1066a0c596f3a848d7731662d704e259908da
1d3eacb76438a47b9e0c06bde1deafb35494c70c8eba25fbd504bda2a8eb45f6
20b7a5950e315383860c3ce5e34d9ec7fb1eb587343006d6808f71ba3212ff42
20db0593fd9d1552da649567325c7e112816430e41559f32dd5804bd961b37c8
2228a1cbc3030c4e3a56f25620bc5433c07caf82e73f1884850696af00fd2530
229ee2a86094bf96086c2e19a274362a4f8eb1a0e11bd29907b1bef3eaf3fab6
2405c8a96e18b401fb29077cec82a119a7ef24591093f76439db6f77224e3c65
25a7984e52454cd4ce1e1cbbd4643a2a15db3632a0530a357b5e2c1d3c497528
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27329635c6d8a92442b7687d3f2dc58e63868e5e9dc5a00bccb8e0392b374d94
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2c78537370db283e881520b103a2f8198613f89d54eaa13dd566137d029c8fc5
2cca9d8b8d0efe6122716b9e702f932f4aed7fc4a8bdc5e20160165f10a6bbce
2d69751155a132dd4ea24d06d5f8d53adf24dc3d780535ab4269ac4fac00393d
2d6d5e3df8497d60456dd670e3d0f470636ee4169706c20e63a1285ff32d6442
2d8d763c8de6431273a0a2fc524d5505976d98772748595c2b30e380e1cec86f
2e996c3c794ff6f3d953f0ea28e3eae198d8a493eaeaaa4e83fdef842fdd8c65
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31ca058441df49f633c4493ec35cc4a6a216ee5a96d4181f94a42e0fc93ac66c
31ced9b50ff25c4ae796774e03cf5326848407fb752a6044e6d33ff3e0f80d81
325974629518ee22837d1d0b997b09311191fd4a6e7e11f4f6e7d32731ad9812
336cd79c5396009a4b029d0bb3fd797e60b7089179e2f4daf15c1c5f7bdad33a
34458ad63b26d3f1340af710c0aa2b6bd8569cbb0954fa50f091a47668832913
3561c9a17d4efea30c4e792274577aedd29c32ed614e0f1f79dd8f808b06227c
36759233b192884067f6619e13bbe55b67201f76bb69017dd154238c52113a8e
36f4117ec06428e33e74e26d3742c6bde800df3c44cd4f7ba5e472d0c27c2d2d
37eee9859e2acb07f6e3a12f083933db514b6f471dec6dbb236783e6fa5b3760
39942d619ba4090592014ee704137d40edc691e1b8e5f51a49a14d44056309ee
39e1568a36ae00ec00740c0fff97689ef509d52b3de2241947209312e9f42c46
3a5745c0199a15ac68b732f4ae353632d2610d6e013863762b6a74ec7365186d
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3ac6dd53729b34b5a69face9edaa0029b1e0ecc6d31e405bbf6a9f785d2b0411
3b273f093f3efc5927a36060d5b836737cc0eac3bce80632d1f76f32025e9040
3ba48809b5ba762f397bbf5892e9208210f09d2b7eef7186f5753f8758a93496
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e27ff91bcae1941300d33d81a64ef9b14fed989e0d0f03928c23ef6951cff3f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405d8ed8bf81bc7c12e4a3d86562a74c883c19cb29fdefe285c45289650a1c26
41068f4ad7966f6bc28b5888e3a25619cf94354edacf21b2d832a5c94b826623
42c705ceff5eb5dbcb94cade18892cf976afee3c9ca6dfedbfc3dbf9f50bf37d
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
440e6d0ff9c040230998aad83f230b5258d034b6a2cd795b149fd1a420010c7c
45694fd50133588b46fda942deff2e3dac1515a779ae3b9ea51e713261276a2f
461f9f536c4dc41886fb453be7068b893e2817524bc24587fc0449c65aacec75
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46dd1f7a1ac0c10bdeb360530b49e35018425a095c02fed750ed38e2bf7e0a1f
4728eed86f5f28dee17afe787d91f315f0d3971569a5f22a8d754dccfa675e8b
475c44afb1ce2aa0e8062f87e1fa0a6f6ffb767d573b2968f9e8a555bc487aab
47dae7e2609caba671c5516ae89c39409207a2cdecb06568487271f6b4fe02a4
4914a4eb339be7eeb29276670d4e1aa5f20cd7177d888e9bec03de5192670768
49daf7bddb14b814b7423b31c4ff574e2c73fc909fe098a18acf44c42069e5b5
49e4b138d77f5760066dd544d1353cfe620342738a100dca935bb93bd451586a
4afd6fa84d3326769d6825ea59364242043286ce72947e3bf23aa51c2340528d
4c6344fcf107575e875e210ec777a9d2f846f6d4ed2a4ce0af12b1b8d22c5fe7
4d0a42b5d3fa69a1748d3ed353da45ade9a77d9f47ee0d3bb7b6741f3da3224e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e458a81ad4af6b43616dae2e1dceeb3ae1d61e951652a2755a8cf094498b558
4f153db1eb36674ed4d15a1451e24571181e39f4c8986c11b46c1a540dd726c7
50c8eb4c5df5450445502181eeb1cde94d9e84fbe9120bcb13a9a1b111a353c1
539b381a6e0a5a49d299867d9ab722ad7e41d01f07bbcb6bed4518b63f8d4b0a
543ba64a156a86c66b11aa72b57d93c12a366c69c9e5a3224f4dd2f10ac86693
545a3f15171f75dcf5c3bc8ad152b71163f0181776fbdd06248154cf53886ded
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55103ba9e62bca5ed116d5541f7faeac4f4f2ccfa5f70854b4d0a3aef449f7f8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
574c7c673557a21bbdf72ffb0a1fc52b74fe269eac8b3222cbcdc792727d1c7f
596ad9a5fcc4869aedde664a49349b86a742fe5374496188eecc18e58fca019e
59bd2f0c3be92e362ef9ec6fe6bd785c234a94eca0c521905f218a7cfebb0dc9
59d0515933a4b95bc271028f17e001daf5ad4c9aae86716d0fdac771d0776172
5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee
5a5c1b28a8004a0171f9c3bca2858bba94564d5c95eb988dce03c16cf4f0167d
5b4d3a0dfdaf461371a91d7c7a144d2abc4f9aa78873550382b505d715478b28
5bd53835e5cff2d7d1e4e2c45efb1b0cddf361f523292cbaaad19cfce2789f96
5be922c61278c45cc283eabbf51616c700e5faf818106af7b1f3bd4dbaeac87d
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7
5d52ecdb7ab2edc1b144f2d86c9c567c26a9ce5f2d64416702d7eb854a849660
5daf96d193f1c7cc27e54944135ce083edec8467ef31782cffe29b624558a227
5dd9eccbe1921e6ccc4d7f4e4c6533a7598b4d3d09dc991e88f56b3852d89de8
5e93437eb5ec0dcdece92d1562fcd435d1d521cca5c013d2d9e15b544a1d8a39
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a7c91cb18dfbfdc047bbe4ae0be740598abd621717c054b50508121d40305e
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
64674d59b71fb30e4c87fdbc6c6120cae055b32d961e22ebc33d4d873c18a29b
6473a8cac7416737b799474d7e48303f1aee13072faf32f1071d9ebcc85470db
649a714547a694fbdbc215dbedff1349f1fe9975f77b3eb1b46f64b26605e18e
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
6762615804eea62d385bab7695e0fdeed7c4f66c3fd966798a7f72dd6866bef4
68ba2188449745c493ad970332492a55fe2130b1b35508d195f4fee25990a6b6
68d9bea0210febda0161583bf5966c7bfeac07ce71059408625a33901b2e41d7
69b226236c373ba0134423fc579434b927f0719fce7870c8f1fc4c780eb0ee68
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c1fa2e1ed5a79874108dfd0e5fb940cfb2a27928b2ff3aa4d480a6f66b434b1
6cc68dd7abc711fcb456683e0169bb31b844711d5304df5d33e8690679b5337f
6e149a0ebb5e297dde5fc2b49bc940f4e2f42124d8203cbed8a41c47be23028c
701f91582021a2c6e50e28eaf2ae14286431f53e209da07a166a0da842cab52a
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
718ca92f50befdf24810931bbb887575f155a242714bd25c55874b297f411b8e
724640a5260f52e19ff71a5825b27e6bb8b5ba35673d0ec08dc2c3bf9f26aaef
752388b066fc2d37de354a6dcbad0fff74749de6e1f74aa95ea4128f4c5405e7
75b5ce1abd68dd9b187a033b3de93af58f160b821323d633ba9fb832a4c83835
770df52b5b4546e8fd3c9ad0d43c93a1c44c49d0272060ef0af5559d94ab6b99
79be38607fada2979f0ef6094616f6411e9d5249a7c331be54fddce243f3c011
7a908be48760513ceb838d427f2fa1a4265818f542ef055df69045413c141eb0
7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8
7cfc3fb62b5c1f39ba7097d4fcfe8bd7925f49ae1f5fd3ff18460ba96dfdc36b
7edf5b2eb4905d5fcb547ca8e06b4e85c048eb127354ca301dad6b1b5582e64f
7f141e0aadd367a659b4fc281b5237c61f8f31ca60ad711d64e7294ddc4bb9c8
7fdee674dfde36c73143fe579a18a3e432b56939731d2d9746dccc7fa7e6bfec
801e002ecc49cda34ba6522e68b42677d5c66a3213d3cc031a719d1e704d20e9
809262703aa650bd67618053e805248de84befd9be08b4c614b5de9bc9b8ca67
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
81b9e8a15168eebd6faf19c2a197d6ce6d9281fabad1bfbfc34e6fc257491892
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81c79d7d0049349e0e035f25fed83869058d45ffa2acb408fcc9e15fb1a29d21
821ede88c20629a967a843953a53e9f02b56121d765d45ed772c877132ba1eb7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84172a021c02de27c2c6ed9c5020ac6353f4e4b00983990f157fb7992ee42098
846ab9cdce3bf071ded49f7ea2eaa1ea6a2d75b9bc4317e0767a106fa2e66efb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e2f272052d386779f00694399d4dcbbad2def9c0e1f56e7ab16d133c2cef57
85490cec7ffc506647607b9da2ee23b9822e1670657a420a3d246abc9b9e9f4f
857d59431e878b847a1f87eec2b36cce3cf2269ca3bb61aa264a5173b71f3b4b
861d0b760d3b4e3d5f3ddd6f0470487c2e4abbd0b0ed5ee76239764fea3a1dd2
862af3117cb03c6ebfec2cc73197d45df959cc72da7f598d99b76ea6686c6707
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8718f6c17f9086915b83c9ea9698019933c5f2b5c822ebea617d559e1226fcb5
871e3dfbc4b95c33cbb7cd16ce3137863659711975b4a729951044f3448f6260
87ad360f3706d8777c59a9bebbec561ccaa49298069d1ff3b8d4abb5c99eee88
891e657e9226101b5aa3ddbc1f291a1c455a548e9df7f3b1351c1a8a98bd48e9
893834ff65d7db34a75a260f2f1da8c085ce6d36c8d98da496c469d049b9e28d
8acc1f1025dcaf26f8f860f726b3a05a701b77eb685301d4f25bc8339bbf891f
8adff0b9d2a3a5e05bdde6b49e96dd175e7f0dcfe913e92da09e413a134cd5ac
8b739055f6057976eaacea3b549aefc92d690f09e2274e08ec9827687b0582a5
8b9f37a15c97df39f89e561ea896a0bc9fd9c38aa0850d73163ae2a4139d763e
8c082bece010e3d7fb4120f165a47bb64f589a22abcef2935485c58eb544f246
8cad7f252c813ed1428e5fa15429c81e55aaa298e3ca510d990f596048488f1e
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9291b2cca23e946dc35c3d4570695705ade0446fd1a9ba0f6abd951f82fa3608
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
940f3e5c6b0fb28b70e9f1456d0cacbe287fd6832bde053c0a0d9f0df5ba4ea6
9566b2575ca4044c6c56271539fd2e015dc99c8a087460967de796d518dc9e65
960a8e41a56a21bf1c68ab8197d6b5b565a271633edd576719bbd0c3cf5ceeb3
963589c5c0456c821783dc689064c1255c875402311b161c4b109bfc354bc2a2
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
989966489898beacacfda2e722f2b42b62da451d085f5b4f53953efe9ffa4b5d
995ed30e5971e1618595e2edd929a155b4f884697fcbb108f920217a25ae002a
9a04927eed0d57c4cad3d56e933bdeb5a9e06de9d9ebabbe99a732547f341e77
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2c367d7b923b48ab5f7998e5d8f04e2ce84f7c5adfb74d710349e998fa788f
9bd0437a3883993db9061230fb8db5fb02ec498fab35810ada384063489bb983
9e4b99b195179e415c40fc30275d90b384b26cc8130344b1b98cd55ebb0d7aef
a036f8197b3856b02d1e236e08dd1b50a4ed68cb148686beb274eabf29794d51
a1f072e561d3d4d0f0b7e1eff183dc4bd044d70511d70b39041b63f0fe572942
a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd
a2f5e77bd9b7dc32466144e81008267b0901bf32c9d339e640624ecae562ad59
a3627f48460d0cb1d2b5a60472b076666830a7ec46a2accd944e4f9cc3c9f01e
a3c8880af2036f993508cad14cc12013df18d109ffe5cbf324161e0d52361d1e
a43f11f8ac8634637da8838ba5991791d5624a37dec376a62658bdf613530469
a4ff1a40b43ba34c62af7cf45052ceb1c13245f71b78d2f95e608cdf40f0cdb9
a625aaf6b2aa565c56bc43f4e8fbdec6c03939ea23f427f622cd61859b2d6a46
a6813d8da1b5605d6628bc926ab3a75e591da18d78d0dfe6d578694575ea72bb
a8d2d8520f01b9788b750863e3c2b287d61de94d9707c9978588eb34668865f3
a8e46d5756b139e7b716a1351644b03bb44e3fa18ff91e9f9fe5441a42f0fea0
a9e8b9c1835f278ce12dee5160d5f11c1a573b8d1ffdba0de79ab8e23fd6316d
aa2fcfae52e3a7f4aaf1fc678c27525dedfa37cbe4a965e2092e5cc551acd60c
ab57df5663b01787c125bd46926f1e6bb69580f240732e6d2e031829298576d2
abfb533bb3f7ffe5c78c1f4f257b9cb4aa313df48f6ef4d0b920ceb81ceb399f
ac195780e6b3c57034d94552b0f55c450879151bee089547f4de05b0db8b5a37
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad43253c5a7020f4b05e184d49db9ba32565ec1e291cdb4e0e1792606921d124
ad6bc55b67b180dc0f6e759549aca2e9a4e1573cb6c7ba0dbe569cc44adca448
af78b52e724e210addb3dcaa84f1c573ca094774bb0d55abf2910c9d4c899f5b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29cb193904e21beb4e19c3dd24339532cc4dca4fe61334eea26036a96c208f2
b58e06c5e41ed53e9f60c8546cb2db7a2b70f8fa3a5d35bba72d46a0bc803585
b8790106c39d616d072aa3f2a0b9e320745c6afb31ef2fecf56a1295e445019f
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bba8380e9b0cabca5ed90402103684fb6272f2bb7b5c0e0362fd5753150bd593
bf685167a42df61d9b650a2a2dfc829ac3bcd647a83ad54504b301ecf10d1ebc
c10b4be23311add1ec14d62f14a2e77cafae70f88c44703336c937381a2a2ca0
c123d29d5d12b26fce40551852dce1cd2ffb2dbf45f2b0cb663071df8fed76d6
c16c1a385dd5f554ec1319058879b3a92534f04f38b80e183d30f2e0ae341b2b
c1ef167e3112a81527dac4791653d424da6848e92d7c642fa2ebd2e64f5656ae
c597de1c4070ed28335c59446dc74505db23ce4562aea12658574f546cd28b63
c71664c460219c64e8be6fb0f9e96f687708a88afe18ef961a75b6e85cd6f159
c743315a0f331b5fdf548079b9504acf9b9908810d628b71a4f643b42227e024
c77d86299bb6b3a906a066999665946dfc69ed1e90fec12d1b7fda549e3d5d74
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c836432ab919173c4750f31bf195edd4a772356f1d50159b1b07186ee99872e0
ce2506bb4135cb1096c195e82b6b83b783e6f56f0bcf3823d02725cb61592dcd
ce44d9d3620877fb90e5a0dc690fb51323242adfd601d2d327e623488f94c67d
ce72b985eb9f4448be799e805fc95979281d17ce0fa8388aa15c4ff760b4cccd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfaade2e51036012dade62854cf3902385b5dc9637a9071f177a7c1fbe515fb5
d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1
d516bfb03e8fdc8ce6bbb71098cf217cc2350a5e4742961abb63b99d1658647b
d643d52e0041252f1f9f1f6eae3c425e548bf06dea62368ec9d92c034d13a29d
d734644882bedf4c9e487f729c71bf7fac5b35aa852a070a381a5c3a4ac99362
d78680b021294f5efee49ac5eca0df15d000d1c1a41b07d38a9a55bc45d5391e
d87adffa6872b2908994e1d0fc5f5c6bd93649d98fa08f1d9c37bd331aa485de
d8b5a78a0b5f69c1e5867edcbc4d87c63802061095571067f6064223fc16879c
db8f96bcf12465c1514dcf50df78b437f875221e220f976d1956ea038426a355
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e009054d80be96f40559f2aecfc93281fd39970a4fbff3e4ff44241c4e082355
e0728494318054fd0ea0de53eae7590ab956be3d94808db3780d66df6a3d9cba
e0b55e23cb80e1794ca1f3c217319cef76efe837fe66d806feb58900628a7f30
e0fcccc60d9e199431efe12dc8a20650a2c8860a4e2e403f953e03c9a16ace6a
e13870d8ccb6bb42b8c0a91513368e8b2a75f47e80798a9f5853a1875a71b367
e1a9151aeaf73ffee1ab2438754e3138b5c74dad60e33a50cd5432978d5dfb67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d8da992e180e0a19341c2b889c6c0958c63e4c0c94bc5cf5c7252d26f62f80
e479148095f938f496e99aa84e05a9186b65f6b00b0e0544ee922c712d26bd02
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f
e72735b82bc4e30f56735cb44576d5d1c7766713d2d6eb23cc57abc49a86269e
e727e46a1327bfd94fd16ddbce83cabdd5912c9af96a89cd4468284608d8763c
e87efe00b52483b10fd8a3a6aeebcdbe7f85647fffb4cdd00b73f6b7df222aa3
eaae1919111e3fe063cb3fa468ca1bf9b2e1d137f164650376b1306830126845
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7a239dd7b491f522d3a67d5f39526122e397bb1a09ec999f6fb9fbd510200d
ed0b5cb130539b65b62b7a490db68c66d11499a9a1f5356b3de68ca358d48040
ee28c275c7e37d13e7a634606b4a5254eb6410f83ddc7557a71ad8aae4166dd8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa72846e62a8d9a4d74967f90125d592ac0f212813a93f9f6e76bc13ee58438
f087df50d6940430029279ca46f65f1b8600c0be9c8b3dfc1a24c8c60b98c141
f0f7b6172cab2a378adef009b049766d0fa0db2561cc4b4324acc85de2b98775
f10db3e3971151644679b15eed1dbc9c9ce14057e2e2827a24fb976ab04eab43
f15f9baee02434c7d5c616c9b9d85a87155c298821fbc844d97e31eb1df6750a
f22977485ef9ecffafcd8cb81a2a6c71888debef654c7853135691c8b51deef7
f360198677982642b19eec063470d87f63619bc8e729b163d42a6407b3ab1286
f467518861595ea51a80baeb392e953411e147e2b006fda5a2df95d456849f35
f4bfccc1f5b7e9b8710bd33e37d7956061c2e86defe4db7d6af704d0e2cae66c
f6b4b2fa8a7e58b9de65587fd3e3258296b48b80eb3d66a57b712fea55608599
f6fc4c6ed9a5e2f05c7f1c964154067183e5a331da7f3cf2eb0fd51b7ee5a840
f728a9a6aeebe8586c4a933d52c678cdc7d008dd9e5c944a57d0736e471d4b8d
f76bdec2944a1de8d70e1d461e503ae7485212a9f08282971947dfe5d5bfe6bd
f8a7ad878155dca953fec89ef8d5928545e4f1fd0dbb92a0b77c11102d92ae1b
fa714dc1957acc4ee87efea89855b523cf6910ef82df0ec28eb0a6cf764a5858
faf3a5b0232e4515f5c4b91225ab985faa6813ee78d0123a560def12ebe56597
fb53cc70b7307e71f368746f86cc2cd1e4b73f2328e0f9f2fc2f9cea3858dc27
fbc59b605467945826301d8eaeb72115de0ec09183fdfda19a62357a65fa24d1
fc7fe45db078b8395d7995216bc97c7ebf483b939096068d1f6494d6fd1056da
fdbadb5bb46844a087e6dd74a083358c26072d15af0eb3620dc64f8796580ae7
fe4da0ee63d24cd5275b5e9fa83c1cf1ac6a49f6ab7f3b28264d8b0d17193cb0
fe82b986ff9cde3b6fe106f68bcb05a57ec9274b76a5c4d5bd3d94cda8686692
ff1b2914106fd3444f7456ac541b27499e162fe74fab6c53fee81d827d862590

busg18.pics Open in urlscan Pro 2606:4700:3034::ac43:d9e1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

373 Requests

96 %HTTPS

29 %IPv6

60 Domains

98 Subdomains

83 IPs

11 Countries

8154 kBTransfer

13591 kBSize

50 Cookies

115 Outgoing links

Redirected requests

373 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

busg18.pics Open in urlscan Pro
2606:4700:3034::ac43:d9e1 Public Scan

Screenshot
Live screenshot

Full Image

373
Requests

96 %
HTTPS

29 %
IPv6

60
Domains

98
Subdomains

83
IPs

11
Countries

8154 kB
Transfer

13591 kB
Size

50
Cookies

373 HTTP transactions
6 data transactions