www.saferma3ana.com Open in urlscan Pro
2606:4700:3037::ac43:92ef Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cdn-7.saferma3ana.com/
Effective URL:
https://www.saferma3ana.com/
Submission: On February 05 via automatic, source certstream-suspicious (February 5th 2022, 3:09:58 am UTC) — Scanned from DE

Summary HTTP 60 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 19 domains to perform 60 HTTP transactions. The main IP is 2606:4700:3037::ac43:92ef, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.saferma3ana.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 4th 2022. Valid for: a year.

This is the only time www.saferma3ana.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::6815:1caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:303... 2606:4700:3037::ac43:92ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:600:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:3000:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	147.75.61.140 147.75.61.140	() ()
1	3.123.107.179 3.123.107.179	() ()
1	178.250.0.165 178.250.0.165	() ()
1	108.128.129.221 108.128.129.221	() ()
1	185.255.84.151 185.255.84.151	() ()
1	185.33.221.13 185.33.221.13	() ()
60	23

1 2606:4700:3030::6815:1caf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cdn-7.saferma3ana.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3037::ac43:92ef (United States)

ASN13335 (CLOUDFLARENET, US)

www.saferma3ana.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:600:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:3000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

blogger.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

96b607d9d8dba531c530b17b0a244955.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.61.140 (None, )

ASN- ()

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.107.179 (None, )

ASN- ()

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (None, )

ASN- ()

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.129.221 (None, )

ASN- ()

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (None, )

ASN- ()

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.13 (None, )

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	saferma3ana.com 1 redirects cdn-7.saferma3ana.com www.saferma3ana.com	154 KB
11	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 8202 3.bp.blogspot.com — Cisco Umbrella Rank: 10950	433 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 96b607d9d8dba531c530b17b0a244955.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 124	39 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184	159 KB
4	googleusercontent.com blogger.googleusercontent.com — Cisco Umbrella Rank: 16207	390 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1019 pixel.quantserve.com — Cisco Umbrella Rank: 424	10 KB
2	gstatic.com fonts.gstatic.com	19 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47 ajax.googleapis.com — Cisco Umbrella Rank: 293	31 KB
1	adnxs.com ib.adnxs.com	703 B
1	omnitagjs.com hb-api.omnitagjs.com	711 B
1	yieldmo.com ads.yieldmo.com	228 B
1	criteo.com bidder.criteo.com	220 B
1	sharethrough.com btlr.sharethrough.com	117 B
1	a-mo.net prebid.a-mo.net	351 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 898	428 B
1	ezoic.net go.ezoic.net — Cisco Umbrella Rank: 10357	2 KB
1	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 9052	87 KB
60	19

	Domain	Requested by
13	www.saferma3ana.com	www.saferma3ana.com
10	1.bp.blogspot.com	www.saferma3ana.com
5	securepubads.g.doubleclick.net	www.saferma3ana.com securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	blogger.googleusercontent.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	www.google-analytics.com	www.saferma3ana.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
1	ib.adnxs.com	go.ezodn.com
1	hb-api.omnitagjs.com	go.ezodn.com
1	ads.yieldmo.com	go.ezodn.com
1	bidder.criteo.com	go.ezodn.com
1	btlr.sharethrough.com	go.ezodn.com
1	prebid.a-mo.net	go.ezodn.com
1	www.google.com	tpc.googlesyndication.com
1	96b607d9d8dba531c530b17b0a244955.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	pixel.quantserve.com	www.saferma3ana.com
1	rules.quantcount.com	secure.quantserve.com
1	3.bp.blogspot.com	www.saferma3ana.com
1	go.ezoic.net	www.saferma3ana.com
1	secure.quantserve.com	www.saferma3ana.com
1	ajax.googleapis.com	www.saferma3ana.com
1	fonts.googleapis.com	www.saferma3ana.com
1	go.ezodn.com	www.saferma3ana.com
1	cdn-7.saferma3ana.com	1 redirects
60	26

This site contains links to these domains. Also see Links.

Domain
silktide.com
www.youtube.com
twitter.com
instagram.com
facebook.com
www.blogger.com
www.ezoic.com
www.seoplus-template.com
www.pinterest.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.ezoic.net Amazon	`2022-01-16` - `2023-02-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.a-mo.net R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.saferma3ana.com/
Frame ID: 3C04B5BF909C9652E21461FD1F69734B
Requests: 61 HTTP requests in this frame

Frame: https://96b607d9d8dba531c530b17b0a244955.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C2504987C6B2F616B9E8041B9D757F22
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1F4E472F63E8BDFA650CC1292C77781C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32AD342DAFF05824B4335C67CA3A17A1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

سافر معنا

Page URL History Show full URLs

https://cdn-7.saferma3ana.com/ HTTP 301
https://www.saferma3ana.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

100 %
HTTPS

70 %
IPv6

19
Domains

26
Subdomains

23
IPs

2
Countries

1349 kB
Transfer

2312 kB
Size

23
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCSDqIKZshQ8A_1RDru6-pmA

Search URL Search Domain Scan URL

URL: https://twitter.com/saferma3ana

Search URL Search Domain Scan URL

URL: https://instagram.com/safer_ma3ana

Search URL Search Domain Scan URL

URL: https://facebook.com/saferwithus

Search URL Search Domain Scan URL

URL: https://www.blogger.com/profile/00098336522942539559
Title: جمال

Search URL Search Domain Scan URL

URL: http://instagram.com/safer_ma3ana

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

URL: https://www.seoplus-template.com/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/saferma3ana/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cdn-7.saferma3ana.com/ HTTP 301
https://www.saferma3ana.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.saferma3ana.com/
Redirect Chain

https://cdn-7.saferma3ana.com/
https://www.saferma3ana.com/

250 KB
60 KB

470ms
452ms

Document
text/html

2606:4700:3037::ac43:92ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.saferma3ana.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:92ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dfce2b0943d7551da5b1a507bb05d5e91652889e3f52c198940d1d66a0e3115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 05 Feb 2022 03:09:51 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
display: pub_site_sol
expires: Fri, 04 Feb 2022 03:09:51 GMT
last-modified: Fri, 04 Feb 2022 08:53:51 GMT
pagespeed: off
response: 200
vary: Accept-Encoding User-Agent,Accept-Encoding
x-content-type-options: nosniff
x-ezoic-cdn: Miss
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-origin-cache-control: private, max-age=0
x-sol: pub_site
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKFfpqhCj296jPDA0gbcp0FrYN7ZBb%2FZYsYp4gQQdOu60oxchq2uc9m0fvSrMBNWC9rI2PxdwtiVDG0%2FWACkW4lcNj9gJQ%2Ba2%2Frm9viIkmhYEEDmfsRR7NRJjgFlmvP5BNcxYpYCREUx5PLtGhFF6w3w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d88f13d0a16902e-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sat, 05 Feb 2022 03:09:51 GMT
content-type: text/plain; charset=utf-8
content-length: 0
location: https://www.saferma3ana.com/
cache-control: max-age=300, private
vary: Accept-Encoding Accept-Encoding
x-middleton-display: redirect
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfGfsInugGYVEFFQB3jf%2FDGo74GEjKOuCh9SttZyJvLa587Yw6ueiWARFvS%2BUmrVIb6Y%2B%2FIYnVtnhZI0O6nVF2gVMXcQKmzwWD3By6ZRyhsN06Qn7q585Ru0ZCVnQd9KJMxoLOz0g5%2BvSjbiaGoWON3BZeM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d88f13a5bb2926d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 56ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

5efaa403a369560500d97b80168dc33ad226fa7ce9b6f62c50f77c68bb9a6b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27219
x-xss-protection: 0
server: sffe
etag: "1122 / 74 of 1000 / last-modified: 1644015869"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Feb 2022 03:09:52 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 291 KB
87 KB 48ms
20ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,sharethrough,yieldmo&cb=195-0-33
Requested by: Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5bdcdde411d51b2c8592667fbfa1ebb428a7c28624b1cbe780fc3c1b47305ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 12:16:56 GMT
server: cloudflare
age: 917576
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quWKepykxa1JpMryovIggW86HgKa5KA3uVGLgfX5MqXvjB5VLjlAuXaxbGaAvAMgHQ860S1FPhqkogKgSCj8C5YQMKNBx5zSf%2BByWK2WnyrikK0ASvC2m5xtPNxA%2BEEPGumWaHXycRPc%2FXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d88f1402e6c9207-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 banger.js Show response
www.saferma3ana.com/porpoiseant/ 53 KB
13 KB 23ms
22ms Script
application/javascript 2606:4700:3037::ac43:92ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saferma3ana.com/porpoiseant/banger.js?cb=195-0&bv=102&v=57&PageSpeed=off
Requested by: Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:92ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 800ab11290dec2ea731985d862303a5ddf33bad7134799f285ace13c896da1e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 151
cf-ray: 6d88f14048d95bf5-FRA
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 05 Feb 2022 03:07:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2FsjwHAu%2BcpYpPYHRigvOLzUxyABPT50cjTR7Y2yF1LOCKFLrIMHZO2hQ%2BA9wVLiXup%2BepMW3TSF2kFEazUcos3kEYDqA4UeQJ9VPqVakDWEvlMLrMqEghVB5%2Bmw4ERB5Bq%2B5uq8mPLXfezQK0cyieHb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 cookieconsent.min.js Show response
www.saferma3ana.com/ezoic/ 4 KB
2 KB 17ms
16ms Script
application/javascript 2606:4700:3037::ac43:92ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saferma3ana.com/ezoic/cookieconsent.min.js
Requested by: Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:92ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 151
cf-ray: 6d88f1402ce8902e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: cloudflare
etag: W/"11a4-5c701b9c2cf40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jvSjzx7oF%2FpKJJEnfDFF5RJGrmCPX%2BjRnxTXjHEHMSuj98Rvz6FzMF4KKbO1Y5f%2B7HQw7HH5uXqPzIBgN887RZzH7c0NbIXoJAYKIYMhMFk1qofFrKlsXSQo53xqM9ihBA64%2F8zsnFqhZvEQmZDQCRxo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
expires: Sun, 05 Feb 2023 03:07:21 GMT

GET
H2 200 css2
fonts.googleapis.com/ 710 B
870 B 39ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Tajawal:wght@500&display=swap

Requested by

Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1909f81af5cb5e24127c03b5cc57446ce02c2376698c9012944f1fc1ce32c29e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Feb 2022 01:42:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 05 Feb 2022 03:09:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Feb 2022 03:09:52 GMT

GET
H2 200 %25D8%25B3%25D8%25A7%25D9%2581%25D8%25B1%2B%25D9%2585%25D8%25B9%25D9%2586%25D8%25A7.webp
1.bp.blogspot.com/-oA9_LpKrITk/YautOzm8DNI/AAAAAAAABVI/wwGgdwgceeUOM363tZUw5_m7JkgJBo-bwCNcBGAsYHQ/s200/ 5 KB
6 KB 30ms
8ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-oA9_LpKrITk/YautOzm8DNI/AAAAAAAABVI/wwGgdwgceeUOM363tZUw5_m7JkgJBo-bwCNcBGAsYHQ/s200/%25D8%25B3%25D8%25A7%25D9%2581%25D8%25B1%2B%25D9%2585%25D8%25B9%25D9%2586%25D8%25A7.webp

Requested by

Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f066156b83bb69415b855ceeda3fb0f80e83555ebe48c78ba812ef8f0215429a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 00:59:54 GMT
x-content-type-options: nosniff
age: 7798
content-disposition: inline;filename="____ ____.jpg";filename*=UTF-8''%D8%B3%D8%A7%D9%81%D8%B1%20%D9%85%D8%B9%D9%86%D8%A7.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5391
x-xss-protection: 0
server: fife
etag: "v553"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 05 Feb 2022 20:30:09 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 02:45:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Feb 2023 02:45:56 GMT

GET
H3 200 cmbv2.js Show response
www.saferma3ana.com/detroitchicago/ 42 KB
13 KB 16ms
16ms Script
application/javascript 2606:4700:3037::ac43:92ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saferma3ana.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y0b-5y0d-14y13-3y17-4y21-3y53-1y57-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x21x53x57&abt=VignetteFloor
Requested by: Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:92ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 052e35fdba3222c3457798741fd5ba985b7d8c41309d40038fd581461794ced2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 151
cf-ray: 6d88f14048db5bf5-FRA
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 05 Feb 2022 03:07:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qyqr%2BR0aoLqa9oyLLStWzuC9QVooqRlP6Uoh5tu3537LadmxYpBhUKIrMILdxt%2FyMQk8BoQ8qtrHGunUS%2Fv%2BjJC802Eukkvd%2BU939sQ3D59HTeHs8gtskeacNjLshwIn7784aSPJEkKR2cFfmhZr5v7x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H3 200 /
www.saferma3ana.com/ 41 KB
41 KB 488ms
488ms Image
text/html 2606:4700:3037::ac43:92ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.saferma3ana.com/

Requested by

Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::ac43:92ef , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-sol: pub_site
display: pub_site_sol
x-ezoic-cdn: Miss
x-middleton-display: pub_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pagespeed: off
response: 200
last-modified: Fri, 04 Feb 2022 18:11:17 GMT
server: cloudflare
x-origin-cache-control: private, max-age=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b94GqSXCTc5n%2Fpick%2FKkii4zKac2mwBKC5yw9BKBsuJOCWnPqpOfuZLFCjqh2LPjIATJnC4y0aeQ4H5J7b%2FSVVDEEILefsUGrpFNyNcBtdjOhVhFv7zMeqg%2Bj1M%2FPd9ooDLVnkozflQeABkX6RF4%2B2Zl"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, User-Agent,Accept-Encoding
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 6d88f14048dd5bf5-FRA
expires: Fri, 04 Feb 2022 03:09:52 GMT

GET
H3 200 pubads_impl_2022020101.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
119 KB 23ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 02:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2954
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121756
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 09:38:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 05 Feb 2023 02:20:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 38 B
78 B 32ms
17ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.saferma3ana.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8192ddfca8eb6b2d7a9a22c19ccf44f3c702ef70f2ac3179166e3cda6507d907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 03:09:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54
x-xss-protection: 0
expires: Sat, 05 Feb 2022 03:09:52 GMT

GET
DATA 200
OK truncated
/ 608 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6e5d8ec90d5e619f46ae09b758fc5930511e6084a1994a281ee0ce379744af3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 1008 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d740d47e9001830347fc7db698eb52615142e160858c8d995dd7d3d8e1b8554

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22df6f5eb095e7178122e3fa56cfd1dfd360b11991fff2e55fb4d7606c682141

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 365 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fb735586bde96666688242da255ea15d760baf571b7cb60c58042d59fa2d5df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 627 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a217480aa6975d5cca42e735655916610429fe4c60dc7f1a21c75badff47d33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v8/ 8 KB
8 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v8/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff5afc2fb4dbd2ecb286ee9b121154abaa9709ae3d710d730a57702725bc28e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.saferma3ana.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 21:19:38 GMT
x-content-type-options: nosniff
age: 193814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8524
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:10:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 21:19:38 GMT

GET
H2 200 Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v8/ 10 KB
10 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/tajawal/v8/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9986de5db80ec050300f1cea25d651a5779ae62b91a39b5667ac23d0c7668cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.saferma3ana.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 21:19:37 GMT
x-content-type-options: nosniff
age: 193815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9900
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:10:47 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Feb 2023 21:19:37 GMT

GET
H3 200 imp.gif Show response
www.saferma3ana.com/detroitchicago/ 43 B
663 B 254ms
253ms XHR
image/gif 2606:4700:3037::ac43:92ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saferma3ana.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A-1%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C5%2C4%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A2%2C%22bidder_method%22%3A0%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Frankfurt%20am%20Main%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A211678%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A1%2C%22ezcache_skip_code%22%3A11%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A0%2C%22page_ad_positions%22%3A%221004%2C1006%2C1100%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22baaa18d3-f456-46fb-59cc-d358d2f1222f%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2260313%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A204675%2C%22response_time_orig%22%3A198%2C%22serverid%22%3A%2218.198.27.250%3A18128%22%2C%22state%22%3A%22HE%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1280%22%2C%22t_epoch%22%3A1644030591%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.saferma3ana.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A561%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y0b-5y0d-14y13-3y17-4y21-3y53-1y57-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x21x53x57&abt=VignetteFloor
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:92ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNgUCFgZOiouyn%2BEHD5xwf1%2FoDUA5bZ94VeGhwnJ8x5QomC6TVUHOA1RLYyuckdMM8%2B8c2ivHf4BopMbGum1tlncBiJjiNHUd306hJNcWj77oSUxyuSANOY%2BX3v6rBEU2rqgqrULlMbEeZ5jBU2aiL3Z"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 6d88f140c94d5bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Fri, 04 Feb 2022 03:09:52 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 78ms
9ms Script
application/javascript 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y0b-5y0d-14y13-3y17-4y21-3y53-1y57-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x21x53x57&abt=VignetteFloor
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Sat, 12 Feb 2022 03:09:52 GMT

GET
H3 200 cmbdv2.js Show response
www.saferma3ana.com/detroitchicago/ 44 KB
11 KB 14ms
14ms Script
application/javascript 2606:4700:3037::ac43:92ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saferma3ana.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-5y0c-5y18-4y58-21&cmbcb=20&sj=x03x0cx18x58&abt=VignetteFloor
Requested by: Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:92ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53d7a7eaaa4d1e7f2e1c5b2b1b959cd2e0f12e880f348e88b73f1a9b1b4ef79a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 151
cf-ray: 6d88f140c94e5bf5-FRA
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 05 Feb 2022 03:07:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISmak7XeTp9ovyAh%2F1InhHs%2BmQkd%2BT%2FKCa5b0tyM664%2BahpLgXff1gUk72V%2FJo1OArDbcTmI1W2ZJlt1smy4XvPh7cZtyc7iCegnS%2B1wGQ7qS54narce7PYNn4eGz%2FiL6tVyCa4yoSXDjPviDlDlKAaO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H3 200 nmash.js
www.saferma3ana.com/porpoiseant/ 24 KB
7 KB 16ms
16ms Other
application/javascript 2606:4700:3037::ac43:92ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saferma3ana.com/porpoiseant/nmash.js?v=102
Requested by: Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:92ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 151
cf-ray: 6d88f140f9905bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 04 Feb 2022 07:10:17 GMT
server: cloudflare
etag: W/"6003-5d72bf16a1987;5d72bf16a1987-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83kNkMvNUYqqEyGINSW0c5wDZ01EczUugkzKBO4lC3GBwWp4O9LFmHqNrReBsRDftizcUs%2FWjYRNSnJNrj3jf4e3uLJ%2BXGeFZPiU4UpHLSA9Z%2BqFK9Raj8f%2F7GIGq0XA5xmnWsvzDDrbiaOQsQy1bCFd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 839 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a89ee73e5945175137d8497fae678da096cc60c3f4dd14556452586bca2545ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 634 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e394e4104c33965e3b520818ecd2d104d5d9f99be53f7b95a1b5d30360c0bb9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 47ms
7ms Image
image/png 2600:9000:214f:600:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:600:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 07:27:28 GMT
via: 1.1 511c8b6c7e903efca023a504d527516a.cloudfront.net (CloudFront)
x-sol: middleton
age: 416544
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: lg4L7iJLg6KLsg4n6VPvke1ULlv8TJ3eybmtJAOSbLMeXGRx8PgJ7A==
last-modified: Mon, 31 Jan 2022 01:51:19 GMT
server: nginx
etag: "49d-5bd497273b080-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA53-C1
display: staticcontent_sol
expires: Mon, 07 Feb 2022 07:27:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5698
date: Sat, 05 Feb 2022 01:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 05 Feb 2022 03:34:54 GMT

GET
H2 200 256-256.png
3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/ 1 KB
1 KB 8ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/256-256.png

Requested by

Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fdc94d53d1796c028c474c2f2fa236f730b1f0869a42108d706c307422329e21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 01:04:19 GMT
x-content-type-options: nosniff
age: 7533
content-disposition: inline;filename="256-256.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1286
x-xss-protection: 0
server: fife
etag: "v4ed"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 25 Jan 2022 17:03:57 GMT

GET
H3 200 houston.js Show response
www.saferma3ana.com/detroitchicago/ 4 KB
2 KB 14ms
13ms Script
application/javascript 2606:4700:3037::ac43:92ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saferma3ana.com/detroitchicago/houston.js?gcb=0&cb=16
Requested by: Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:92ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 151
cf-ray: 6d88f14129c75bf5-FRA
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 05 Feb 2022 03:07:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKfTz5cJVUyPgrRUmWV237x4jURiAj3mH%2BSSUQWbF90Vrauj3llqil57G431jyyg2TJMAYeckbrby29IkbfmFSzysAU7TEOF9O6HjqsmoNermXVpeW7N8nOUXBsnSizVSjhfuJkvhBy4HLlCADsE53H9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
428 B 34ms
7ms Script
application/javascript 2600:9000:206f:3000:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 16:20:28 GMT
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
age: 38965
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 5vG8KFYdZL12SvrIvi8vQFmmYPey9qDRbt2RI2qpMjWto9CTpS8Qsg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=487541926&t=pageview&_s=1&dl=https%3A%2F%2Fwww.saferma3ana.com%2F&ul=en-us&de=UTF-8&dt=%D8%B3%D8%A7%D9%81%D8%B1%20%D9%85%D8%B9%D9%86%D8%A7&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1611066588&gjid=265546982&cid=1504093382.1644030592&tid=UA-174209937-1&_gid=398015477.1644030592&_r=1&_slc=1&z=735825377

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.saferma3ana.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 03:09:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.saferma3ana.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=180190618;labels=Domain.saferma3ana_com%2CDomainId.211678;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.saferma3ana.com%2F;uht=2;fpan=1;fpa=P0-1543630629-1644030592246;pbc=;ns=0;ce=1;qjs=1;q...
pixel.quantserve.com/ 35 B
371 B 13ms
12ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=180190618;labels=Domain.saferma3ana_com%2CDomainId.211678;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.saferma3ana.com%2F;uht=2;fpan=1;fpa=P0-1543630629-1644030592246;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=saferma3ana.com;je=0;sr=1600x1200x24;dst=0;et=1644030592246;tzo=0;ogl=url.https%3A%2F%2Fwww%252Esaferma3ana%252Ecom%2F%2Ctitle.%D8%B3%D8%A7%D9%81%D8%B1%20%D9%85%D8%B9%D9%86%D8%A7%2Cdescription.%D9%85%D9%88%D9%82%D8%B9%20%D8%B3%D8%A7%D9%81%D8%B1%20%D9%85%D8%B9%D9%86%D8%A7%20%D9%87%D9%88%20%D9%85%D9%88%D9%82%D8%B9%20%D8%AE%D8%A7%D8%B5%20%D8%A8%D8%A7%D9%84%D8%B3%D9%81%D8%B1%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AF%D8%B1%D8%AC%D8%A9%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%89%252E%2Ctitle.%D8%B3%D8%A7%D9%81%D8%B1%20%D9%85%D8%B9%D9%86%D8%A7%2Cdescription.%D9%85%D9%88%D9%82%D8%B9%20%D8%B3%D8%A7%D9%81%D8%B1%20%D9%85%D8%B9%D9%86%D8%A7%20%D9%87%D9%88%20%D9%85%D9%88%D9%82%D8%B9%20%D8%AE%D8%A7%D8%B5%20%D8%A8%D8%A7%D9%84%D8%B3%D9%81%D8%B1%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AF%D8%B1%D8%AC%D8%A9%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%89%252E%2Cimage.%0Ahttps%3A%2F%2F1%252Ebp%252Eblogspot%252Ecom%2F-DbWKZPtLuf4%2FXyFbUiNUa4I%2FAAAAAAAAAiw%2FsmJ8aUS9GcYUK99K%2Cimage.%0Ahttps%3A%2F%2F1%252Ebp%252Eblogspot%252Ecom%2F-DbWKZPtLuf4%2FXyFbUiNUa4I%2FAAAAAAAAAiw%2FsmJ8aUS9GcYUK99K%2Cimage%3Awidth.600%2Cimage%3Aheight.315%2Ctype.website%2Csite_name.%D8%B3%D8%A7%D9%81%D8%B1%20%D9%85%D8%B9%D9%86%D8%A7

Requested by

Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 03:09:52 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 dark-bottom.css
www.saferma3ana.com/ezoic/styles/ 3 KB
1 KB 13ms
13ms Stylesheet
text/css 2606:4700:3037::ac43:92ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saferma3ana.com/ezoic/styles/dark-bottom.css
Requested by: Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/ezoic/cookieconsent.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:92ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 150
cf-ray: 6d88f1435c715bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 13 Jul 2021 14:05:09 GMT
server: cloudflare
etag: W/"bd7-5c701b9c2cf40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zvOycCE%2BTV46Lfl0TsbZ7QnUDqymPWumw9Oi%2FifsUx6ckTp9FJS7FyyHMUB7rR69vNtmOolUTzC3WAgKUji4b5kx7JBK0KyiRifuHs1hjazW%2FsncOJ%2BoWxW5RtW9Z1W2r7jk6EGeRWCVy3Le%2FR2oQo%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-robots-tag: noindex

GET
H2 200 AVvXsEilg_3kuBb-3Zp4J16dB12u1KrPICPg9WAAFA_wph1HK_e9NvaME5xFX7Ym-_tywcCkaNAJlccfNbiUefDKvC0Sqjd_AfW9BN4Z4t2n4TRttpHDENAQyItnRWJqbFJ6bOIDaxYMWhJfWQYJVMU-u35x4GAr5s_iOyjpNLUfhyD8dgTyLd_rHLjpvhl-bQ=w1600
blogger.googleusercontent.com/img/a/ 135 KB
136 KB 337ms
312ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEilg_3kuBb-3Zp4J16dB12u1KrPICPg9WAAFA_wph1HK_e9NvaME5xFX7Ym-_tywcCkaNAJlccfNbiUefDKvC0Sqjd_AfW9BN4Z4t2n4TRttpHDENAQyItnRWJqbFJ6bOIDaxYMWhJfWQYJVMU-u35x4GAr5s_iOyjpNLUfhyD8dgTyLd_rHLjpvhl-bQ=w1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3eead87e92ba45e0f050a931ff7e8c87c44966d75838eecb97e17d98130be4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v57e"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="____ _______ __ __________.jpg";filename*=UTF-8''%D8%A3%D9%81%D8%B6%D9%84%20%D8%A7%D9%84%D9%85%D9%82%D8%A7%D9%87%D9%8A%20%D9%81%D9%8A%20%D9%83%D9%88%D8%A7%D9%84%D8%A7%D9%84%D9%85%D8%A8%D9%88%D8%B1.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138410
x-xss-protection: 0
expires: Sun, 06 Feb 2022 03:09:52 GMT

GET
H2 200 AVvXsEgQbN_056LXGV2omFKTptQqLoX3ZCvqv74z7uVxFq-E0FY8j65C4MM87n39A5N03CIper_R1quXiXhnPLhfv1nvTSvcbdD5Mtx1sGRnyju9Ko80g54L2gcxzYcnZsuk0fkEGE2lu0SvYUJiM41HHoleFNM-PyDmlJ3gMkspVONbvs3Neb4-urDFPISaLw=w1600
blogger.googleusercontent.com/img/a/ 75 KB
75 KB 363ms
338ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEgQbN_056LXGV2omFKTptQqLoX3ZCvqv74z7uVxFq-E0FY8j65C4MM87n39A5N03CIper_R1quXiXhnPLhfv1nvTSvcbdD5Mtx1sGRnyju9Ko80g54L2gcxzYcnZsuk0fkEGE2lu0SvYUJiM41HHoleFNM-PyDmlJ3gMkspVONbvs3Neb4-urDFPISaLw=w1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

03947c8f3ae55b383000b3289f60d6ed1ff99765ca5764a9ab4ffccd0c59e904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v561"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="__________ __ _______.jpg";filename*=UTF-8''%D8%A7%D9%84%D9%83%D8%A7%D8%A8%D8%B3%D9%88%D9%84%D8%A7%D8%AA%20%D9%81%D9%8A%20%D9%85%D8%A7%D9%84%D9%8A%D8%B2%D9%8A%D8%A7.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76664
x-xss-protection: 0
expires: Sun, 06 Feb 2022 03:09:52 GMT

GET
H2 200 AVvXsEjYpNXdrr0N3KKgVh4M8CuS77UCGF4Wg0lI_0326ZV7-tpMP0p0nhiu-3HYf9JJp33bpNSX_qiARuJN3J8KnX29NvD6qJQuSK1a2BqNybGq6PJjq1xl0Z_wj9Yf1EXAM_dI_XIGdzAToptYJ-8TMqQyf2_guF8wl8M4vl9x9eCq9IFcggUAPMOI4771bg=w1600
blogger.googleusercontent.com/img/a/ 28 KB
28 KB 351ms
327ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEjYpNXdrr0N3KKgVh4M8CuS77UCGF4Wg0lI_0326ZV7-tpMP0p0nhiu-3HYf9JJp33bpNSX_qiARuJN3J8KnX29NvD6qJQuSK1a2BqNybGq6PJjq1xl0Z_wj9Yf1EXAM_dI_XIGdzAToptYJ-8TMqQyf2_guF8wl8M4vl9x9eCq9IFcggUAPMOI4771bg=w1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7609ef16061917d1780c512d693c4eda86f08702b66e2aa8f3e08caf246b5ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v55f"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="___ ____ booking.jpg";filename*=UTF-8''%D8%AD%D8%AC%D8%B2%20%D9%81%D9%86%D8%AF%D9%82%20booking.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28717
x-xss-protection: 0
expires: Sun, 06 Feb 2022 03:09:52 GMT

GET
H2 200 AVvXsEhEHbu3OGOPTWYuwxnvATb2_AxzpdG5tCA4kd22UZPk8Cpb6WHKups8fCupvNsj0lJc0ebr6yEPGH-uTZxTOfHbu5Kuxiiq9PBGyBpzgBTOLRmzx6JwNegGf6fFblwW5xPYOMa1XjbvY8HKrxed79hHdrfttFR410LIo7AlkhVBAkfss_SmxDUxqBQs4Q=w1600
blogger.googleusercontent.com/img/a/ 151 KB
151 KB 345ms
321ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blogger.googleusercontent.com/img/a/AVvXsEhEHbu3OGOPTWYuwxnvATb2_AxzpdG5tCA4kd22UZPk8Cpb6WHKups8fCupvNsj0lJc0ebr6yEPGH-uTZxTOfHbu5Kuxiiq9PBGyBpzgBTOLRmzx6JwNegGf6fFblwW5xPYOMa1XjbvY8HKrxed79hHdrfttFR410LIo7AlkhVBAkfss_SmxDUxqBQs4Q=w1600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6a40a9173be004933d68caf63cffc5657a1d7bfeeb8f8d59109ca11c36d8d6ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v539"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="____ _______ __ _______.jpg";filename*=UTF-8''%D8%A3%D8%B1%D8%AE%D8%B5%20%D8%A7%D9%84%D9%81%D9%86%D8%A7%D8%AF%D9%82%20%D9%81%D9%8A%20%D8%A7%D9%86%D8%B7%D8%A7%D9%84%D9%8A%D8%A7.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 154200
x-xss-protection: 0
expires: Sun, 06 Feb 2022 03:09:52 GMT

GET
H3 200 20210722_102813.webp
1.bp.blogspot.com/-cunNfuwuWBU/YPk7cApZmUI/AAAAAAAABOo/m1wZzh75gt8jqDXK05mC3qOhtQ3tHaj2gCLcBGAsYHQ/s350/ 45 KB
45 KB 23ms
8ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-cunNfuwuWBU/YPk7cApZmUI/AAAAAAAABOo/m1wZzh75gt8jqDXK05mC3qOhtQ3tHaj2gCLcBGAsYHQ/s350/20210722_102813.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

99dc838c5ce26af5466e8a3e930709bbc1b7455ae9099b646cca42481b366d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:07:22 GMT
x-content-type-options: nosniff
age: 150
content-disposition: inline;filename="20210722_102813.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46060
x-xss-protection: 0
server: fife
etag: "v4ec"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 06 Feb 2022 03:07:22 GMT

GET
H3 200 %25D8%25A3%25D9%2585%25D8%25A7%25D9%2583%25D9%2586%2B%25D8%25B3%25D9%258A%25D8%25A7%25D8%25AD%25D9%258A%25D8%25A9%2B%25D9%2581%25D9%258A%2B%25D8%25A3%25D9%2586%25D8%25B7%25D8%25A7%25D9%2584%25D9%25...
1.bp.blogspot.com/-UKCT1-WnHQk/X7jokPGDHSI/AAAAAAAABBc/JO6so05gFDYeH03wtK-VokZMqa94qUMOQCLcBGAsYHQ/w400-h225/ 54 KB
54 KB 29ms
14ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-UKCT1-WnHQk/X7jokPGDHSI/AAAAAAAABBc/JO6so05gFDYeH03wtK-VokZMqa94qUMOQCLcBGAsYHQ/w400-h225/%25D8%25A3%25D9%2585%25D8%25A7%25D9%2583%25D9%2586%2B%25D8%25B3%25D9%258A%25D8%25A7%25D8%25AD%25D9%258A%25D8%25A9%2B%25D9%2581%25D9%258A%2B%25D8%25A3%25D9%2586%25D8%25B7%25D8%25A7%25D9%2584%25D9%258A%25D8%25A7%2B%25D9%2588%2B%25D8%25AA%25D9%2583%25D9%2584%25D9%2581%25D8%25A9%2B%25D8%25B3%25D9%258A%25D8%25A7%25D8%25AD%25D8%25A9%2B%25D9%2581%25D9%258A%2B%25D8%25A3%25D9%2586%25D8%25B7%25D8%25A7%25D9%2584%25D9%258A%25D8%25A7%2B.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b98cf3e868b0bb081a9bbf0c925fbff9620696e9b2ab113de033c6b43064c04c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:07:22 GMT
x-content-type-options: nosniff
age: 150
content-disposition: inline;filename="_____ ______ __ _______ _ _____ _____ __ _______ .jpg";filename*=UTF-8''%D8%A3%D9%85%D8%A7%D9%83%D9%86%20%D8%B3%D9%8A%D8%A7%D8%AD%D9%8A%D8%A9%20%D9%81%D9%8A%20%D8%A3%D9%86%D8%B7%D8%A7%D9%84%D9%8A%D8%A7%20%D9%88%20%D8%AA%D9%83%D9%84%D9%81%D8%A9%20%D8%B3%D9%8A%D8%A7%D8%AD%D8%A9%20%D9%81%D9%8A%20%D8%A3%D9%86%D8%B7%D8%A7%D9%84%D9%8A%D8%A7%20.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54830
x-xss-protection: 0
server: fife
etag: "v418"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 05 Feb 2022 21:07:49 GMT

GET
H3 200 %25D8%25A3%25D9%2585%25D8%25A7%25D9%2583%25D9%2586%2B%25D8%25B3%25D9%258A%25D8%25A7%25D8%25AD%25D9%258A%25D8%25A9%2B%25D9%2581%25D9%258A%2B%25D8%25B2%25D9%258A%25D9%2588%25D8%25B1%25D8%25AE%2B.jpg
1.bp.blogspot.com/-PHIog9TvTgE/X5f3lsmRRRI/AAAAAAAAA_c/5eZlc-bcZbkiEy9iKf2a-8-oBf9RhzzvACLcBGAsYHQ/w400-h224/ 44 KB
44 KB 26ms
10ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-PHIog9TvTgE/X5f3lsmRRRI/AAAAAAAAA_c/5eZlc-bcZbkiEy9iKf2a-8-oBf9RhzzvACLcBGAsYHQ/w400-h224/%25D8%25A3%25D9%2585%25D8%25A7%25D9%2583%25D9%2586%2B%25D8%25B3%25D9%258A%25D8%25A7%25D8%25AD%25D9%258A%25D8%25A9%2B%25D9%2581%25D9%258A%2B%25D8%25B2%25D9%258A%25D9%2588%25D8%25B1%25D8%25AE%2B.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9158a0d64e634921a6ccd135c0569b2e29fc7500671e7bab593a55171ff8b28b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:07:22 GMT
x-content-type-options: nosniff
age: 150
content-disposition: inline;filename="_____ ______ __ _____ .jpg";filename*=UTF-8''%D8%A3%D9%85%D8%A7%D9%83%D9%86%20%D8%B3%D9%8A%D8%A7%D8%AD%D9%8A%D8%A9%20%D9%81%D9%8A%20%D8%B2%D9%8A%D9%88%D8%B1%D8%AE%20.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44790
x-xss-protection: 0
server: fife
etag: "v3f8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 05 Feb 2022 21:07:52 GMT

GET
H3 200 20200722_212223.jpg
1.bp.blogspot.com/-ukc0ShOEJHg/XxigPwhqh9I/AAAAAAAAAhA/vUZtRTdpWbgZNqJfIhIAmVj-ofGBWMvDACLcBGAsYHQ/w400-h225/ 40 KB
40 KB 32ms
16ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ukc0ShOEJHg/XxigPwhqh9I/AAAAAAAAAhA/vUZtRTdpWbgZNqJfIhIAmVj-ofGBWMvDACLcBGAsYHQ/w400-h225/20200722_212223.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f5c904637253291aa9ff070a6cfc2993be9e6f9f40a0cfc1a19b6deefaa2f3c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:07:22 GMT
x-content-type-options: nosniff
age: 150
content-disposition: inline;filename="20200722_212223.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41032
x-xss-protection: 0
server: fife
etag: "v211"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 31 Jan 2022 11:40:23 GMT

GET
H3 200 20200729_133712.jpg
1.bp.blogspot.com/-wd86m8rlbRw/XyFt0updz8I/AAAAAAAAAi8/rPL9C61nYJMDzrhbe5NRhYzjoUZro4R7QCLcBGAsYHQ/s400/ 48 KB
48 KB 42ms
26ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-wd86m8rlbRw/XyFt0updz8I/AAAAAAAAAi8/rPL9C61nYJMDzrhbe5NRhYzjoUZro4R7QCLcBGAsYHQ/s400/20200729_133712.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f62d6d5864a9a058bc2c694b4eece3c71ec6c85b6d840de0221dd1d409b2d5b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:07:22 GMT
x-content-type-options: nosniff
age: 150
content-disposition: inline;filename="20200729_133712.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48846
x-xss-protection: 0
server: fife
etag: "v230"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 05 Feb 2022 21:38:36 GMT

GET
H3 200 20200719_110412.jpg
1.bp.blogspot.com/-ySatppEJFsk/XxQdcElPlAI/AAAAAAAAAgQ/Qx7SuHwrJSkhTF3Bcc6O72M44Oa1osPFgCLcBGAsYHQ/s400/ 46 KB
46 KB 35ms
20ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-ySatppEJFsk/XxQdcElPlAI/AAAAAAAAAgQ/Qx7SuHwrJSkhTF3Bcc6O72M44Oa1osPFgCLcBGAsYHQ/s400/20200719_110412.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f8064ac7b0fc36b41987268e09996db03530e61b3c3e328bbffef0b6b1761242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:07:22 GMT
x-content-type-options: nosniff
age: 150
content-disposition: inline;filename="20200719_110412.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46837
x-xss-protection: 0
server: fife
etag: "v206"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 05 Feb 2022 21:38:36 GMT

GET
H3 200 %25D8%25A3%25D8%25AC%25D9%2585%25D9%2584%2B%25D8%25A7%25D9%2584%25D8%25A3%25D9%2585%25D8%25A7%25D9%2583%25D9%2586%2B%25D8%25A7%25D9%2584%25D8%25B3%25D9%258A%25D8%25A7%25D8%25AD%25D9%258A%25D8%25A9%...
1.bp.blogspot.com/-R4ah9vV_Mlg/X_WYWuKHh0I/AAAAAAAABDE/_KnWuzyLyWov4FM8f9wn2Xibvs6W8JUJQCLcBGAsYHQ/w400-h225/ 71 KB
71 KB 39ms
25ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-R4ah9vV_Mlg/X_WYWuKHh0I/AAAAAAAABDE/_KnWuzyLyWov4FM8f9wn2Xibvs6W8JUJQCLcBGAsYHQ/w400-h225/%25D8%25A3%25D8%25AC%25D9%2585%25D9%2584%2B%25D8%25A7%25D9%2584%25D8%25A3%25D9%2585%25D8%25A7%25D9%2583%25D9%2586%2B%25D8%25A7%25D9%2584%25D8%25B3%25D9%258A%25D8%25A7%25D8%25AD%25D9%258A%25D8%25A9%2B%25D9%2581%25D9%258A%2B%25D9%2585%25D8%25B1%25D8%25A7%25D9%2583%25D8%25B4%2B.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d0c4d96987b8f428597a084504c6a9dc9008a2e45c0292464fcf772197066775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:07:22 GMT
x-content-type-options: nosniff
age: 150
content-disposition: inline;filename="____ _______ ________ __ _____ .jpg";filename*=UTF-8''%D8%A3%D8%AC%D9%85%D9%84%20%D8%A7%D9%84%D8%A3%D9%85%D8%A7%D9%83%D9%86%20%D8%A7%D9%84%D8%B3%D9%8A%D8%A7%D8%AD%D9%8A%D8%A9%20%D9%81%D9%8A%20%D9%85%D8%B1%D8%A7%D9%83%D8%B4%20.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73085
x-xss-protection: 0
server: fife
etag: "v432"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 05 Feb 2022 20:30:09 GMT

GET
H3 200 20200724_223513.jpg
1.bp.blogspot.com/-9tgxkRCwcb4/XxtU_VLYefI/AAAAAAAAAh4/QTmR7cNr43Q4Uif9XsWTDkZNA0t-CNwBgCLcBGAsYHQ/s400/ 35 KB
35 KB 37ms
22ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-9tgxkRCwcb4/XxtU_VLYefI/AAAAAAAAAh4/QTmR7cNr43Q4Uif9XsWTDkZNA0t-CNwBgCLcBGAsYHQ/s400/20200724_223513.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

618c5a6a213e8c61720c14375eca157f01b1c01dd4220ffc7680d0c0f621685e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:07:22 GMT
x-content-type-options: nosniff
age: 150
content-disposition: inline;filename="20200724_223513.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35986
x-xss-protection: 0
server: fife
etag: "v220"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 01 Feb 2022 20:16:02 GMT

GET
H3 200 20210412_153100.jpg
1.bp.blogspot.com/-WtYOsz2RjpY/YHRZ8mKDr0I/AAAAAAAABGg/hisZyKs8VlcNXa9xkBpaBoCPHggPhTL_ACLcBGAsYHQ/w400-h225/ 44 KB
44 KB 35ms
20ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-WtYOsz2RjpY/YHRZ8mKDr0I/AAAAAAAABGg/hisZyKs8VlcNXa9xkBpaBoCPHggPhTL_ACLcBGAsYHQ/w400-h225/20210412_153100.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2a2c6d5ffeec132aa22398a0f6a005893225165b6ec7d39d869dcd16d6367a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:07:22 GMT
x-content-type-options: nosniff
age: 150
content-disposition: inline;filename="20210412_153100.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44616
x-xss-protection: 0
server: fife
etag: "v469"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 05 Feb 2022 21:38:36 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.saferma3ana.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 03:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 998 B
561 B 123ms
122ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3206026106588990&correlator=1558246862963008&output=ldjh&impl=fifs&eid=31061815%2C31063821%2C31060033&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220205&iu_parts=1254144%2Csaferma3ana_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ga%3D2497208%26tap%3Dsaferma3ana_com-pixel1-3509300579787700%26ezoic%3D1%26ap%3D9999%26iid1%3D3509300579787700%26bra%3Dmod25&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1644030593197&lmt=1643964831&dlt=1644030591982&idt=207&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=2099595024&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.saferma3ana.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1504093382.1644030592&ga_sid=1644030593&ga_hid=487541926&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3fe198bc27be48393aae70468b31be0de599fcecf44572920a74971814d9f459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 531
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.saferma3ana.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 47ms
25ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ad9f38c15a5ffd8d6415b377d73279b59987aa115defa7e6c8a3ea159503287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Feb 2022 03:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10155
x-xss-protection: 0

GET
H2 200 container.html Show response
96b607d9d8dba531c530b17b0a244955.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C250 6 KB
4 KB 86ms
15ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://96b607d9d8dba531c530b17b0a244955.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 05 Feb 2022 03:09:53 GMT
expires: Sun, 05 Feb 2023 03:09:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2022020101.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 8ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022020101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

7c4706df92f1a04e6dd981e919351fbc2f8c63b9f3a8d975d8ca3e94598fdf94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 11:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12988
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 09:38:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 01 Feb 2023 11:41:01 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 03:09:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1F4E 13 KB
5 KB 26ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Feb 2022 23:25:25 GMT
expires: Sat, 04 Feb 2023 23:25:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 13468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 32AD 783 B
1 KB 38ms
17ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a6a62ca7b780d95ba2c8cbe13602ca7d018ceda01b20188c4ef5fe08405f79de

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qYjXOWxAgvzZ/raQz+1nvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 05 Feb 2022 03:09:53 GMT
date: Sat, 05 Feb 2022 03:09:53 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-qYjXOWxAgvzZ/raQz+1nvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 greenoaks.gif Show response
www.saferma3ana.com/detroitchicago/ 0
625 B 120ms
119ms XHR
text/plain 2606:4700:3037::ac43:92ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saferma3ana.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiYWFhMThkMy1mNDU2LTQ2ZmItNTljYy1kMzU4ZDJmMTIyMmYiLCJkb21haW5faWQiOiIyMTE2NzgiLCJ0X2Vwb2NoIjoxNjQ0MDMwNTkxLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYmFhYTE4ZDMtZjQ1Ni00NmZiLTU5Y2MtZDM1OGQyZjEyMjJmIiwiZG9tYWluX2lkIjoiMjExNjc4IiwidF9lcG9jaCI6MTY0NDAzMDU5MSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjItMDItMDUifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjYifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImJhYWExOGQzLWY0NTYtNDZmYi01OWNjLWQzNThkMmYxMjIyZiIsImRvbWFpbl9pZCI6IjIxMTY3OCIsInRfZXBvY2giOjE2NDQwMzA1OTEsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImJhYWExOGQzLWY0NTYtNDZmYi01OWNjLWQzNThkMmYxMjIyZiIsImRvbWFpbl9pZCI6IjIxMTY3OCIsInRfZXBvY2giOjE2NDQwMzA1OTEsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYmFhYTE4ZDMtZjQ1Ni00NmZiLTU5Y2MtZDM1OGQyZjEyMjJmIiwiZG9tYWluX2lkIjoiMjExNjc4IiwidF9lcG9jaCI6MTY0NDAzMDU5MSwiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==
Requested by: Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y0b-5y0d-14y13-3y17-4y21-3y53-1y57-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x21x53x57&abt=VignetteFloor
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:92ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:53 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejQ6susQL6MZkEuRyDOMf%2FqE1FSt%2FH2I%2F4Gz5zjHIykUD3RxNRSYGyzE%2B7gdzW96Op%2BPivh1UNMec0vNKo6CsId0nBSFTSyxry4%2FZ5I5w0YVPdIQggjulNzXxaVN6aC5NJVe6NRbRn48mIDUTk%2B0Sf1G"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 6d88f14859f65bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Fri, 04 Feb 2022 03:09:51 GMT

GET
H3 200 greenoaks.gif Show response
www.saferma3ana.com/detroitchicago/ 0
620 B 97ms
96ms XHR
text/plain 2606:4700:3037::ac43:92ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saferma3ana.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiYWFhMThkMy1mNDU2LTQ2ZmItNTljYy1kMzU4ZDJmMTIyMmYiLCJkb21haW5faWQiOiIyMTE2NzgiLCJ0X2Vwb2NoIjoxNjQ0MDMwNTkxLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiI0NTMifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjkwNCJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiNTMifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiMTQ5In0seyJuYW1lIjoicGVyZl9jb250ZW50bG9hZGVkIiwidmFsIjoiMTUwIn0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjUwMyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImJhYWExOGQzLWY0NTYtNDZmYi01OWNjLWQzNThkMmYxMjIyZiIsImRvbWFpbl9pZCI6IjIxMTY3OCIsInRfZXBvY2giOjE2NDQwMzA1OTEsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6Ijk3MSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImJhYWExOGQzLWY0NTYtNDZmYi01OWNjLWQzNThkMmYxMjIyZiIsImRvbWFpbl9pZCI6IjIxMTY3OCIsInRfZXBvY2giOjE2NDQwMzA1OTEsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMTA1OCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImJhYWExOGQzLWY0NTYtNDZmYi01OWNjLWQzNThkMmYxMjIyZiIsImRvbWFpbl9pZCI6IjIxMTY3OCIsInRfZXBvY2giOjE2NDQwMzA1OTEsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiYWFhMThkMy1mNDU2LTQ2ZmItNTljYy1kMzU4ZDJmMTIyMmYiLCJkb21haW5faWQiOiIyMTE2NzgiLCJ0X2Vwb2NoIjoxNjQ0MDMwNTkxLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjkifV19XQ==
Requested by: Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y0b-5y0d-14y13-3y17-4y21-3y53-1y57-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x21x53x57&abt=VignetteFloor
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:92ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:53 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTvVXHARV45R0zRz%2FYD5fzJYsMGblkwPJIEyHwKdk7LxsxTfLq5%2BjvR2oC2QWcIwK3Ju1Zk%2BTz6cgF8Dqp7pHN4N1HGulvjc5dRp1Ull5q9XHKTi5n7VfMWPZQGOBz7bgRu4fGMMkbPJAnGvr63iRqu4"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 6d88f14859f75bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Fri, 04 Feb 2022 03:09:53 GMT

GET
H3 200 greenoaks.gif Show response
www.saferma3ana.com/detroitchicago/ 0
620 B 150ms
149ms XHR
text/plain 2606:4700:3037::ac43:92ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.saferma3ana.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiYWFhMThkMy1mNDU2LTQ2ZmItNTljYy1kMzU4ZDJmMTIyMmYiLCJkb21haW5faWQiOiIyMTE2NzgiLCJ0X2Vwb2NoIjoxNjQ0MDMwNTkxLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYmFhYTE4ZDMtZjQ1Ni00NmZiLTU5Y2MtZDM1OGQyZjEyMjJmIiwiZG9tYWluX2lkIjoiMjExNjc4IiwidF9lcG9jaCI6MTY0NDAzMDU5MSwiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiIxMzI4In1dfV0=
Requested by: Host: www.saferma3ana.com
URL: https://www.saferma3ana.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y0b-5y0d-14y13-3y17-4y21-3y53-1y57-21&cmbcb=20&sj=x04x02x06x07x0bx0dx13x17x21x53x57&abt=VignetteFloor
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:92ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:53 GMT
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrQtIe5j%2FzH7Zqbu4E1GmDsHhIswN7GvyQX%2BGrdvMTD47CW3oZcWWDuyYvnKs7U5OnW6IsoJWGTZ2OyjNQa3c8zYmmL4VGbydw%2B59v2Ha7nv19ytgyC9SZNczuzvYxK%2BrONkChpMzOJYVC8t1kof74t1"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges: bytes
cf-ray: 6d88f14859f85bf5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: Fri, 04 Feb 2022 03:09:53 GMT

GET
H3 200 Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F4E 35 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ol8DAVooj0Rm15QbcMm2xe-FwsEsVu5ZVwbhFimW5pI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 23:07:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13749
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Feb 2023 23:07:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 32AD 0
0 35ms
31ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020101&jk=3206026106588990&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1F4E 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FX5lBg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 03:09:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020101&jk=3206026106588990&bg=!hYalhsLNAAYZkRhwGZE7ACkAdvg8WvL0Gd1C_Ey5RUMK6YSpzpA9VUWim6FENLE7oUcxwTspVn36CAIAAADuUgAAAANoAQeZArYAZrGnFfo3422CeC6N-1LX1pTHReh3Pm6esMsU8cgPgR1e3Vm3jIimg_3cQRqsFWBaZHpHQn4RfdoL3IFAmHDUiVntbA-YJYoFgd5Ait7JJkHWfKrKTmtbGWT10xf2WjoWzhq-eLybaTsC1EM87p16tvdqqRo6kzXggPboa28PYzCkwrgdkvUFSsPCR2XXmtswdYGcRsXkvako9ELQuuAq5YEdvNewor9O870tX6adXGTcurA5nnpiDJO7khc2KlpCpxnDm0juXPtb4vVG57micak4sDnYW-XQYT58wZTEYuJLNq3z10ScIqBOYu-AhnU6k6gAjmiTsF-HpHuoLFowB7hNaib8zVwNfYM-wiRcJ6pTolXBDWzFeDHG_uWU_j2yIEJwph5zWLn9ey55oouxPxStJH1jo5SUTyPYXfuUGv3RpLhTs-4t3FU6n6nDIiP9kyxFzi4SwN_tXqYPRHerl3mUD0YLXb3sZMb5WB0SV_ONUnCvoTpRHip1Hly8sbOLVUWdibtVT2M4dhoyoMZ2bbVNePW0MMfDNHap77qhQxf15_oaAmdvRLtrjuIEmvxba0c-9vmD8uw38zWMXSeqjOXIjp9MCIb7q7z6UF1YenV7TYXWnkZoZzAMRPIHMtx3lYxD4jskXtQEGHvPxqrxNaqK2JHFINrV48pFZrDfViLl2LQ0CZm-Qcxq5Rkiibejzf1HcC7VlfahlUARD19IvsK7TGdRBppwgDiccs0fdVbg3nHYmjSe76d-697v0Vmh_iy6k8RdVY4lrMevaiiLkO8Er9dnw0BqNS_GXZQPHlN7386Y0xqvWouiypdRhDi8uXSVOdOzp4GsMZ6V5wY1uOB1ryD2V9gUAL2Hd0BrCdDtNSlFBNmM8yRDJof27k6FABCms5DPr_J3i-Q0DNBVUlDtkdp8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.saferma3ana.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 03:09:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
351 B 354ms
167ms XHR
text/plain 147.75.61.140

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,sharethrough,yieldmo&cb=195-0-33
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.saferma3ana.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.saferma3ana.com
date: Sat, 05 Feb 2022 03:09:57 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 74
vary: origin, Accept-Encoding

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
117 B 43ms
14ms XHR
text/plain 3.123.107.179

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,sharethrough,yieldmo&cb=195-0-33
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.107.179 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.saferma3ana.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.saferma3ana.com
date: Sat, 05 Feb 2022 03:09:57 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
220 B 49ms
17ms XHR
text/plain 178.250.0.165

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.0.0&cb=53197506541

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,sharethrough,yieldmo&cb=195-0-33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 -, , ASN (),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.saferma3ana.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Feb 2022 03:09:56 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.saferma3ana.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
228 B 120ms
34ms XHR
text/plain 108.128.129.221

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=6.0.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-saferma3ana_com-medrectangle-2-0%22%2C%22callback_id%22%3A%2210333f6d513c7f%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-saferma3ana_com-medrectangle-1-0%22%2C%22callback_id%22%3A%2211a91c68d89261a%22%2C%22sizes%22%3A%5B%5B250%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%5D&page_url=https%3A%2F%2Fwww.saferma3ana.com%2F&bust=1644030597547&pr=&scrd=1&dnt=false&description=%D9%85%D9%88%D9%82%D8%B9%20%D8%B3%D8%A7%D9%81%D8%B1%20%D9%85%D8%B9%D9%86%D8%A7%20%D9%87%D9%88%20%D9%85%D9%88%D9%82%D8%B9%20%D8%AE%D8%A7%D8%B5%20%D8%A8%D8%A7%D9%84%D8%B3%D9%81%D8%B1%20%D9%85%D9%86%20%D8%A7%D9%84%D8%AF%D8%B1%D8%AC%D8%A9%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%89.&title=%D8%B3%D8%A7%D9%81%D8%B1%20%D9%85%D8%B9%D9%86%D8%A7&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%22631bcc18b871b5e1ac2b1e712e2dd5cd%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22quantcast.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22P0-1543630629-1644030592246%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,sharethrough,yieldmo&cb=195-0-33
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.129.221 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.saferma3ana.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.saferma3ana.com
pragma: no-cache
date: Sat, 05 Feb 2022 03:09:57 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 358 B
711 B 114ms
78ms XHR
application/json 185.255.84.151

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.saferma3ana.com%2F&CanonicalUrl=https%3A%2F%2Fwww.saferma3ana.com%2F&PublisherDomain=https%3A%2F%2Fwww.saferma3ana.com

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,sharethrough,yieldmo&cb=195-0-33

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 -, , ASN (),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

c9cc74ed5bb45e663af7064d6137a76e5d5f09049133e05974e3f02344832e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.saferma3ana.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Feb 2022 03:09:57 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.saferma3ana.com
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 61
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 358
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
703 B 71ms
28ms XHR
application/json 185.33.221.13

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,sharethrough,yieldmo&cb=195-0-33

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.saferma3ana.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Feb 2022 03:09:57 GMT
X-Proxy-Origin: 138.199.38.134; 138.199.38.134; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 18d25600-7cb6-4172-aa2c-46d4ff5db7b5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.saferma3ana.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.saferma3ana.com/	1970-01-20 00:40:32	Name: ezoadgid_211678 Value: -1
.saferma3ana.com/	1970-01-20 00:40:37	Name: ezoref_211678 Value:
.saferma3ana.com/	1970-01-20 09:26:06	Name: ezosuibasgeneris-1 Value: 1b26e9af-e6d1-4a88-6fae-929fb778e684
.saferma3ana.com/	1970-01-20 00:40:37	Name: ezoab_211678 Value: mod25
.saferma3ana.com/	1970-01-20 00:41:56	Name: ezepvv Value: 0
.saferma3ana.com/	1970-01-20 00:40:32	Name: ezovid_211678 Value: 1442414754
.saferma3ana.com/	1970-01-20 00:40:32	Name: lp_211678 Value: https://www.saferma3ana.com/
.saferma3ana.com/	1970-01-20 00:40:32	Name: ezovuuid_211678 Value: 9cc1a7c6-a3e4-47b5-4722-2b5fc34882e8
www.saferma3ana.com/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
www.saferma3ana.com/	1969-12-31 23:59:59	Name: ezouspva Value: 0
www.saferma3ana.com/	1970-01-22 13:59:42	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
www.saferma3ana.com/	1970-01-22 13:59:42	Name: ezohw Value: w%3D1600%2Ch%3D1200
.saferma3ana.com/	1970-01-20 18:11:42	Name: _ga Value: GA1.2.1504093382.1644030592
.saferma3ana.com/	1970-01-20 00:41:56	Name: _gid Value: GA1.2.398015477.1644030592
.saferma3ana.com/	1970-01-20 00:40:30	Name: _gat_blogger Value: 1
.quantserve.com/	1970-01-20 10:10:44	Name: mc Value: 61fdea80-3ec68-53633-51092
.saferma3ana.com/	1970-01-20 10:04:59	Name: __qca Value: P0-1543630629-1644030592246
.saferma3ana.com/	1970-01-20 00:43:23	Name: active_template::211678 Value: pub_site.1644030592
.saferma3ana.com/	1970-01-20 00:40:32	Name: ezopvc_211678 Value: 2
.saferma3ana.com/	1970-01-20 00:43:23	Name: ezovuuidtime_211678 Value: 1644030592
www.saferma3ana.com/	1970-01-20 09:26:06	Name: ezux_lpl_211678 Value: 1644030592536\|baaa18d3-f456-46fb-59cc-d358d2f1222f\|false
.doubleclick.net/	1970-01-20 00:40:31	Name: test_cookie Value: CheckForPermission
.saferma3ana.com/	1970-01-20 10:02:06	Name: __gads Value: ID=932e64d7662a1b46-22e18dd935cd0000:T=1644030593:S=ALNI_MacyX8KxLLInQzm0UxvB-MZAh_r5Q

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.saferma3ana.com/ Message: The resource https://go.ezodn.com/hb/dall.js?b=adyoulike,amx,criteo,oftmedia,sharethrough,yieldmo&cb=195-0-33 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
3.bp.blogspot.com
96b607d9d8dba531c530b17b0a244955.safeframe.googlesyndication.com
ads.yieldmo.com
adservice.google.com
ajax.googleapis.com
bidder.criteo.com
blogger.googleusercontent.com
btlr.sharethrough.com
cdn-7.saferma3ana.com
fonts.googleapis.com
fonts.gstatic.com
go.ezodn.com
go.ezoic.net
hb-api.omnitagjs.com
ib.adnxs.com
pagead2.googlesyndication.com
pixel.quantserve.com
prebid.a-mo.net
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.saferma3ana.com
108.128.129.221
142.250.184.226
147.75.61.140
178.250.0.165
185.255.84.151
185.33.221.13
2600:9000:206f:3000:6:44e3:f8c0:93a1
2600:9000:214f:600:2:cb38:840:93a1
2606:4700:3030::6815:1caf
2606:4700:3037::ac43:92ef
2620:116:800d:21:ee05:6a01:4b41:8c89
2a00:1450:4001:800::2004
2a00:1450:4001:802::2003
2a00:1450:4001:803::200a
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2001
2a06:98c1:3121::7
3.123.107.179
03947c8f3ae55b383000b3289f60d6ed1ff99765ca5764a9ab4ffccd0c59e904
052e35fdba3222c3457798741fd5ba985b7d8c41309d40038fd581461794ced2
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
1909f81af5cb5e24127c03b5cc57446ce02c2376698c9012944f1fc1ce32c29e
1fb735586bde96666688242da255ea15d760baf571b7cb60c58042d59fa2d5df
22df6f5eb095e7178122e3fa56cfd1dfd360b11991fff2e55fb4d7606c682141
2a2c6d5ffeec132aa22398a0f6a005893225165b6ec7d39d869dcd16d6367a18
2ad9f38c15a5ffd8d6415b377d73279b59987aa115defa7e6c8a3ea159503287
3a5f03015a288f4466d7941b70c9b6c5ef85c2c12c56ee595706e1162996e692
3eead87e92ba45e0f050a931ff7e8c87c44966d75838eecb97e17d98130be4a9
3fe198bc27be48393aae70468b31be0de599fcecf44572920a74971814d9f459
4d740d47e9001830347fc7db698eb52615142e160858c8d995dd7d3d8e1b8554
53d7a7eaaa4d1e7f2e1c5b2b1b959cd2e0f12e880f348e88b73f1a9b1b4ef79a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5efaa403a369560500d97b80168dc33ad226fa7ce9b6f62c50f77c68bb9a6b36
618c5a6a213e8c61720c14375eca157f01b1c01dd4220ffc7680d0c0f621685e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a217480aa6975d5cca42e735655916610429fe4c60dc7f1a21c75badff47d33
6a40a9173be004933d68caf63cffc5657a1d7bfeeb8f8d59109ca11c36d8d6ca
6dfce2b0943d7551da5b1a507bb05d5e91652889e3f52c198940d1d66a0e3115
7609ef16061917d1780c512d693c4eda86f08702b66e2aa8f3e08caf246b5ac1
7c4706df92f1a04e6dd981e919351fbc2f8c63b9f3a8d975d8ca3e94598fdf94
800ab11290dec2ea731985d862303a5ddf33bad7134799f285ace13c896da1e3
8192ddfca8eb6b2d7a9a22c19ccf44f3c702ef70f2ac3179166e3cda6507d907
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
9158a0d64e634921a6ccd135c0569b2e29fc7500671e7bab593a55171ff8b28b
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
9986de5db80ec050300f1cea25d651a5779ae62b91a39b5667ac23d0c7668cbb
99dc838c5ce26af5466e8a3e930709bbc1b7455ae9099b646cca42481b366d99
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5bdcdde411d51b2c8592667fbfa1ebb428a7c28624b1cbe780fc3c1b47305ae
a6a62ca7b780d95ba2c8cbe13602ca7d018ceda01b20188c4ef5fe08405f79de
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777
a89ee73e5945175137d8497fae678da096cc60c3f4dd14556452586bca2545ca
b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b98cf3e868b0bb081a9bbf0c925fbff9620696e9b2ab113de033c6b43064c04c
c9cc74ed5bb45e663af7064d6137a76e5d5f09049133e05974e3f02344832e89
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d0c4d96987b8f428597a084504c6a9dc9008a2e45c0292464fcf772197066775
d6e5d8ec90d5e619f46ae09b758fc5930511e6084a1994a281ee0ce379744af3
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e394e4104c33965e3b520818ecd2d104d5d9f99be53f7b95a1b5d30360c0bb9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f066156b83bb69415b855ceeda3fb0f80e83555ebe48c78ba812ef8f0215429a
f5c904637253291aa9ff070a6cfc2993be9e6f9f40a0cfc1a19b6deefaa2f3c6
f62d6d5864a9a058bc2c694b4eece3c71ec6c85b6d840de0221dd1d409b2d5b0
f8064ac7b0fc36b41987268e09996db03530e61b3c3e328bbffef0b6b1761242
fdc94d53d1796c028c474c2f2fa236f730b1f0869a42108d706c307422329e21
ff5afc2fb4dbd2ecb286ee9b121154abaa9709ae3d710d730a57702725bc28e4
ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb

www.saferma3ana.com Open in urlscan Pro 2606:4700:3037::ac43:92ef Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

70 %IPv6

19 Domains

26 Subdomains

23 IPs

2 Countries

1349 kBTransfer

2312 kBSize

23 Cookies

10 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.saferma3ana.com Open in urlscan Pro
2606:4700:3037::ac43:92ef Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

70 %
IPv6

19
Domains

26
Subdomains

23
IPs

2
Countries

1349 kB
Transfer

2312 kB
Size

23
Cookies

60 HTTP transactions
7 data transactions