urlscan.io logo urlscan.io
SecurityTrails logo

dubzalt.com Open in urlscan Pro
104.21.62.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dubzalt.com/
Effective URL: https://dubzalt.com/
Submission: On September 28 via manual from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 7 countries across 26 domains to perform 63 HTTP transactions. The main IP is 104.21.62.3, located in United States and belongs to CLOUDFLARENET, US. The main domain is dubzalt.com. The Cisco Umbrella rank of the primary domain is 213480.
TLS certificate: Issued by GTS CA 1P5 on September 2nd 2023. Valid for: 3 months.
This is the only time dubzalt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.217.121 13335 (CLOUDFLAR...)
4 104.21.62.3 13335 (CLOUDFLAR...)
3 104.16.88.20 13335 (CLOUDFLAR...)
4 142.250.181.226 15169 (GOOGLE)
1 104.18.30.49 13335 (CLOUDFLAR...)
1 172.67.74.47 13335 (CLOUDFLAR...)
2 104.16.124.175 13335 (CLOUDFLAR...)
3 18.66.147.119 16509 (AMAZON-02)
2 141.95.98.64 16276 (OVH)
4 178.250.7.13 44788 (ASN-CRITE...)
2 104.26.9.169 13335 (CLOUDFLAR...)
2 104.26.8.178 13335 (CLOUDFLAR...)
1 178.250.1.8 44788 (ASN-CRITE...)
1 213.19.162.43 26667 (RUBICONPR...)
1 145.40.97.66 54825 (PACKET)
1 185.255.84.150 200271 (IGUANE-)
1 37.157.5.84 198622 (ADFORM)
1 81.17.55.113 60781 (LEASEWEB-...)
1 185.184.8.90 204995 (RTB-HOUSE...)
1 162.19.138.119 16276 (OVH)
1 104.18.22.145 13335 (CLOUDFLAR...)
1 142.250.181.225 15169 (GOOGLE)
2 178.250.1.3 44788 (ASN-CRITE...)
4 172.217.18.2 15169 (GOOGLE)
3 216.58.206.33 15169 (GOOGLE)
1 142.250.184.228 15169 (GOOGLE)
2 95.101.149.233 ()
1 69.173.151.100 ()
63 28
1    172.67.217.121 (United States)

ASN13335 (CLOUDFLARENET, US)
dubzalt.com
4    104.21.62.3 (United States)

ASN13335 (CLOUDFLARENET, US)
dubzalt.com
3    104.16.88.20 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
1    104.18.30.49 (United States)

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
1    172.67.74.47 (United States)

ASN13335 (CLOUDFLARENET, US)
dubz.co
2    104.16.124.175 (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    18.66.147.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-119.fra60.r.cloudfront.net
tagan.adlightning.com
2    141.95.98.64 (Germany)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
4    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    104.26.9.169 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    104.26.8.178 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid-stag.setupad.net
1    178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    213.19.162.43 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    145.40.97.66 (Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    81.17.55.113 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg.smartadserver.com
1    185.184.8.90 (Poland)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
1    162.19.138.119 (United States)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    104.18.22.145 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
1    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
7d652c1868ca98f4097e0604e871b4ea.safeframe.googlesyndication.com
2    178.250.1.3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
pagead2.googlesyndication.com
3    216.58.206.33 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
2    95.101.149.233 (None, )

ASN- ()
eus.rubiconproject.com
1    69.173.151.100 (None, )

ASN- ()
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
8 googlesyndication.com
7d652c1868ca98f4097e0604e871b4ea.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 122
tpc.googlesyndication.com — Cisco Umbrella Rank: 169
42 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 640
bidder.criteo.com — Cisco Umbrella Rank: 949
7 KB
5 dubzalt.com
dubzalt.com — Cisco Umbrella Rank: 213480
3 MB
4 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 784
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com Failed
13 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235
cm.g.doubleclick.net Failed
160 KB
3 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 3415
59 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 558
59 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 897
58 KB
2 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 41504
1 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2260
26 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 687
1 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1425
125 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 11
1 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2808
435 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1313
398 B
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7041
174 B
1 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 2163
559 B
1 adform.net
adx.adform.net — Cisco Umbrella Rank: 3884
529 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4473
526 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1363
272 B
1 dubz.co
dubz.co — Cisco Umbrella Rank: 204007
9 KB
1 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 43997
120 KB
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
0 adsrvr.org Failed
match.adsrvr.org Failed
63 26
Domain Requested by
5 dubzalt.com 1 redirects dubzalt.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 gum.criteo.com stpd.cloud
tagan.adlightning.com
gum.criteo.com
4 securepubads.g.doubleclick.net dubzalt.com
securepubads.g.doubleclick.net
3 tpc.googlesyndication.com tagan.adlightning.com
3 tagan.adlightning.com stpd.cloud
tagan.adlightning.com
3 cdn.jsdelivr.net dubzalt.com
stpd.cloud
2 eus.rubiconproject.com stpd.cloud
eus.rubiconproject.com
2 static.criteo.net stpd.cloud
static.criteo.net
2 prebid-stag.setupad.net stpd.cloud
2 script.4dex.io stpd.cloud
script.4dex.io
2 id5-sync.com stpd.cloud
2 unpkg.com dubzalt.com
unpkg.com
1 token.rubiconproject.com eus.rubiconproject.com
1 www.google.com tagan.adlightning.com
1 7d652c1868ca98f4097e0604e871b4ea.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cadmus.script.ac tagan.adlightning.com
1 lb.eu-1-id5-sync.com stpd.cloud
1 prebid-eu.creativecdn.com stpd.cloud
1 prg.smartadserver.com stpd.cloud
1 adx.adform.net stpd.cloud
1 hb-api.omnitagjs.com stpd.cloud
1 prebid.a-mo.net stpd.cloud
1 fastlane.rubiconproject.com stpd.cloud
1 bidder.criteo.com stpd.cloud
1 dubz.co dubzalt.com
1 stpd.cloud dubzalt.com
0 sync.ipredictive.com Failed
0 pixel.rubiconproject.com Failed
0 match.prod.bidr.io Failed
0 s.amazon-adsystem.com Failed
0 aax-eu.amazon-adsystem.com Failed
0 cm.g.doubleclick.net Failed
0 match.adsrvr.org Failed
63 34

This site contains links to these domains. Also see Links.

Domain
dubz.co
Subject Issuer Validity Valid
dubzalt.com
GTS CA 1P5		 2023-09-02 -
2023-12-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
stpd.cloud
E1		 2023-08-20 -
2023-11-18		 3 months crt.sh
dubz.co
GTS CA 1P5		 2023-09-24 -
2023-12-23		 3 months crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://dubzalt.com/
Frame ID: 86D4895E7BA20BBCD595CDFC9F10EEEB
Requests: 39 HTTP requests in this frame

Frame: https://7d652c1868ca98f4097e0604e871b4ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8BB7BF212367FE3C1BE465D86993E255
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dubzalt.com
Frame ID: B5937A4AC0CDEDD1BE73538A403C7459
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D529D34C55E4671DC0DE9BE368313F5B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0D540196B9760AA3B0B66EA102383947
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 29624B6ED91DC782380C52CDA13E0B63
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Video Hosting Made Easy - Dubz Platform

Page URL History Show full URLs

  1. http://dubzalt.com/ HTTP 301
    https://dubzalt.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

63
Requests

81 %
HTTPS

0 %
IPv6

26
Domains

34
Subdomains

28
IPs

7
Countries

3717 kB
Transfer

5013 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dubzalt.com/ HTTP 301
    https://dubzalt.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dubzalt.com/
Redirect Chain
  • http://dubzalt.com/
  • https://dubzalt.com/
48 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dubzalt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.62.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb83ae4fb53e0969d6b54542194c9982e644f2341417aeea971d88cb49d3eee9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
80dbd5eae8373673-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 28 Sep 2023 12:02:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KxTuR5jO0MURxpKhMtjNCT7y0iqt8c0kldfffc2tC92MQCTX2lEIrGmei3ZOVN4kyhFHux4eSzt87SefS%2FIMEmNA2tGUPRSJmEMYgoglLL6L7bBcFXoPUVn7A0EKbA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-fastcgi-cache
BYPASS

Redirect headers

CF-RAY
80dbd5e8aae530cc-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 28 Sep 2023 12:02:06 GMT
Expires
Thu, 28 Sep 2023 13:02:06 GMT
Location
https://dubzalt.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDyrUG%2Fqm3kMmDE%2FJGYGaVCqxHqVnRY3qo2R1vWVZEtPdljwMoArAed1R2OdJGu86Zgm%2F7hSc%2FemCKXDgIwY3unA0vSROGZs9r9%2FTVqgfWfDSYkc4ArJ2g2aJVH76A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/ 		227 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/css/bootstrap.min.css
Requested by
Host: dubzalt.com
URL: https://dubzalt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dubzalt.com/
Origin
https://dubzalt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
161209
x-jsd-version
5.3.1
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230044-FRA, cache-jnb7025-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"38d97-sT73BUPXDB7H/dVqXrydfWQCOFE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WqwkrEFGHOygRs5NZ7Inx1TI5rKSfk%2FgMCADoexpgsB%2FgzQFLQ92N5WN1HdMURG45ChnsNvFBN66vtk%2BKTFFfLmtmNg1getfRQg3aDLXwxIKMUxIoBaJhq7rNnbTC7TWPeY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
80dbd5eecc794d61-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		106 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: dubzalt.com
URL: https://dubzalt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9f05d7cc0437786b31a3f8390bfd876dcfcce5b8d125fa440f328d38acede34b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29368
x-xss-protection
0
server
cafe
etag
92 / 19628 / m202309210101 / config-hash: 8454861782321967581
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 28 Sep 2023 12:02:07 GMT
6070
stpd.cloud/saas/ 		393 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/saas/6070
Requested by
Host: dubzalt.com
URL: https://dubzalt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.30.49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a4ce0b5d010b989679234fa95cd72d2206910d743d9a154dcc5fd24e013e3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:08 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
s-maxage=300
cf-ray
80dbd5f18ce8190d-FRA
stpdhash
true
dubz-b.png
dubz.co/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dubz.co/dubz-b.png
Requested by
Host: dubzalt.com
URL: https://dubzalt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf08408e9bde2ec1ba8f48cf915c7deec38019aa8468e890b333ae00b62f924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:08 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=15482
content-length
9139
cf-bgj
imgq:100,h2pri
last-modified
Fri, 10 Feb 2023 05:06:05 GMT
server
cloudflare
etag
"63e5d0bd-3c7a"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R46IRBW6b7VtBN3LHkmHSe776Wx6F4xrz9VTXRtOnDVpdLEanLQsAiHyp0FPWHYexj8imBpAVJh6pJzThzh7ohx9tjxkaJIDbgoIL2wlZf7yEzGgt6gpyUc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
80dbd5f18bd29073-FRA
video.png
dubzalt.com/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dubzalt.com/video.png
Requested by
Host: dubzalt.com
URL: https://dubzalt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.62.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b917848e874f7dfddf33c95b7168538263f817d517eb7b952ab3e59313dbaca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3082144
last-modified
Fri, 11 Aug 2023 16:16:46 GMT
server
cloudflare
etag
"64d65eee-2f07a0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ho0qUOPWc2I6QRDgV2cfiovIadgY37Hr%2BgpY85Kfqu85bN86tjfAaPf0tNlwKrsDQS8QIHULvz5cI9o%2F4TPZDahpoDifNwjjpXhWPv55i3kUrG2ckWyXgXQ6aZvpmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80dbd5ef3e143673-FRA
email-decode.min.js
dubzalt.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dubzalt.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: dubzalt.com
URL: https://dubzalt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.62.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 25 Sep 2023 16:02:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6511af19-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XJGB7MAxKJAWJGYnqL8GJ7smu2U%2FU32Efn4z%2F2Ka6U%2B03NKZfkDGWweFcjBfH4EQKoAnq6f0j0iXgjPoJSbi1380KPNFgfo04dWWrrdB4SyCXHWZXnMgE9IjIK23WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
80dbd5ef1df03673-FRA
expires
Sat, 30 Sep 2023 12:02:07 GMT
boxicons.min.css
unpkg.com/boxicons@2.1.2/css/ 		65 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/boxicons@2.1.2/css/boxicons.min.css
Requested by
Host: dubzalt.com
URL: https://dubzalt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.124.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b29cd63064611eeb851354145a1c984fe883d87971b53105206ad1d5da3de824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:08 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
20671923
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GR5RCP4ZRJTEZCG0TTHKFQG4-fra
server
cloudflare
etag
W/"1040b-st8SVFhWC0QWHIN1iDcT6zrpEwU"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
80dbd5f17dfb371c-FRA
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/ 		79 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.1/dist/js/bootstrap.bundle.min.js
Requested by
Host: dubzalt.com
URL: https://dubzalt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2ea6c1e0cabca20d18e924b25a1cd0187c38ba7c33f60ab06e1b0402b9bcdb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dubzalt.com/
Origin
https://dubzalt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5539066
x-jsd-version
5.3.1
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230033-FRA, cache-bma1639-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"13b1c-zlT4XyePvNXLIpL5wYbu32PNz4g"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFGlYPHbbvYm8alaaU95xhpZuFr%2FNzT4Imh4xMaI780GY%2F3bB8UENVTB3NvJR%2FeEhfa%2FsY2LCalrXU6HXU3%2BMpvlD4NA9bnp31JMyNUeRdS5io2b2tNakPWjuRgLxR%2B%2BfBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
80dbd5ef3d0a4d61-FRA
arrow.png
dubzalt.com/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dubzalt.com/arrow.png
Requested by
Host: dubzalt.com
URL: https://dubzalt.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.62.3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63879c535e5588b557412f43caee2db73a3c7559c21ad44fb7a7368ed5149a75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:07 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
9657
last-modified
Fri, 11 Aug 2023 16:16:46 GMT
server
cloudflare
etag
"64d65eee-25b9"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BND%2BVrWeVH0O7fzyifP1tjhqX3kAB2ti0KrutXc8WWwtNWaprOLCaT7ETm58Lw05WfJxzx8sBuOkSTPqgnllMOwjt4ckw7dWcsARE4URCNtH1GhGrOspxVbIcv6gDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
80dbd5ef5e3f3673-FRA
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/ 		409 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 07:22:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
16784
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132106
x-xss-protection
0
server
cafe
etag
17184539905708832606
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 27 Sep 2024 07:22:23 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		33 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dubzalt.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
8c2e8404666d5039009e60d5d11d6d4d5603bbe2d06f28e44a3c4cd41867af15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
x-xss-protection
0
expires
Thu, 28 Sep 2023 12:02:08 GMT
boxicons.woff2
unpkg.com/boxicons@2.1.2/fonts/ 		113 KB
113 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/boxicons@2.1.2/fonts/boxicons.woff2
Requested by
Host: unpkg.com
URL: https://unpkg.com/boxicons@2.1.2/css/boxicons.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.124.175 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab4eb1c17eef51499352bddfcd12dd99e1b86d9549f5051614867bcff004ca1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://unpkg.com/boxicons@2.1.2/css/boxicons.min.css
Origin
https://dubzalt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:08 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
20679607
content-length
115388
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GR5H2CKGD9Z69FQQDXHQMR8K-fra
server
cloudflare
etag
"1c2bc-5DUkO4KsXAy/HeUM+PEx+tAlVOE"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
80dbd5f3bd5d37d4-FRA
op.js
tagan.adlightning.com/setupad/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/op.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86d210f89b4072113202b0c4afb971994e88c9c9869e4926360452a134fe2cf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

x-amz-version-id
eIegAmiKv4b0KdzowdZ8pi5UIFkLh3iI
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
date
Thu, 28 Sep 2023 11:39:47 GMT
x-amz-cf-pop
FRA60-P4
age
1343
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6929
x-amz-meta-git_commit
a6d2fc4
last-modified
Tue, 26 Sep 2023 13:10:12 GMT
server
AmazonS3
etag
"e44afca32e5e44e5f0228f3d0a934645"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
OybkL_6b1zDpUYqWIH7y29Y9ACBr6rGL2waqppa28PK-L-4G4oKgwg==
prebid
id5-sync.com/api/config/ 		135 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dubzalt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dubzalt.com
date
Thu, 28 Sep 2023 12:02:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
json
gum.criteo.com/sid/ 		2 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdubzalt.com%2F&domain=dubzalt.com&cw=1&lsw=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://dubzalt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 12:02:09 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dubzalt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
205085
expires
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230928
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a558e3fc1663baec8b4bf5764fb2eb4568360b1555684987afd7df42d8baa244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dubzalt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 28 Sep 2023 12:02:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28876
x-jsd-version
1.0.1826
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"640-vQ3EJ/c6Le+KfoMwFa2Nm51GRVk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sRy4Yw9soQr1Oivq3Ydl8u42r1PxYom7fP1NdejpykxcisUDwkAwcmVPTrjuEnHOn1JKTjQ9JIT50q3Vjkc7NQpXQwlmWBejKtK923Y54zgk00woVLxGgTq5a1Bc%2Fz2iR60%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
80dbd5f67d464d61-FRA
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 12:02:09 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 27 Sep 2023 10:56:22 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
90239
ETag
W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhcMEpGMHnvfYlOe%2Fqg82Fwz9sGdrV9NUoq8rDM729QBeRwCC%2Be6860uuXOy61TNlvfGmOw4D3r2psOSjewzXT9MOhmkXXO2P0vJfGsGCRlbxE7VTNtXJ%2BHcnc35Wi0k"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
80dbd5f93f4d1c9d-FRA
cookie_sync
prebid-stag.setupad.net/ 		42 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf

Request headers

Referer
https://dubzalt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 12:02:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cs%2BBZEvPpe4nZY%2Bs2mnsYCXxGUDHaOxFgG1Vu5WAe22oePVM%2FCycbRKsunesmai5lVpqhSC3X%2F0%2B0BwwkHMoom0Dux5wRl5xW91AOtv9Bi1Xj7wiO5aa2u3sodCPtlsf91KCK7Z4wdrI"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dubzalt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
80dbd5f939e52bd2-FRA
content-length
42
expires
0
auction
prebid-stag.setupad.net/openrtb2/ 		274 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.8.178 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bed16cf2c325e2b50a7fa6cab8df7d5dfb7aa54cd2b17cae871250f01c46d6cf

Request headers

Referer
https://dubzalt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 12:02:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.234.0-3-gde6ed827
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8veYrfpUxnMZoTVxFNc2IigUdpH44p6YwCPVRSazpHkQSBCA7bBFvbs%2BcyYwOVpuGQSPyKMfxqQ8KlMRvxb8e%2BPcM%2F7xDs38q38yTJ0MFa5MZV9CPcpH1D97CTKVQzQCWSjO2SxVb2g"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://dubzalt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
80dbd5f939e72bd2-FRA
expires
0
cdb
bidder.criteo.com/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.27.0&cb=48994338806&lsavail=1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://dubzalt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dubzalt.com
date
Thu, 28 Sep 2023 12:02:08 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		303 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=154926&zone_id=1923074&size_id=2&alt_size_ids=55&rp_schain=1.0,1!setupad.com,2179,1,,,&rf=https%3A%2F%2Fdubzalt.com%2F&tk_flint=pbjs_lite_v7.27.0&x_source.tid=1af08c3c-f0a0-4054-a514-ce153de3edc4&l_pb_bid_id=105ff8aff99cf19&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.45094577059860663
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.43 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8f9bf5ae7da02858bf00ca9564d919ad9d7aefa7810235e3bc78564a0211879f

Request headers

Referer
https://dubzalt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 12:02:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://dubzalt.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
303
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		0
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 , Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dubzalt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dubzalt.com
date
Thu, 28 Sep 2023 12:02:09 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
server
envoy
vary
origin, Accept-Encoding
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		179 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fdubzalt.com%2F&PageUrl=https%3A%2F%2Fdubzalt.com%2F&PageReferrer=https%3A%2F%2Fdubzalt.com%2F
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
3d19f7f302519fb2539ab1da51884f577cf53d037094bb5aa05e7d5831108900
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dubzalt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 12:02:09 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dubzalt.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
17
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
179
expires
0
openrtb
adx.adform.net/adx/ 		0
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://dubzalt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 12:02:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://dubzalt.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
v1
prg.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861

Request headers

Referer
https://dubzalt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 12:02:09 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://dubzalt.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 , Poland, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dubzalt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dubzalt.com
date
Thu, 28 Sep 2023 12:02:09 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fdubzalt.com%2F&domain=dubzalt.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://dubzalt.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://dubzalt.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 28 Sep 2023 12:02:09 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
202330
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
b-a6d2fc4-4e96c718.js
tagan.adlightning.com/setupad/ 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/b-a6d2fc4-4e96c718.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8385ed77b179e64bee8d4a44e3775b086272116b99ba852fc760bbd81e4a1598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 08 Aug 2023 14:16:20 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
COPMihhL4yYW3WcQWsqpvorUgtuho35N
x-amz-cf-pop
FRA60-P4
age
4398349
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
27715
x-amz-meta-git_commit
a6d2fc4
last-modified
Tue, 08 Aug 2023 14:16:07 GMT
server
AmazonS3
etag
"23123e184efca08b4be95832d0dd45f2"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
2gdJAlxOaSeqz60bu7OPhUFa_D1mT_RJm9KKbFdCYeccR38kmNu3kQ==
bl-5f40b44-155ac6e6.js
tagan.adlightning.com/setupad/ 		58 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/setupad/bl-5f40b44-155ac6e6.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-119.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f50fc7eeea7b3b272752d619321fb82c9f08901a2d7d502cc565ee8e59a694bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 13:31:13 GMT
content-encoding
gzip
via
1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-version-id
rmKOGZjOz0FzkLBj6KziV359Ec8Fn0wP
x-amz-cf-pop
FRA60-P4
age
167457
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
24386
x-amz-meta-git_commit
5f40b44
last-modified
Tue, 26 Sep 2023 13:09:35 GMT
server
AmazonS3
etag
"12a20675ac8108d855e75b2195836503"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
taP3qmVvMUwEn-qnCjUtr29aDRUtNC541uWplAVZEpv7w8rTkdOvyg==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , United States, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
7ebb9f63d23446ce69c8aecb0224795e26d3206488fb19596a3027926b95a63e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dubzalt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dubzalt.com
date
Thu, 28 Sep 2023 12:02:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		3 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:09 GMT
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
server
cloudflare
age
0
etag
W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
cf-ray
80dbd5fbdb0b900c-FRA
content-length
3
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.26.9.169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d45f4f67c20928f27fafe1b0f252d41ad1373f9af5c282494109600192be18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 12:02:09 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 27 Sep 2023 10:56:21 GMT
Server
cloudflare
ETag
W/"fc1068def5df7df384caae3b1cc6198d"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2Qr7Kwy4lPlF4EiG3tgzZkLAJur26pD1J8GVV39OxEQmIyBszJlKPyAsEUfuB%2F44wBIYQJkwVPprmD06c0HNLJZ025mXIHg%2F4iEZZuajaKBrd2J7lBQ8TgPnj0sM2g5"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
80dbd5fbaeda1942-FRA
481.json
id5-sync.com/g/v2/ 		276 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
219658074f8df31e8bbb35136d933ae989d4595bfc88bf091a00f048c52ae15a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://dubzalt.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://dubzalt.com
date
Thu, 28 Sep 2023 12:02:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
ads
securepubads.g.doubleclick.net/gampad/ 		695 B
719 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1737019377877264&correlator=586503647985208&eid=21065725&output=ldjh&gdfp_req=1&vrg=202309210101&ptt=17&impl=fifs&iu_parts=147246189%3A22898993917%2Cdubz.co_1000x100_anchor_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=1000x100%7C970x90%7C728x90%7C990x90%7C970x50%7C960x90%7C950x90%7C980x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1695902529754&lmt=1695895329&adxs=152&adys=2002&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fdubzalt.com%2F&vis=1&psz=1320x980&msz=1296x0&fws=0&ohw=0&ga_vid=1603797309.1695902530&ga_sid=1695902530&ga_hid=1524266695&ga_fc=false&dlt=1695902527458&idt=517&cust_params=origin%3Ddirect%26ECT%3D4g%26hb_rf%3D0&adks=2926909072&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
661f7fa77f48f8a840928935358b2ed5224ee1a7d6f660402ea0b8d203428f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:09 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
350
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dubzalt.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7d652c1868ca98f4097e0604e871b4ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8BB7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7d652c1868ca98f4097e0604e871b4ea.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dubzalt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Sep 2023 12:02:10 GMT
expires
Fri, 27 Sep 2024 12:02:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 29 Sep 2023 12:02:10 GMT
publishertag.prebid.132.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.132.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.132.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:31 GMT
server
nginx
etag
W/"642e8db3-16298"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 29 Sep 2023 12:02:10 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309210101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309210101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
b84de9cc37d9ce67fdc6664728c8fc280f2d3339603c473194b17a53ae041ceb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11995
x-xss-protection
0
syncframe
gum.criteo.com/ Frame B593 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dubzalt.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://dubzalt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Sep 2023 12:02:09 GMT
server
Kestrel
server-processing-duration-in-ticks
348984
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame B593 		443 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=dubzalt.com&sn=ChromeSyncframe&so=0&topUrl=dubzalt.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dubzalt.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0d195c35972b12d6444a6ede774ab2b81966606e158dc7e3980e75fc65557d29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=dubzalt.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 28 Sep 2023 12:02:09 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
971517
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 28 Sep 2023 12:02:11 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D529 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dubzalt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
13122
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Sep 2023 08:23:29 GMT
expires
Fri, 27 Sep 2024 08:23:29 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0D54 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/setupad/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
d0347072e65379443228ed5933f5561f30e6ccef19476da2652ae185ff5065aa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_1XPDVMIwii0QdHkEftG9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dubzalt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_1XPDVMIwii0QdHkEftG9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 28 Sep 2023 12:02:11 GMT
expires
Thu, 28 Sep 2023 12:02:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
pagead2.googlesyndication.com/bg/ Frame D529 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/tGcDLxZnxcZjneq6ZTfMhLSKmVRaNAcBIKHxIKG0fIc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
sffe /
Resource Hash
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 11:54:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14772
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 15:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 27 Sep 2024 11:54:14 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0D54 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309210101&jk=1737019377877264&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame D529 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?YiiqZg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.33 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 12:02:11 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309210101&jk=1737019377877264&bg=!eHulezTNAAYrDsWMCw47ADQBe5WfOOyIHFnG2-ai8nzQ2PNMaUcDoCDTfU5wfbBNVv-7vUXOYo-C4in5oDKeTT7QI8ASAgAAADxSAAAAEWgBB5kCwrCpWicU2dJRXJaaK6eXLj1wGfdbYDsG-zUUDqAiKtKUg_1596XW9xZ5n8Uutxr7N0r8Ky29L0cglltu0Sig4zhpSKJwmIo7mwBXDaQHMNdAbsZbi24IAt7POQRPgA2mYf54EfQ221_lweqJD471acQPoGqgf9sdpiS1TkTx9C4JJNfqy-5g8ydNJq7AWRN2wVq-GAXhMdnr3cHpyY4Uek8s5wIb07e6S6ohxejlbj63r3w7Qe6GL166yJUAgexUnZjmM9n9oCk459vBwoWW51xIY5FRZBDjGeJeo_ns0mqWDfZSXT_tz3TGemxGIj2icFR1aK7irtkzpbGW8uIUWPNpfmo-vI3q9waYyiZfY_TLnWieZ-39-5Z6evovsCiXJmYojqFkhipm2bCpzujXqrpQXQrtD5xTjyCS-85icyFBjwhvqslaHCwDaplLCKrRKcykJvXsNTuMldNyQ1VQc6VMErIc9Yf1N3Hj_jyIOnTnOSOQG4wajJpAOnvw4_oHeB5cVz_Q2SwVh1bjOxRPnyq_977YRF216LzqBFxxPiZ9W0bUX_mxYHHr2c4oe3_HIwxi_HaGLLCOdyUww291igmom8Y1p-AlEGgw0lq5dtx9v1Xz1i5vbFFvQumVZIfPV4GQivEplPMrO6LVNxhdi-hJYCwlgbu4x9C-UtaHZTx8EiaP8JBkctC39UNjU5I9jJ5ep461_uVjlR0atyGKtEdnknqGOk7ESVJhk2KNFx5bbWah6bPs-JTXzwWxgaaQHdaZF31jUIsdS4L7hRmEBCXFFnTjESkiJVKOKMV7YCyUlAkaMIIH6GQoivTNGOCUV3hmGbjr6R68fysLUi7ukeDCVl4J_0bi7dRBMRwQt5E4csKgpTnphi2oraGPvcgzipxyJ72_-CTduwaIoZ0IFkvk6kZBGTCBN8XXtZDK65ageJo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dubzalt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers
usync.html
eus.rubiconproject.com/ Frame 2962 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/saas/6070
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://dubzalt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 28 Sep 2023 12:02:12 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 2962 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
83ed7deb5d276f81a522d001a98bb679617a5e0d4939f47285414932f82a554f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Date
Thu, 28 Sep 2023 12:02:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 27 Sep 2023 19:35:22 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=27190
Connection
keep-alive
Content-Length
10474
Expires
Thu, 28 Sep 2023 19:35:22 GMT
khaos.json
token.rubiconproject.com/ Frame 2962 		7 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.92 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
Expires
0
rubicon
match.adsrvr.org/track/cmf/ Frame 2962 		0
0
pixel
cm.g.doubleclick.net/ Frame 2962 		0
0
token
token.rubiconproject.com/ Frame 2962 		0
0
token
token.rubiconproject.com/ Frame 2962 		0
0
token
token.rubiconproject.com/ Frame 2962 		0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 2962 		0
0
token
token.rubiconproject.com/ Frame 2962 		0
0
dcm
s.amazon-adsystem.com/ Frame 2962 		0
0
rp
match.prod.bidr.io/cookie-sync/ Frame 2962 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 2962 		0
0
token
token.rubiconproject.com/ Frame 2962 		0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 2962 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/rubicon
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=36584
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=25470
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=2249&pt=n
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/token?pid=37556&a=1
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture object| stpd object| googletag object| ggeac object| google_tag_data boolean| google_plmetrics object| google_js_reporting_queue undefined| google_measure_js_timing number| uidEvent object| bootstrap function| findCMP function| _defineProperty object| stpdChunk function| stpdPassback object| stpdSource object| ADAGIO string| clientContinent object| __stpdTags object| aax function| stpdLog object| Criteo object| lNNohA function| lNNohw object| xop object| 1mjbcrpldv5s object| opv1cxk2jnk object| cN7KKD2 function| cN7KKD3 function| xblocker number| google_unique_id object| gaGlobal object| KZLoKp function| KZLoKC object| xblacklist object| sas object| apntag object| _ADAGIO object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_132 object| Criteo_prebid_132 object| GoogleGcLKhOms object| google_image_requests

13 Cookies

Domain/Path Name / Value
dubzalt.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IktOWE4ybk52YndZRGJvVGlKaUxjRlE9PSIsInZhbHVlIjoiS2dxMmZWaFRZNlFJVmJvZUJPQkozd2t4QnBFcDBKR0hoQnFFRExVQVRPc1JsVXJyZlBpWHlVTndYNHZLalBXbDI4ZXdhZk54T1RqZ3IzTkNSV0RHL20wZDlrT3cvMHlEb3lCZVNTWTM2KzBFY0pucjFLbUZwMGxqRTRLbkcveDYiLCJtYWMiOiI2ZjQxOGUxNDhlMjFkZDNhZTQ0NjcyZWE4MjQ1NGMxNmQ2NjBkMzU3ZmU5NGIxMTE4MDUwNTIzNmNkZjE4NmJjIiwidGFnIjoiIn0%3D
dubzalt.com/ Name: dubz_session
Value: eyJpdiI6InNwc2pZWG9IaFZ2UU83cUtVUjNpT2c9PSIsInZhbHVlIjoiSktGMWcvYXlMWjcyaHhPVVlaV21Cd1NFYWYyNlVwbWo4V3pnQ2dEaU9PRStjY2x1c29yYk01M2FTT1ZyUmJyZWRSRitidzZqQWpXRmFDWW9BU3dDTHVxaVFTVWF6Y3hEekFvUUxSaWxFbDFjd0owcnEzUlQxYUh3ZlQrRkpRTEciLCJtYWMiOiJkMWM1Yzg4ZjFjNTIwMjUyMDM3YjA5YmZlMjRhOTc5MjM4ZjlkNjJmZWI4MGFlYjYwMTU0YzAyOGZjZWQ3OGE3IiwidGFnIjoiIn0%3D
dubzalt.com/ Name: stpdOrigin
Value: {"origin":"direct"}
dubzalt.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.prebid.a-mo.net/ Name: __amc
Value: 1_1695902529_1695902529
.rubiconproject.com/ Name: khaos
Value: LN34KUL0-23-IKLZ
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpEp+92NX+24WVQ8wAZyi5577Dpzr/6E/UG0Oe7wnI+MrqXgKdCI/I3MEv1GBtBu0wCiS2FAaYypSGROcaEBfnhvsVAPbIH/+Hc6UO785F0Pw==
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.dubzalt.com/ Name: __gads
Value: ID=88623f1ded763d6f:T=1695902529:RT=1695902529:S=ALNI_MZO-cND2QKTNTGg16AFLKh745WABg
.dubzalt.com/ Name: __gpi
Value: UID=00000c87fd198928:T=1695902529:RT=1695902529:S=ALNI_MZkbYlVlJPgCevwXzkazt0PrS-eyQ
.script.ac/ Name: __cf_bm
Value: 0G0l4mcyWA2aY48LREnnx.nojQtD6A1CAzRSKXgFtL0-1695902529-0-ARqt+b7v0iqn2kir+xD5f7U+1HggKjzB2bniMTjcXySg6ATJzRwmdtS9bxmlfUt/PgQbnOplsdFoeuKDyBOFDLk=
.criteo.com/ Name: uid
Value: 9415c54c-d74d-41d6-9503-5b859703bbfe
.dubzalt.com/ Name: cto_bundle
Value: YWPNL19BaHhsejVuam0xaUwlMkIlMkZLUjhja3NibHBSNE80bU1OJTJCYThHWE9DQzlQJTJCYXkxdlZidzhlUUJkWGRwemxUeklONE5IdVdsQjNGa1cyVlphWXVPeHpiSnZrWDdqQmxjcHlDMExIMGM4MEglMkI2RlUlMkY1Yk11SWpGdDMlMkJtbjJtY1ZYbnFHY1hlcTB3VTJDNU5aJTJGejFBM0swUFJnJTNEJTNE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7d652c1868ca98f4097e0604e871b4ea.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
adx.adform.net
bidder.criteo.com
cadmus.script.ac
cdn.jsdelivr.net
cm.g.doubleclick.net
dubz.co
dubzalt.com
eus.rubiconproject.com
fastlane.rubiconproject.com
gum.criteo.com
hb-api.omnitagjs.com
id5-sync.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.prod.bidr.io
pagead2.googlesyndication.com
pixel.rubiconproject.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
prg.smartadserver.com
s.amazon-adsystem.com
script.4dex.io
securepubads.g.doubleclick.net
static.criteo.net
stpd.cloud
sync.ipredictive.com
tagan.adlightning.com
token.rubiconproject.com
tpc.googlesyndication.com
unpkg.com
www.google.com
aax-eu.amazon-adsystem.com
cm.g.doubleclick.net
match.adsrvr.org
match.prod.bidr.io
pixel.rubiconproject.com
s.amazon-adsystem.com
sync.ipredictive.com
token.rubiconproject.com
104.16.124.175
104.16.88.20
104.18.22.145
104.18.30.49
104.21.62.3
104.26.8.178
104.26.9.169
141.95.98.64
142.250.181.225
142.250.181.226
142.250.184.228
145.40.97.66
162.19.138.119
172.217.18.2
172.67.217.121
172.67.74.47
178.250.1.3
178.250.1.8
178.250.7.13
18.66.147.119
185.184.8.90
185.255.84.150
213.19.162.43
216.58.206.33
37.157.5.84
69.173.151.100
81.17.55.113
95.101.149.233
0d195c35972b12d6444a6ede774ab2b81966606e158dc7e3980e75fc65557d29
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
17a60971acd82c65cd57863f07cbc2fc9124483c6fb6f9bfa270019c058a479c
219658074f8df31e8bbb35136d933ae989d4595bfc88bf091a00f048c52ae15a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3d19f7f302519fb2539ab1da51884f577cf53d037094bb5aa05e7d5831108900
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ce2b08ef8da65d0f5627d6e41c7725efd32d3e377dea3c91025a375ae93fdf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63879c535e5588b557412f43caee2db73a3c7559c21ad44fb7a7368ed5149a75
661f7fa77f48f8a840928935358b2ed5224ee1a7d6f660402ea0b8d203428f42
70d45f4f67c20928f27fafe1b0f252d41ad1373f9af5c282494109600192be18
7c2589f966c01479236dda131a4942c70ba281e3be202cc12d56680f86977a54
7ebb9f63d23446ce69c8aecb0224795e26d3206488fb19596a3027926b95a63e
8385ed77b179e64bee8d4a44e3775b086272116b99ba852fc760bbd81e4a1598
83ed7deb5d276f81a522d001a98bb679617a5e0d4939f47285414932f82a554f
86d210f89b4072113202b0c4afb971994e88c9c9869e4926360452a134fe2cf2
8b9b81833890ca4d17a848f43d9e0a2f9901c114841bfda055c7b0855c8ba861
8c2e8404666d5039009e60d5d11d6d4d5603bbe2d06f28e44a3c4cd41867af15
8f9bf5ae7da02858bf00ca9564d919ad9d7aefa7810235e3bc78564a0211879f
9f05d7cc0437786b31a3f8390bfd876dcfcce5b8d125fa440f328d38acede34b
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a558e3fc1663baec8b4bf5764fb2eb4568360b1555684987afd7df42d8baa244
b29cd63064611eeb851354145a1c984fe883d87971b53105206ad1d5da3de824
b467032f1667c5c6639deaba6537cc84b48a99545a34070120a1f120a1b47c87
b651b84ce79307c301a1c828d60c08084924177f48eec4aad6df47ec714d9af1
b84de9cc37d9ce67fdc6664728c8fc280f2d3339603c473194b17a53ae041ceb
b917848e874f7dfddf33c95b7168538263f817d517eb7b952ab3e59313dbaca2
bb83ae4fb53e0969d6b54542194c9982e644f2341417aeea971d88cb49d3eee9
bed16cf2c325e2b50a7fa6cab8df7d5dfb7aa54cd2b17cae871250f01c46d6cf
ccf08408e9bde2ec1ba8f48cf915c7deec38019aa8468e890b333ae00b62f924
d0347072e65379443228ed5933f5561f30e6ccef19476da2652ae185ff5065aa
d2ea6c1e0cabca20d18e924b25a1cd0187c38ba7c33f60ab06e1b0402b9bcdb5
d939d21f27010c09b6c2966681d8b4cfcd64ca418f240922518f967fded16ef6
dab4eb1c17eef51499352bddfcd12dd99e1b86d9549f5051614867bcff004ca1
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
e1a4ce0b5d010b989679234fa95cd72d2206910d743d9a154dcc5fd24e013e3a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f50fc7eeea7b3b272752d619321fb82c9f08901a2d7d502cc565ee8e59a694bf