link1s.com Open in urlscan Pro
151.139.128.10  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

• https://lv.adocean.pl/_1671894733336/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200 HTTP 301
• https://lv.adocean.pl/__/_1671894733336/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200 HTTP 301
• https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1671894733%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DD1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7%2Fx%3D1600%2Fy%3D1200 HTTP 301
• https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1671894733%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DD1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7%2Fx%3D1600%2Fy%3D1200 HTTP 301
• https://lv.adocean.pl/__/_1671894733/ad.js?hclsdata=&hcudata=vu8ha.14hHGLKShNc9_JvYN7d_ReLoVyxSp6X2GrhUT.27&id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200

Request Chain 38

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=bgL9VXxFeVJmckpKQlBUZVU0SVRKSkordE5wRG9iQ3ppazJoZnhhOFQwbm55WmpaKzJSRU5za2x5SUltKzlDQnUvbDUxYk5zdkNzb2liaHN6cEY2a2RCMkxuQkI2am1XcmViemlqWVphUjFvRENodU00VW91ZHI5bm1kaDhQUTRMUnVVeTBqUlpoaWUxV1BHTUlSc3psMHZLMUY3ckhXbXl3TkdkdnhSTHkzWGhEMC9jeDF0bTErQUhlUG9JcnBNYmlodFkvdEpMdmVrcGhLVE1sL2F1YjVqZ1E4VnJBM0ZTRzNZNDFXTkpxL3hVSXhnPXw&cppv=2

Request Chain 41

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 64

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=QUhmrXxlblNrTnlCeklYeWc3bnJCZ2VOemVtcU42QzlYN3BwcmVOSFFsL0ovZTBUckx1SjBxSWdsTWtRZGJWK1FEUVJZby9lSkRpK0tKOHdUTDVINjIxc0JWRVhnRkYxbzhUK3Roc042ZnVRQ0NkMk50VXZ4OTdra0E2UlRNakhLY3lYck1oVkNsVHFYTGhzZzdiN1F0MVJTMUp4VEsrT3BVaDRJRWVxUXIwZ3A2TDhpb1RGSzBKbnNRalM2bmhORTBydStWVVZzTytkajZmSnhIb3hJS29xV0RTaE5SU1FHNHp4RTB3RTlsemdQSDBNPXw&cppv=2

Request Chain 65

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 115

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=_5JCvnx2bGlOcFVjZ3BreE9id29GYTQxdkhQQ1h6NjV3MXRDWi8zb29Ma1JXSTFwY3FibDR6ZTA5azBXcHA3WFpGR0l4YjFxelJYclZOYVNmL0wrS1ZmbTNZTXVjWE1JeFJwL05jdFdDeXIveW15WGc3ZGFiVnN5bzlNRTlNY1RWZ3dyY2JCOUVvdHU3SUowL0pBZDdHL3NFb09oLzZjMjVJbXZMcHVHMktzaGdwNFdkS1kydWdHVWlzN0N5SzV6WVlVajhocS9JMDJjVUJxK1VsL0V1NEZ3ZlAzVnZJQjJUcHdveUlGckxMSWJlY2NRPXw&cppv=2

Request Chain 116

• https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
• https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 136

• https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP 302
• https://mug.criteo.com/sid?cpp=FjTE93xmSkp3VjN4WUFndjMwNzRXUFphMjc1WmdVRThURm4yc3dkU1F0Z2l0MXE0RFcrdVI5Q0R3VmlVclpUNHZVQzUxS1A5RlZ4cXBOWmtMdGUxUEc2ODE1dCsxVmpLMFlRKzJVTHpRT21Td2dOTUJ1aTFjMGhJd05uSU9sTkZvT1ZJcEQvSWQvRWNSU2x4NDVMSHM3NDUvTDBvSnY1TnBNSzJ3elpXMlNIWjhURldlVmVUdTM1L2V2MGIzWVEyb3NCbzFRaThMZG5PWUd3OTBpbGxON2RpSXVYOHhhQnJjN1ZzZnFuTG9SMEplMnMwPXw&cppv=2

Request Chain 143

• https://adlv.hit.gemius.pl/dataredir?rid=xnjrkiktyj&url=pixel-eu.onprospects.com%2F%3Fpartner%3D254%26mapped%3DHCUDATA%26gdpr%3D0%26gdpr_consent%3D HTTP 301
• https://pixel-eu.onprospects.com/?partner=254&mapped=TxlwaT1vd5s0CjFeP4e2HtgWlfxUnIpszhv.RQ.7EIj.c7&gdpr=0&gdpr_consent= HTTP 301
• https://pixel-eu.onaudience.com/?partner=254&mapped=TxlwaT1vd5s0CjFeP4e2HtgWlfxUnIpszhv.RQ.7EIj.c7&gdpr=0&gdpr_consent=&onp HTTP 302
• https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=be415cf8d679b991/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D

Request Chain 150

• https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=94139b36-0da2-4a2e-5910-482e0cebd32e&reqId=3f3cc8ff-aaa9-4b5d-714e-b753564bce6a&zdid=1258 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=94139b36-0da2-4a2e-5910-482e0cebd32e&reqId=3f3cc8ff-aaa9-4b5d-714e-b753564bce6a&zdid=1258&google_tc= HTTP 302
• https://mwzeom.zeotap.com/mw?google_gid=CAESEDMZ_Q-r7cyKYLb1Hc1osGE&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=94139b36-0da2-4a2e-5910-482e0cebd32e&reqId=3f3cc8ff-aaa9-4b5d-714e-b753564bce6a&zdid=1258

Request Chain 159

• https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=b81f109d-6a02-4cfc-930b-d27372b94e39 HTTP 302
• https://s.cpx.to/ca.png?dsp=dbm&fid=b81f109d-6a02-4cfc-930b-d27372b94e39&google_gid=CAESEGa0ON3dvk_md2SCDOhOgbY&google_cver=1

Request Chain 160

• https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db81f109d-6a02-4cfc-930b-d27372b94e39 HTTP 302
• https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db81f109d-6a02-4cfc-930b-d27372b94e39 HTTP 302
• https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=01D87403-967A-4C48-ACE7-5A33B2ADF97E&fid=b81f109d-6a02-4cfc-930b-d27372b94e39

Request Chain 162

• https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Flink1s.com%252FxWz8%26hn_ver%3D40%26fid%3Db81f109d-6a02-4cfc-930b-d27372b94e39%26dsp%3Dpub_common%26dsp_uid%3D7bbd2de5-5d9d-4839-9ecf-7e452ce2e049 HTTP 302
• https://s.cpx.to/an_fire?app_nexus_uid=3895796451126902620&pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2FxWz8&hn_ver=40&fid=b81f109d-6a02-4cfc-930b-d27372b94e39&dsp=pub_common&dsp_uid=7bbd2de5-5d9d-4839-9ecf-7e452ce2e049

Request Chain 178

• https://gum.criteo.com/sid/json?origin=publishertag&domain=link1s.com&sn=ChromeSyncframe&so=3&topUrl=link1s.com&bundle=yuZHy183VG0lMkZaWGFUR3Q3SkJaSzc1blRKbnk0QkVkaUV2akNVczRQSkVaTXhyRVlYZzJzQnhUOVN5YnolMkJCTnR0YjN0UFMyckhDNUxzOENkVDlQazRjSFhEbXVOdXo4Y1VhbmMwRWpIYUxJc0NKdEEwUlJpY0sweGhNRkVUSUNUM21lVWM&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=C2MOKXxWd2N2R2lzcWo2a28yVXl4a3pTRWpuZ1NYZmFMRnlUUVhNeHNYaVNib1VJNWU1SitxVzVCWmlMYm8vVlFSb1o2anpsOWowMC9wbGFFV0RDT2FZYVJGR2NYYUJtbUo1SmF2TUNReEF5U1RRQU5JSUh5ZE9tQnM2Ymp6NnB4ZHppUmtvczZScVJTcC81QVNCbjN0M1VYeCtjM21RWTEydDBQQ1duUFozNDBqZ2psTTUwVmdhcE1SUmhBdDRTMVdBQWkyZTBDWlFHZU1VVjlBQjVLT0g5OG15ZFE3c3FHYjFVQVRJREc2WnNJcGZ2R3dqS2tPNkU4SGxZZmsxaWtsVHVGU011RS9PN1QxMW9CUk5PSzEyQXMyUT09fA&cppv=2

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request xWz8 Show response link1s.com/	25 KB 11 KB	2174ms 1947ms	Document text/html	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software fbs / LarVPS Resource Hash e61382efd34e4244183428cf5a1222f23f2c1994ad9b4565727bae16c5738b01 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control no-store, no-cache, must-revalidate content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 24 Dec 2022 15:12:11 GMT expires Thu, 19 Nov 1981 08:52:00 GMT pragma no-cache server fbs strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-frame-options SAMEORIGIN x-hw 1671894731.cds166.fr8.hn,1671894731.cds285.fr8.sc,1671894731.cdn2-wafbe02-fra1.stackpath.systems.-.wx,1671894731.cds285.fr8.p x-powered-by LarVPS x-robots-tag noindex, nofollow x-sp-metadata HS256.CNvJnJ0GEocBCiRkOGQyOWIxOC0wYjU5LTQxMjAtOWE3NC0yYTg4YzQ0NjU5MDYQkIWIkYuR+wIaBgjLrZydBiIMODAuMjU1LjcuMTA4KMDrAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiYSJDViNGZkYTdmLWViYzYtNDY0Ni04YzdlLTFiODllMWNlNjM4MCIaCAISFGNkczI4NS5mcjguaHdjZG4ubmV0GAg=.rzf6pp3DNZX+WtmI7mIQhXSLr4Bx9efsXycua3TwV30= x-xss-protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	3 KB 933 B	197ms 73ms	Stylesheet text/css	2a00:1450:400d:804::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5ef043454b128260dda530a42312fbb985505034036cd3f3ea23cfe324a7905b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 24 Dec 2022 15:12:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 24 Dec 2022 14:33:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 24 Dec 2022 15:12:13 GMT
GET H2	200	styles.min.css link1s.com/cloud_theme/build/css/	191 KB 40 KB	247ms 247ms	Stylesheet text/css	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software fbs / Resource Hash 56790de2716fb106cfc5fe644691d28a64f8a48b0f0fd323195a3d324e4d7567 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/xWz8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:13 GMT content-encoding gzip x-sp-metadata HS256.CN3JnJ0GEocBCiRjNmU1ZWM4My0zNzY3LTRmOGQtOWM3Yy1hNDA3MDYyOWE0YzUQkIWIkYuR+wIaBgjNrZydBiIMODAuMjU1LjcuMTA4KMDrAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkOTQyNjJmNzAtMWUxZC00YjkzLWIzODQtNTNmZmNiMWJhNmIyGLa7AiIYCAISFGNkczE1NS5mcjguaHdjZG4ubmV0.IKa+5bUWxurEHmBSU+yzh4lilq9NqDl6o8zfi/b1jyU= last-modified Wed, 23 Jun 2021 02:58:02 GMT server fbs etag W/"60d2a33a-2fa30" x-hw 1671894733.cds166.fr8.hn,1671894733.cds155.fr8.c content-type text/css access-control-allow-origin * cache-control max-age=2592000, public accept-ranges bytes content-length 40374
GET H2	200	js Show response www.googletagmanager.com/gtag/	109 KB 43 KB	205ms 80ms	Script application/javascript	2a00:1450:400d:807::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-129758818-7 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d2a6e4fc6069db4b5542ffc52a9a760a63c2d5bbf17bd34802ce6f9f3b499201 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:13 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 43632 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 24 Dec 2022 15:12:13 GMT
GET H2	200	aomini.js Show response lv.adocean.pl/files/js/	8 KB 4 KB	182ms 57ms	Script application/x-javascript	54.38.133.13 OVH
General Check archive.org Show headers Download Go to Full URL https://lv.adocean.pl/files/js/aomini.js Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.38.133.13 , France, ASN16276 (OVH, FR), Reverse DNS ip13.ip-54-38-133.eu Software GAD / Resource Hash 97b08d65b92a32b6a54fdacd06356ba55733c722f1bacf7eeda07f215c361215 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:13 GMT content-encoding gzip last-modified Tue, 13 Dec 2022 21:46:31 GMT server GAD accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 etag "00001FCFAF20B624" vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control public, must-revalidate, max-age=14400 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 3211 expires Sat, 24 Dec 2022 19:12:13 GMT
GET H2	200	logo1s.png link1s.com/	30 KB 30 KB	79ms 78ms	Image image/png	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://link1s.com/logo1s.png Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software fbs / LarVPS Resource Hash a1e2b0dcdc48527c85aa69b5f00854c11cb4b4554544098f2473119428c38017 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/xWz8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:13 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-powered-by LarVPS content-length 30338 x-xss-protection 1; mode=block x-sp-metadata HS256.CN3JnJ0GEocBCiQ4MDkzMGIxNS1jNjRkLTRlYzgtYTQ2Yy0zM2VlM2UyMGEzZWIQkIWIkYuR+wIaBgjNrZydBiIMODAuMjU1LjcuMTA4KMDrAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkY2ZiMjg5MDEtMmZlOC00M2FmLTkzOTgtZWU5ZmQ0YzBlOGJhGILtASIYCAISFGNkczEwOC5mcjguaHdjZG4ubmV0.OoF/M/fgvUs9ncbsruA7SLyW1KVYixDF44DBi6Av3EM= last-modified Sun, 28 Feb 2021 03:13:41 GMT server fbs etag "603b0a65-7682" x-download-options noopen x-hw 1671894733.cds166.fr8.hn,1671894733.cds108.fr8.c content-type image/png access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes
GET H2	200	poster.jpg web-activity-h5.xbank.plus/	156 KB 157 KB	269ms 75ms	Image image/jpeg	2606:4700:310c::ac42:2ce3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://web-activity-h5.xbank.plus/poster.jpg Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:310c::ac42:2ce3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2c5122fbf320c8622059d3a8763e303009ad23405219787a3603458efa6e8cd Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:13 GMT referrer-policy strict-origin-when-cross-origin x-content-type-options nosniff nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "623df2d5ac8da09edd4caf11f0edca2c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TpO8PPDoW1%2BBjZFjLPOsyv0a6Fu8ZOO93Tfg0rPMWbNEeWqKjhQ1NhRQQ212yT5%2Fmgen3aYZUln1Ljqm9DDCA6wY3Hl3R8hAuNWwXM%2BK7LwjnBQAS2sxhh7KR%2FfKIxz%2Fijy5NTe7Z8fV5VtOiivZpHucsXPirT1v3w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=0, must-revalidate cf-ray 77ea4624aad8922c-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 160150
GET H2	200	ads.js Show response link1s.com/js/	191 B 580 B	53ms 53ms	Script application/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://link1s.com/js/ads.js Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software fbs / Resource Hash 347f6365abfcb020615486b3d7e0a6021a507bc720e5fc70efb8bacce6a160ca Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/xWz8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:13 GMT content-encoding gzip x-sp-metadata HS256.CN3JnJ0GEocBCiQwYjcxNzlhMS1iMzQzLTRiMjAtYWJlMi00MzExYzM0ZjMwNjkQkIWIkYuR+wIaBgjNrZydBiIMODAuMjU1LjcuMTA4KMDrAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkY2YxMjZlYzYtNGU1NC00ZmY1LWI4ZmItOWFhYzg5ZWViOWRlGKABIhgIAhIUY2RzMjg2LmZyOC5od2Nkbi5uZXQ=.DV4Ty4LyehjIoZ1aYFjvG3GS8hO5wgEpPxCDhuyu+vY= last-modified Tue, 03 Sep 2019 13:24:48 GMT server fbs etag "5d6e69a0-bf" x-hw 1671894733.cds166.fr8.hn,1671894733.cds286.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=2592000, public accept-ranges bytes content-length 160
GET H2	200	script.min.js Show response link1s.com/cloud_theme/build/js/	202 KB 68 KB	43ms 42ms	Script application/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://link1s.com/cloud_theme/build/js/script.min.js?ver=6.4.0 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software fbs / Resource Hash 852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/xWz8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:13 GMT content-encoding gzip x-sp-metadata HS256.CN3JnJ0GEocBCiRlMjY0M2MwYy1mM2Y4LTRhOTAtODc2My03YWNlMjA1YWUxM2MQkIWIkYuR+wIaBgjNrZydBiIMODAuMjU1LjcuMTA4KMDrAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkZjhkNGM4MDAtMzk2YS00NTE2LThkNzAtNDg3YTU2YWNiNjJhGJ2eBCIYCAISFGNkczI0OS5mcjguaHdjZG4ubmV0.fjkbUDKOD5Q6Bb9Zutvf52wvM/wqBy2yZZTJlOAphsg= last-modified Tue, 03 Sep 2019 13:24:50 GMT server fbs etag W/"5d6e69a2-32956" x-hw 1671894733.cds166.fr8.hn,1671894733.cds249.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=2592000, public accept-ranges bytes content-length 69405
GET H2	200	api.js Show response www.recaptcha.net/recaptcha/	921 B 995 B	144ms 46ms	Script text/javascript	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 3beea90831c34ffbc5a3d578770f0e2da8c3818d641d5da91ea041f963702779 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:13 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 582 x-xss-protection 1; mode=block expires Sat, 24 Dec 2022 15:12:13 GMT
GET H2	200	gen.js Show response ads.themoneytizer.com/s/	5 KB 3 KB	170ms 37ms	Script text/html	2a02:6ea0:c700::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/gen.js?type=5 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash ff4beb076266687a34a457c87f42a7147c4f981cb0dc4bdbd3f42cf00da77152 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-77-nzt AcO1rgVuu5D/JuABAA x-accel-expires @1672376615 date Sat, 24 Dec 2022 15:12:13 GMT x-77-pop frankfurtDE content-encoding gzip server CDN77-Turbo x-77-nzt-ray 25b0213101037246cd16a7633331b91c x-cache HIT content-type text/html; charset=UTF-8 x-77-cache HIT cache-control max-age=604800 x-age 122918
GET H2	200	requestform.js Show response ads.themoneytizer.com/s/	156 KB 20 KB	207ms 74ms	Script text/html	2a02:6ea0:c700::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 4b0e02a9bcee869f3aa64e74d9e7935028f788aa46b26843bf51f6e7a76abd2a Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-77-nzt AcO1rgWh/TH/vtwBAA x-accel-expires @1672377487 date Sat, 24 Dec 2022 15:12:13 GMT x-77-pop frankfurtDE content-encoding gzip server CDN77-Turbo x-77-nzt-ray 25b0213101037246cd16a763b5c4c01c x-cache HIT content-type text/html; charset=UTF-8 x-77-cache HIT cache-control max-age=604800 x-age 122046
GET H2	200	ser.php Show response ssp.web1s.com/	2 KB 2 KB	184ms 77ms	Script text/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://ssp.web1s.com/ser.php?t=AADIV35&f=35&psc= Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software nginx / LarVPS Resource Hash 77b71c8fcb2a0498210f38c4eca6c805ff7d7de400ae6ccd5beff7f250b5a88c Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:13 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload server nginx x-sp-metadata HS256.CN3JnJ0GEocBCiQ2ODQ1NmMyZS05NWI4LTQwMzUtOWNiMC01MWNlMGEwNWY0M2MQmL3y9Kv/+wIaBgjNrZydBiIMODAuMjU1LjcuMTA4KMjyAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGikSJDUzZWI2NDI5LTdhNTItNGU1OS05ODdiLWY3Zjc4NjA5NWE4OBjpByIaCAISFGNkczEyMy5mcjguaHdjZG4ubmV0GAk=./kBrbgKer5CQSgpW6TDlRGCLutUjsDSJtHKpkYGtTVQ= x-powered-by LarVPS x-download-options noopen x-hw 1671894733.cds236.fr8.hn,1671894733.cds123.fr8.sc,1671894733.cds123.fr8.p content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 49 KB	232ms 131ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c9b62a52066408734c626e4f9b5999d3ce5d3f74e4c7bfa7be963b2960cbcf1a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:13 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49319 x-xss-protection 0 server cafe etag 8554260085342940252 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sat, 24 Dec 2022 15:12:13 GMT
GET H2	200	ad.js Show response lv.adocean.pl/__/_1671894733/ Redirect Chain https://lv.adocean.pl/_1671894733336/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200 https://lv.adocean.pl/__/_1671894733336/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200 https://adlv.hit.gemius.pl/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1671894733%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DD1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7%2Fx... https://adlv.hit.gemius.pl/__/redataredir?url=https%3A%2F%2Flv.adocean.pl%2F__%2F_1671894733%2Fad.js%3Fhclsdata%3DHCLSDATA%26hcudata%3DHCUDATA%26id%3DD1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7%... https://lv.adocean.pl/__/_1671894733/ad.js?hclsdata=&hcudata=vu8ha.14hHGLKShNc9_JvYN7d_ReLoVyxSp6X2GrhUT.27&id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200	58 KB 18 KB	59ms 58ms	Script application/x-javascript	54.38.133.13 OVH
General Check archive.org Show headers Download Go to Full URL https://lv.adocean.pl/__/_1671894733/ad.js?hclsdata=&hcudata=vu8ha.14hHGLKShNc9_JvYN7d_ReLoVyxSp6X2GrhUT.27&id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Server 54.38.133.13 , France, ASN16276 (OVH, FR), Reverse DNS ip13.ip-54-38-133.eu Software GAD / Resource Hash e2feac9df10687aba478c1f6830026f029254ea6c505e990c2f6fb8557a01d5b Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:13 GMT content-encoding gzip server GAD accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 17796 expires Fri, 23 Dec 2022 15:12:13 GMT Redirect headers pragma no-cache date Sat, 24 Dec 2022 15:12:13 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p CP="NOI DSP COR NID PSAo OUR IND" location https://lv.adocean.pl/__/_1671894733/ad.js?hclsdata=&hcudata=vu8ha.14hHGLKShNc9_JvYN7d_ReLoVyxSp6X2GrhUT.27&id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200 cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 0 expires Fri, 23 Dec 2022 15:12:13 GMT
GET H2	200	Ae7yeot.gif i.imgur.com/	46 KB 47 KB	126ms 41ms	Image image/gif	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/Ae7yeot.gif Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 81a21aa49d24881a8da8302aef6ed5877465508f4541f5209050a3289548a281 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:13 GMT strict-transport-security max-age=300 x-content-type-options nosniff age 983526 x-cache HIT, HIT content-length 47404 x-served-by cache-iad-kjyo7100097-IAD, cache-hhn-etou8220056-HHN last-modified Tue, 13 Dec 2022 06:00:07 GMT server cat factory 1.0 x-timer S1671894734.623919,VS0,VE3 etag "bd4590a459f8a3914fbfa0622800b6b5" access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 19, 1
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 24 KB	125ms 41ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://link1s.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sun, 18 Dec 2022 11:05:12 GMT x-content-type-options nosniff age 533221 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23580 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 18 Dec 2023 11:05:12 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	175ms 50ms	Script text/javascript	2a00:1450:400d:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-129758818-7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 24 Dec 2022 14:27:20 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 2693 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Sat, 24 Dec 2022 16:27:20 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame F5BC	10 KB 5 KB	137ms 37ms	Document text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://link1s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 78489 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 23 Dec 2022 17:24:04 GMT etag 10353107486223812946 expires Fri, 06 Jan 2023 17:24:04 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 202 B	72ms 71ms	XHR text/plain	2a00:1450:400d:80d::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=730633990&t=pageview&_s=1&dl=https%3A%2F%2Flink1s.com%2FxWz8&ul=en-us&de=UTF-8&dt=Link1s.com%20-%20Best%20URL%20Shortener%20To%20Earn%20Money&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=8076856&gjid=1237424068&cid=301640904.1671894734&tid=UA-129758818-7&_gid=958980299.1671894734&_r=1&gtm=2oubu0&z=464005080 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	xgde.js Show response adlv.hit.gemius.pl/gdejs/	54 KB 19 KB	55ms 54ms	Script application/x-javascript	54.38.133.136 OVH
General Check archive.org Show headers Download Go to Full URL https://adlv.hit.gemius.pl/gdejs/xgde.js Requested by Host: lv.adocean.pl URL: https://lv.adocean.pl/_1671894733336/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1600/y=1200 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.38.133.136 , France, ASN16276 (OVH, FR), Reverse DNS ip136.ip-54-38-133.eu Software GHC / Resource Hash a957d85b13842f9c53f551ac2e1f891562e588b14892b9384a6b0f6e1f9d59c1 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Sat, 24 Dec 2022 15:12:14 GMT content-encoding gzip last-modified Wed, 31 Aug 2022 06:49:43 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 etag "630F04870000D964BC018988" vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges none content-length 19348 expires Sun, 25 Dec 2022 15:12:14 GMT
POST H2	200	extra=; adlv.hit.gemius.pl/_1671894734252/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=63A716CDD4316785;/inner=%7C;/	2 B 241 B	55ms 54ms	Ping application/x-javascript	54.38.133.136 OVH
General Check archive.org Show headers Download Go to Full URL https://adlv.hit.gemius.pl/_1671894734252/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=63A716CDD4316785;/inner=%7C;/extra=; Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.38.133.136 , France, ASN16276 (OVH, FR), Reverse DNS ip136.ip-54-38-133.eu Software GHC / Resource Hash 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p CP="NOI DSP COR NID PSAo OUR IND" access-control-allow-origin https://link1s.com content-type application/x-javascript cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cross-origin-resource-policy cross-origin accept-ranges none content-length 2 expires Fri, 23 Dec 2022 15:12:14 GMT
GET H2	200	/ Show response link1s.com/sbbi/ Frame 6364	25 KB 11 KB	67ms 66ms	Document text/html	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://link1s.com/sbbi/?sbbpg=sbbShell&gprid=mo&sbbgs=h434f820ba5ec1ebca6502e7c48010595686&ddl=3 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software fbs / Resource Hash ed92e7fdad439ba3c9426b5e5e447cb189d18a8abbef2f69559c38b87a55ae86 Request headers Referer https://link1s.com/xWz8 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 24 Dec 2022 15:12:14 GMT server fbs x-accel-expires 0 x-hw 1671894734.cds166.fr8.hn,1671894734.cds285.fr8.sc,1671894734.cdn2-wafbe02-fra1.stackpath.systems.-.i,1671894734.cds285.fr8.p x-sp-metadata HS256.CN7JnJ0GEocBCiRiODA5ZDU2Yy1hYjQ4LTQxM2YtOGEzMi02NDBiNGUwZTFmOWMQkIWIkYuR+wIaBgjOrZydBiIMODAuMjU1LjcuMTA4KMDrAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiYSJGNlZDczMmI4LWIxYTctNDkyMC04NDUwLTc4NTAwNTM2OTg4NSIaCAISFGNkczI4NS5mcjguaHdjZG4ubmV0GAg=.AAJolf1IWIR4PyFb3EW6d3D1xIvhkAoAcHxtkDyn+xU=
GET H2	200	/ link1s.com/sbbi/	43 B 459 B	70ms 68ms	Image image/gif	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://link1s.com/sbbi/?sbbpg=utMedia&vii=bh7423e45f98a260db2a55ce1cc16e3b8c8a26f5e0923ee76c7448f011408529s5m6r8t6 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software fbs / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/xWz8 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-accel-expires 0 date Sat, 24 Dec 2022 15:12:14 GMT x-sp-metadata HS256.CN7JnJ0GEocBCiQ1NzNkZTVjOS0zMmYxLTQ1ODUtOTlkYS1jNDBlZTMzMmQ1MDcQkIWIkYuR+wIaBgjOrZydBiIMODAuMjU1LjcuMTA4KMDrAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiYSJDdiZDM4ZmQ4LWM1N2YtNGJlYy1hNjZjLTc5ZmIzMWE5ZjY3YyIaCAISFGNkczI0MC5mcjguaHdjZG4ubmV0GAg=.Tk62cULds+jmLzR1aeHcC0HjYvQO3HuwcKEjRKVC7pY= server fbs x-hw 1671894734.cds166.fr8.hn,1671894734.cds240.fr8.sc,1671894734.waf1-node03-fra02.stackpath.systems.-.i,1671894734.cds240.fr8.p content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
GET H2	200	ser.php Show response ssp.web1s.com/	1 KB 1 KB	79ms 78ms	Script text/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://ssp.web1s.com/ser.php?t=AADIV58&f=58&psc= Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software nginx / LarVPS Resource Hash d2553397fc8ff50318aaa6d5572472a08d42e70eb5168e581ec330d595a891c1 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:14 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload server nginx x-sp-metadata HS256.CN7JnJ0GEocBCiQ3ZTJkNDBmYy05ODg5LTRiODItOTVhNS0wZjc2NjEyYzIzYzUQmL3y9Kv/+wIaBgjOrZydBiIMODAuMjU1LjcuMTA4KMjyAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGikSJDZlOTUyZTQ5LTNiMWItNDhiNy1hYjViLTUzNDdiOWEyZjhhNxjXBSIaCAISFGNkczI5MC5mcjguaHdjZG4ubmV0GAk=.HBtdIFJZqekd2WG9TsnBb0MfHap9wRA1yP7UbvKyMHI= x-powered-by LarVPS x-download-options noopen x-hw 1671894734.cds236.fr8.hn,1671894734.cds290.fr8.sc,1671894734.cds290.fr8.p content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate accept-ranges bytes x-xss-protection 1; mode=block
GET H2	200	ad.js Show response lv.adocean.pl/_1671894734257/	58 KB 18 KB	58ms 58ms	Script application/x-javascript	54.38.133.13 OVH
General Check archive.org Show headers Download Go to Full URL https://lv.adocean.pl/_1671894734257/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1600/y=1200 Requested by Host: lv.adocean.pl URL: https://lv.adocean.pl/files/js/aomini.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.38.133.13 , France, ASN16276 (OVH, FR), Reverse DNS ip13.ip-54-38-133.eu Software GAD / Resource Hash f211b47ea6bcd906c125419dbdabedb043041de5a897e24ebc1df1acb88c2144 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT content-encoding gzip server GAD accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 17802 expires Fri, 23 Dec 2022 15:12:14 GMT
GET H2	200	header.jpg link1s.com/cloud_theme/build/img/	32 KB 32 KB	43ms 43ms	Image image/jpeg	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://link1s.com/cloud_theme/build/img/header.jpg Requested by Host: link1s.com URL: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software fbs / LarVPS Resource Hash fb6ea9089178b18c66e8110965f05a461c772ce16debb14c3e61d4bae3e6c3ca Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:14 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-powered-by LarVPS content-length 32352 x-xss-protection 1; mode=block x-sp-metadata HS256.CN7JnJ0GEocBCiRlNTliY2E1MS1jMTMzLTQ5YTgtYmExZi0wMDUyZDA4OGViOTcQkIWIkYuR+wIaBgjOrZydBiIMODAuMjU1LjcuMTA4KMDrAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkOTJiNzI5MDAtMjA3NC00NjEwLWJjNzItNTk2OTIxMTE3Mzk1GOD8ASIYCAISFGNkczI0MS5mcjguaHdjZG4ubmV0.8jxYosGsFaZgwk3YoKeFwbHGcYIzwkOp+WnD/+U1IuQ= last-modified Mon, 15 Jun 2020 06:00:41 GMT server fbs etag "5ee70e89-7e60" x-download-options noopen x-hw 1671894734.cds166.fr8.hn,1671894734.cds241.fr8.c content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes
GET H3	200	S6u9w4BMUTPHh50XSwiPGQ.woff2 fonts.gstatic.com/s/lato/v23/	22 KB 22 KB	119ms 43ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://link1s.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 22 Dec 2022 21:28:35 GMT x-content-type-options nosniff age 150219 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 22504 x-xss-protection 0 last-modified Tue, 26 Apr 2022 16:04:16 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 22 Dec 2023 21:28:35 GMT
GET H3	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 23 KB	114ms 38ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,400,700,900 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://link1s.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 20 Dec 2022 17:07:14 GMT x-content-type-options nosniff age 338700 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23040 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:56:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 20 Dec 2023 17:07:14 GMT
GET H2	200	fontawesome-webfont.woff2 link1s.com/cloud_theme/build/fonts/	75 KB 76 KB	48ms 48ms	Font font/woff2	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://link1s.com/cloud_theme/build/fonts/fontawesome-webfont.woff2 Requested by Host: link1s.com URL: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software fbs / LarVPS Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0 Origin https://link1s.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:14 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-powered-by LarVPS content-length 77160 x-xss-protection 1; mode=block x-sp-metadata HS256.CN7JnJ0GEocBCiRiYWUwOWVkZC01NDAwLTQ1N2YtYjc4OC1jN2UwNjNlZGFmNGIQkIWIkYuR+wIaBgjOrZydBiIMODAuMjU1LjcuMTA4KMDrAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkNDFmMDJmM2EtY2JkNi00MTk3LTk0ZTEtNDM0YjQ1MDM3NzU0GOjaBCIYCAISFGNkczIzMC5mcjguaHdjZG4ubmV0.q2NaSkka6DsJfeXkQcluwzC5cW7IatkW/VuCdybNLNg= last-modified Tue, 03 Sep 2019 13:24:50 GMT server fbs etag "5d6e69a2-12d68" x-download-options noopen x-hw 1671894734.cds166.fr8.hn,1671894734.cds230.fr8.c content-type font/woff2 access-control-allow-origin * cache-control max-age=1538 accept-ranges bytes
GET H2	200	f0e1efd3-353f-4ff1-b037-202b7bb3383d Show response boot.pbstck.com/v1/tag/ Frame A16D	1 KB 853 B	166ms 73ms	Script application/javascript	2606:4700:10::6816:5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9909a189d0a96fb0c1240aefca12e57ae79a8ae215649527f9216a70e2967739 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:14 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare content-type application/javascript access-control-allow-origin * cache-control private,max-age=120 timing-allow-origin * cf-ray 77ea4629eee12bac-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Show response boot.pbstck.com/v1/tag/ Frame A16D	2 KB 719 B	167ms 75ms	Script application/javascript	2606:4700:10::6816:5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19193ec70a9e99334155d24ce97f8a10cb7b3fd74b5754607e530d87da1a912d Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:14 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare content-type application/javascript access-control-allow-origin * cache-control private,max-age=120 timing-allow-origin * cf-ray 77ea4629eee42bac-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	stpd220112.js Show response stpd.cloud/assets/postbid/ Frame A16D	480 KB 138 KB	155ms 60ms	Script application/javascript	2606:4700::6812:1e31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stpd.cloud/assets/postbid/stpd220112.js Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 24 Dec 2022 15:12:14 GMT content-encoding br cf-cache-status HIT content-md5 HjfY42wqSWw306GoqTYOLw== age 3956 x-ms-lease-status unlocked last-modified Mon, 12 Dec 2022 09:03:11 GMT server cloudflare vary Origin, Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id a40b35fb-901e-001e-6db2-13134f000000 cache-control public, max-age=14400 x-ms-version 2009-09-19 cf-ray 77ea4629ef679143-FRA expires Sat, 24 Dec 2022 19:12:14 GMT
GET H2	200	xgde.html Show response adlv.hit.gemius.pl/gdejs/ Frame 11EC	303 B 315 B	55ms 54ms	Document text/html	54.38.133.136 OVH
General Check archive.org Show headers Download Go to Full URL https://adlv.hit.gemius.pl/gdejs/xgde.html Requested by Host: adlv.hit.gemius.pl URL: https://adlv.hit.gemius.pl/gdejs/xgde.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.38.133.136 , France, ASN16276 (OVH, FR), Reverse DNS ip136.ip-54-38-133.eu Software GHC / Resource Hash 7bbd910982260037f1c9d83f2c7fe743e789ca06dd54c9eb56c2598b7b928fd0 Request headers Referer https://link1s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 accept-ranges none cache-control public, max-age=86400 content-encoding gzip content-length 215 content-type text/html;charset=utf-8 cross-origin-resource-policy cross-origin date Sat, 24 Dec 2022 15:12:14 GMT etag "5996D7A50000012F9178E011" expires Sun, 25 Dec 2022 15:12:14 GMT last-modified Fri, 18 Aug 2017 12:03:49 GMT p3p CP="NOI DSP COR NID PSAo OUR IND" server GHC vary Accept-Encoding,Origin
GET H2	200	W2moovL.gif i.imgur.com/	2 MB 2 MB	48ms 45ms	Image image/gif	146.75.120.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/W2moovL.gif Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 8a971555ec02ed1cd80c933fd99e5a59603df99cb426cf5f90042a8abdc0ad3b Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:14 GMT strict-transport-security max-age=300 x-content-type-options nosniff age 1937853 x-cache HIT, HIT content-length 2294167 x-served-by cache-iad-kiad7000070-IAD, cache-hhn-etou8220056-HHN last-modified Wed, 12 Oct 2022 12:35:43 GMT server cat factory 1.0 x-timer S1671894735.516297,VS0,VE8 etag "80e0968df8bae6f58c57076c5d2f198f" access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 12883, 1
GET H2	200	xgde.js Show response adlv.hit.gemius.pl/gdejs/ Frame 11EC	54 KB 19 KB	54ms 54ms	Script application/x-javascript	54.38.133.136 OVH
General Check archive.org Show headers Download Go to Full URL https://adlv.hit.gemius.pl/gdejs/xgde.js Requested by Host: adlv.hit.gemius.pl URL: https://adlv.hit.gemius.pl/gdejs/xgde.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.38.133.136 , France, ASN16276 (OVH, FR), Reverse DNS ip136.ip-54-38-133.eu Software GHC / Resource Hash a957d85b13842f9c53f551ac2e1f891562e588b14892b9384a6b0f6e1f9d59c1 Request headers accept-language de-DE,de;q=0.9 Referer https://adlv.hit.gemius.pl/gdejs/xgde.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:14 GMT content-encoding gzip last-modified Wed, 31 Aug 2022 06:49:43 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 etag "630F04870000D964BC018988" vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges none content-length 19348 expires Sun, 25 Dec 2022 15:12:14 GMT
POST H2	200	extra=; adlv.hit.gemius.pl/_1671894734570/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=63A716CDD4316785;/inner=%7C;/	2 B 177 B	55ms 54ms	Ping application/x-javascript	54.38.133.136 OVH
General Check archive.org Show headers Download Go to Full URL https://adlv.hit.gemius.pl/_1671894734570/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=63A716CDD4316785;/inner=%7C;/extra=; Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.38.133.136 , France, ASN16276 (OVH, FR), Reverse DNS ip136.ip-54-38-133.eu Software GHC / Resource Hash 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p CP="NOI DSP COR NID PSAo OUR IND" access-control-allow-origin https://link1s.com content-type application/x-javascript cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cross-origin-resource-policy cross-origin accept-ranges none content-length 2 expires Fri, 23 Dec 2022 15:12:14 GMT
GET H2	200	ad.js Show response lv.adocean.pl/_1671894734571/	58 KB 18 KB	59ms 58ms	Script application/x-javascript	54.38.133.13 OVH
General Check archive.org Show headers Download Go to Full URL https://lv.adocean.pl/_1671894734571/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1600/y=1200 Requested by Host: lv.adocean.pl URL: https://lv.adocean.pl/files/js/aomini.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.38.133.13 , France, ASN16276 (OVH, FR), Reverse DNS ip13.ip-54-38-133.eu Software GAD / Resource Hash 37dd10a0c82a56505e232af84b9d7387d11239a95bfe7f4dd996a8cab1e081be Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT content-encoding gzip server GAD accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 17802 expires Fri, 23 Dec 2022 15:12:14 GMT
GET H/1.1	200 OK	localstore.js Show response script.4dex.io/ Frame A16D	483 B 1017 B	137ms 44ms	Script application/javascript	2606:4700:20::681a:8a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 15:12:14 GMT Content-Encoding br CF-Cache-Status HIT Last-Modified Wed, 23 Nov 2022 15:43:18 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 2673663 ETag W/"922cffdd75f7192f75231d92684885aa" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPiXjtytjE36eJMBibbL02tu6w8R2KngoPEL7rbUCcuQgAkGH3IDKZmH7UCvlIMKqiBr7Q7IVi4a5%2FcKj1GeK%2FwrjxhsoKqjnLpRRCwuJi658FxDaJRfqfcVnn0RyiXWSdSNn2Yo7ynSPDr8"}],"group":"cf-nel","max_age":604800} Cache-Control public, max-age=1800 Connection keep-alive CF-RAY 77ea462bee369238-FRA
GET H2	200	sid Show response mug.criteo.com/ Frame A16D Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=bgL9VXxFeVJmckpKQlBUZVU0SVRKSkordE5wRG9iQ3ppazJoZnhhOFQwbm55WmpaKzJSRU5za2x5SUltKzlDQnUvbDUxYk5zdkNzb2liaHN6cEY2a2RCMkxuQkI2am1XcmViemlqWVphUjFvRENodU00VW91ZHI5bm1kaD...	362 B 662 B	119ms 40ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=bgL9VXxFeVJmckpKQlBUZVU0SVRKSkordE5wRG9iQ3ppazJoZnhhOFQwbm55WmpaKzJSRU5za2x5SUltKzlDQnUvbDUxYk5zdkNzb2liaHN6cEY2a2RCMkxuQkI2am1XcmViemlqWVphUjFvRENodU00VW91ZHI5bm1kaDhQUTRMUnVVeTBqUlpoaWUxV1BHTUlSc3psMHZLMUY3ckhXbXl3TkdkdnhSTHkzWGhEMC9jeDF0bTErQUhlUG9JcnBNYmlodFkvdEpMdmVrcGhLVE1sL2F1YjVqZ1E4VnJBM0ZTRzNZNDFXTkpxL3hVSXhnPXw&cppv=2 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 7804899cb8af8e22ff9b268c00fa9fc1a8f71c0e32663ea0d682377dd5e9bdc6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1280333 expires 0 Redirect headers pragma no-cache date Sat, 24 Dec 2022 15:12:13 GMT strict-transport-security max-age=31536000; preload; server Kestrel access-control-allow-methods GET location https://mug.criteo.com/sid?cpp=bgL9VXxFeVJmckpKQlBUZVU0SVRKSkordE5wRG9iQ3ppazJoZnhhOFQwbm55WmpaKzJSRU5za2x5SUltKzlDQnUvbDUxYk5zdkNzb2liaHN6cEY2a2RCMkxuQkI2am1XcmViemlqWVphUjFvRENodU00VW91ZHI5bm1kaDhQUTRMUnVVeTBqUlpoaWUxV1BHTUlSc3psMHZLMUY3ckhXbXl3TkdkdnhSTHkzWGhEMC9jeDF0bTErQUhlUG9JcnBNYmlodFkvdEpMdmVrcGhLVE1sL2F1YjVqZ1E4VnJBM0ZTRzNZNDFXTkpxL3hVSXhnPXw&cppv=2 access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 578267 content-length 0 expires 0
POST H/1.1	200	481.json Show response id5-sync.com/g/v2/ Frame A16D	216 B 620 B	134ms 39ms	XHR application/json	141.95.98.64 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/481.json Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.95.98.64 , France, ASN16276 (OVH, FR), Reverse DNS ns3216658.ip-141-95-98.eu Software / Resource Hash 5de2cd79cc2debb6eae570bb36205c5682048b8fc9bb778ce7f894236a8941d6 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://link1s.com date Sat, 24 Dec 2022 15:12:14 GMT strict-transport-security max-age=63072000; includeSubDomains; preload access-control-allow-credentials true vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	142ms 46ms	Preflight application/json	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://link1s.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Sat, 24 Dec 2022 15:12:13 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 433200 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 4F0B Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu	281 B 554 B	240ms 44ms	Document text/html	104.102.39.125 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.102.39.125 Hamburg, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-102-39-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://link1s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Sat, 24 Dec 2022 15:12:15 GMT ETag "403b9-119-5ec73a0a33d00" Last-Modified Wed, 02 Nov 2022 02:30:44 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-origin * content-length 0 date Sat, 24 Dec 2022 15:12:14 GMT location https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu server AkamaiGHost
GET H2	200	collector-fe29f59.js Show response cdn.pbstck.com/ Frame A16D	147 KB 41 KB	182ms 90ms	XHR application/javascript	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.pbstck.com/collector-fe29f59.js Requested by Host: boot.pbstck.com URL: https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02fdd4f259ce2e897b1fb10636a5f79c7560fd394721b53892316e11ee97e5d9 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:14 GMT content-encoding br cf-cache-status HIT age 111209 x-guploader-uploadid ADPycdsPfz57Tp7zEwa79_HKjSKSRzIhAlUBWtlSUV5RDrfZv5AzwDeUKod3dMnTJTOVUhuM3Ets5Y_HBqRh-iYac5LWjw x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 13 Dec 2022 15:45:54 GMT server cloudflare etag W/"0f0c7663da4109a37deb90115a448b57" vary Accept-Encoding x-goog-hash crc32c=koXiYQ==, md5=Dwx2Y9pBCaN965ARWkSLVw== x-goog-generation 1670946354895591 content-type application/javascript access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=604800, immutable x-goog-stored-content-length 40466 cf-ray 77ea462bef6d2be2-FRA expires Fri, 30 Dec 2022 08:14:53 GMT
GET H2	200	index-monitoring-301583c.js Show response cdn.pbstck.com/ Frame A16D	183 KB 51 KB	142ms 51ms	XHR application/javascript	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.pbstck.com/index-monitoring-301583c.js Requested by Host: boot.pbstck.com URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 628df093648df73d0dbff4905ba7262d40e4e70bead5b3ae73ab4634965719fb Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:14 GMT content-encoding br cf-cache-status HIT age 111209 x-guploader-uploadid ADPycduSyjtLDWXf94OKLADMuyLn_UoSAo4312HM8g0dUTDZZot3-jp9SgfRT3POhA6AE_y8eHlrN1DJQrcGTiaKereYKg x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 12 Dec 2022 16:22:05 GMT server cloudflare etag W/"2792a8f5102a28ea35670b4c11d66b7d" vary Accept-Encoding x-goog-hash crc32c=K58Y6w==, md5=J5Ko9RAqKOo1ZwtMEdZrfQ== x-goog-generation 1670862125732888 content-type application/javascript access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=604800, immutable x-goog-stored-content-length 50705 cf-ray 77ea462bef722be2-FRA expires Fri, 30 Dec 2022 08:01:47 GMT
GET H2	200	index-refresh-301583c.js Show response cdn.pbstck.com/ Frame A16D	148 KB 42 KB	180ms 89ms	XHR application/javascript	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.pbstck.com/index-refresh-301583c.js Requested by Host: boot.pbstck.com URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad1075241aa892fe10fd2f06072fd9d2d88bc4f51e6bd32bcc8444d5997a1153 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:14 GMT content-encoding br cf-cache-status HIT age 111209 x-guploader-uploadid ADPycdvnkPSgevhtZZXFucMF8LwF1f8EaijggNAYo-nMZu-poS0Hp4PrSLGnjYE2_pYiRcKJiF4b3eFSqc7ZFRpUj_bOLVuhI8_3 x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 12 Dec 2022 16:22:09 GMT server cloudflare etag W/"4bfc9434348caf53e03a05f3e7b5a6e3" vary Accept-Encoding x-goog-hash crc32c=krrFFQ==, md5=S/yUNDSMr1PgOgXz57Wm4w== x-goog-generation 1670862129104500 content-type application/javascript access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=604800, immutable x-goog-stored-content-length 41934 cf-ray 77ea462bef742be2-FRA expires Fri, 30 Dec 2022 07:19:05 GMT
GET H3	200	f0e1efd3-353f-4ff1-b037-202b7bb3383d Show response boot.pbstck.com/v1/tag/ Frame 25A9	1 KB 831 B	118ms 77ms	Script application/javascript	2606:4700:10::6816:5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9e3521539dca3d7fd5d1bb812267642af546e38adf5e74237068a44739ad4c0 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:14 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare content-type application/javascript access-control-allow-origin * cache-control private,max-age=120 timing-allow-origin * cf-ray 77ea462bfe4b9944-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Show response boot.pbstck.com/v1/tag/ Frame 25A9	2 KB 812 B	132ms 90ms	Script application/javascript	2606:4700:10::6816:5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8632550c5470ad9e0e636caac941b496ebe0090bd09b2a1cc93a87c65c434f92 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:14 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare content-type application/javascript access-control-allow-origin * cache-control private,max-age=120 timing-allow-origin * cf-ray 77ea462bfe4d9944-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	stpd220112.js Show response stpd.cloud/assets/postbid/ Frame 25A9	480 KB 138 KB	59ms 58ms	Script application/javascript	2606:4700::6812:1e31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stpd.cloud/assets/postbid/stpd220112.js Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 24 Dec 2022 15:12:14 GMT content-encoding br cf-cache-status HIT content-md5 HjfY42wqSWw306GoqTYOLw== age 3956 x-ms-lease-status unlocked last-modified Mon, 12 Dec 2022 09:03:11 GMT server cloudflare vary Origin, Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id a40b35fb-901e-001e-6db2-13134f000000 cache-control public, max-age=14400 x-ms-version 2009-09-19 cf-ray 77ea462bbaed9143-FRA expires Sat, 24 Dec 2022 19:12:14 GMT
POST H2	200	cookie_sync Show response prebid-stag.setupad.net/ Frame A16D	275 B 719 B	149ms 55ms	XHR application/json	2606:4700:20::681a:9b2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prebid-stag.setupad.net/cookie_sync Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0eaee741cff05047dc7513ffacf9c11ab52c277383f407cdc67d8d8f66991247 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAD4ChXcvd%2BOgS0kHut9eScEyApJYz2htNFeFdN5YAQ3KRiaWdkhN9TZcDjSqV4ny1BHvP4F8V9pCVCx9hrAhCGZ6lT2Rpt7c3aSSFBs%2FGf1je9hldxroNiu5SB%2F9hhWf%2BEL5ran7yNoiwxC9Elk0NFS8tlu"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 77ea462c6f1e8fe9-FRA expires 0
POST H2	200	auction Show response prebid-stag.setupad.net/openrtb2/ Frame A16D	236 B 521 B	177ms 84ms	XHR application/json	2606:4700:20::681a:9b2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prebid-stag.setupad.net/openrtb2/auction Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3b832d4205f6e7096e03a1eea65d5bb4a67ff354cd500223798f98e319133959 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-prebid pbs-go/0.234.0-3-gde6ed827 vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGpnh6s3URxcSF7ssb8EaeMAHCEo68b0phxs%2F0etBckJeh%2FFpF5sZDKmIpWo4bC1TeHXAPQ8IoVRNWJOTiLuLuAbpmbyiP9z6tt0zswfYFi8nrXlN%2Fxl1YNpnQ6%2BinEVRgYPYZ8SVh%2BY%2FQeWZ%2FhqzUUpjjrN"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 77ea462c6f208fe9-FRA expires 0
POST		auction rtb.adxpremium.services/openrtb2/ Frame A16D	0 0
POST H2	204	bids Show response prebid-eu.creativecdn.com/bidder/prebid/ Frame A16D	0 173 B	156ms 41ms	XHR text/plain	185.184.8.90 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-90.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://link1s.com date Sat, 24 Dec 2022 15:12:14 GMT access-control-allow-credentials true vary Origin access-control-max-age 3600 access-control-allow-methods POST
POST H2	204	c Show response prebid.a-mo.net/a/ Frame A16D	0 166 B	144ms 46ms	XHR text/plain	147.75.85.234 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers x-nbr 8 date Sat, 24 Dec 2022 15:12:14 GMT server envoy vary origin, Accept-Encoding access-control-allow-origin https://link1s.com cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 2
POST H2	204	prebid Show response mp.4dex.io/ Frame A16D	0 273 B	164ms 75ms	XHR text/plain	2606:4700::6812:372 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mp.4dex.io/prebid Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT x-err Parsing the Prebid Request. unparseable manager site domain x-version 3.0.0-gcp-ams cf-cache-status DYNAMIC via 1.1 google server cloudflare vary Origin, Accept-Encoding access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 77ea462c68d8917c-FRA expires 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame A16D	17 KB 9 KB	195ms 105ms	XHR application/json	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4c247f5cd44796b8b06c1cdee6d84b912806495063bade6b53542439590793ec Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers Date Sat, 24 Dec 2022 15:12:14 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid df73c9d9-d40f-4326-a0e7-0fb206e507c4 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://link1s.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	prebid-request Show response onetag-sys.com/ Frame A16D	15 B 358 B	142ms 37ms	XHR application/json	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip content-type application/json access-control-allow-origin https://link1s.com p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' cache-control no-transform, no-cache access-control-allow-credentials true access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H2	200	adjson Show response ads.betweendigital.com/ Frame A16D	2 B 906 B	153ms 48ms	XHR application/json	188.42.191.196 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://ads.betweendigital.com/adjson?t=prebid Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://link1s.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-encoding gzip vary Accept-Encoding content-type application/json
POST H2	204	cdb Show response bidder.criteo.com/ Frame A16D	0 212 B	166ms 63ms	XHR text/plain	2a02:2638::24 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=93306195336 Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers date Sat, 24 Dec 2022 15:12:14 GMT strict-transport-security max-age=31536000; preload; server Finatra vary Origin access-control-allow-origin https://link1s.com access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin *
POST H2	204	openrtb Show response adx.adform.net/adx/ Frame A16D	0 405 B	173ms 57ms	XHR text/plain	37.157.6.253 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:15 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx access-control-max-age 86400 access-control-allow-methods POST,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1
POST H2	204	translator Show response hbopenbid.pubmatic.com/ Frame A16D	0 112 B	209ms 68ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://link1s.com date Sat, 24 Dec 2022 15:12:14 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
OPTIONS H2	200	openrtb adx.adform.net/adx/ Frame	0 0	208ms 56ms	Preflight	37.157.6.253 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://link1s.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods POST,OPTIONS access-control-allow-origin https://link1s.com access-control-max-age 86400 allow POST,OPTIONS cache-control no-cache, no-store, must-revalidate, no-transform date Sat, 24 Dec 2022 15:12:14 GMT expires -1 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" pragma no-cache server nginx strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	xgde.js Show response adlv.hit.gemius.pl/gdejs/	54 KB 19 KB	54ms 54ms	Script application/x-javascript	54.38.133.136 OVH
General Check archive.org Show headers Download Go to Full URL https://adlv.hit.gemius.pl/gdejs/xgde.js Requested by Host: lv.adocean.pl URL: https://lv.adocean.pl/_1671894734571/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1600/y=1200 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.38.133.136 , France, ASN16276 (OVH, FR), Reverse DNS ip136.ip-54-38-133.eu Software GHC / Resource Hash a957d85b13842f9c53f551ac2e1f891562e588b14892b9384a6b0f6e1f9d59c1 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Sat, 24 Dec 2022 15:12:14 GMT content-encoding gzip last-modified Wed, 31 Aug 2022 06:49:43 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 etag "630F04870000D964BC018988" vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges none content-length 19348 expires Sun, 25 Dec 2022 15:12:14 GMT
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	46ms 46ms	Preflight application/json	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://link1s.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Sat, 24 Dec 2022 15:12:14 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 523281 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H/1.1	200 OK	localstore.js Show response script.4dex.io/ Frame 25A9	483 B 1023 B	43ms 42ms	Script application/javascript	2606:4700:20::681a:8a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 15:12:14 GMT Content-Encoding br CF-Cache-Status HIT Last-Modified Wed, 23 Nov 2022 15:43:18 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 2673663 ETag W/"922cffdd75f7192f75231d92684885aa" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4ryNKXWslu%2Bw4NI4OK5u95h%2BhAHLVBZYkQwBcFHECVPycfkzcz5kjI0QTxy983Um6omAl2qq13Vmvvmo0C5G%2FTR8eHwCBwNkZnKV2hdq3k%2Fy%2BoRgUyh34N2H6WyfBamwnQ3TTDYYu2Y9Xpm"}],"group":"cf-nel","max_age":604800} Cache-Control public, max-age=1800 Connection keep-alive CF-RAY 77ea462cff9b9238-FRA
GET H2	200	sid Show response mug.criteo.com/ Frame 25A9 Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=QUhmrXxlblNrTnlCeklYeWc3bnJCZ2VOemVtcU42QzlYN3BwcmVOSFFsL0ovZTBUckx1SjBxSWdsTWtRZGJWK1FEUVJZby9lSkRpK0tKOHdUTDVINjIxc0JWRVhnRkYxbzhUK3Roc042ZnVRQ0NkMk50VXZ4OTdra0E2Ul...	351 B 640 B	118ms 39ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=QUhmrXxlblNrTnlCeklYeWc3bnJCZ2VOemVtcU42QzlYN3BwcmVOSFFsL0ovZTBUckx1SjBxSWdsTWtRZGJWK1FEUVJZby9lSkRpK0tKOHdUTDVINjIxc0JWRVhnRkYxbzhUK3Roc042ZnVRQ0NkMk50VXZ4OTdra0E2UlRNakhLY3lYck1oVkNsVHFYTGhzZzdiN1F0MVJTMUp4VEsrT3BVaDRJRWVxUXIwZ3A2TDhpb1RGSzBKbnNRalM2bmhORTBydStWVVZzTytkajZmSnhIb3hJS29xV0RTaE5SU1FHNHp4RTB3RTlsemdQSDBNPXw&cppv=2 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 94c18587c84c078cb2863ada638c75039731054765113b36c32498239ad1fdb2 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 752337 expires 0 Redirect headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT strict-transport-security max-age=31536000; preload; server Kestrel access-control-allow-methods GET location https://mug.criteo.com/sid?cpp=QUhmrXxlblNrTnlCeklYeWc3bnJCZ2VOemVtcU42QzlYN3BwcmVOSFFsL0ovZTBUckx1SjBxSWdsTWtRZGJWK1FEUVJZby9lSkRpK0tKOHdUTDVINjIxc0JWRVhnRkYxbzhUK3Roc042ZnVRQ0NkMk50VXZ4OTdra0E2UlRNakhLY3lYck1oVkNsVHFYTGhzZzdiN1F0MVJTMUp4VEsrT3BVaDRJRWVxUXIwZ3A2TDhpb1RGSzBKbnNRalM2bmhORTBydStWVVZzTytkajZmSnhIb3hJS29xV0RTaE5SU1FHNHp4RTB3RTlsemdQSDBNPXw&cppv=2 access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 659168 content-length 0 expires 0
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 4370 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu	281 B 554 B	147ms 45ms	Document text/html	104.102.39.125 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.102.39.125 Hamburg, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-102-39-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://link1s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Sat, 24 Dec 2022 15:12:15 GMT ETag "403b9-119-5ec73a0a33d00" Last-Modified Wed, 02 Nov 2022 02:30:44 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-origin * content-length 0 date Sat, 24 Dec 2022 15:12:14 GMT location https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu server AkamaiGHost
GET H/1.1	200 OK	adagio.js Show response script.4dex.io/ Frame A16D	74 KB 24 KB	125ms 47ms	Fetch application/javascript	2606:4700:20::681a:8a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 15:12:15 GMT Content-Encoding br CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 41AJQNED5VNGJKHG Age 105491 Transfer-Encoding chunked Connection keep-alive x-amz-id-2 nerqCL2giREeOv9hnjVeqHsDbYGtA89CuUcxDGuT7rVQUxcQ84tDXcjKnN3gawFIYBnKx9KlPBBICZYfjaTWdg== Last-Modified Tue, 22 Nov 2022 09:44:15 GMT Server cloudflare ETag W/"c56b6332dacf72f135afcd153ae22448" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vVTmzdet4FomqLDG%2BrH0MKTkyVU9zxr1WGtI8cPYvq1lxpWA73KiYJliULwArZNyhN5SvcaYDtr8hooNP5q0%2BvhvFIWcbCFz1Dr2Gg6SCJxcpY%2BhBsHuAvgcPVPulVkK5U4ryJCb2MRc7B8"}],"group":"cf-nel","max_age":604800} Cache-Control public, max-age=1800 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding CF-RAY 77ea462dd99f9229-FRA
GET H2	200	gemius.js Show response adlv.hit.gemius.pl/ Frame 11EC	64 KB 17 KB	56ms 55ms	Script application/x-javascript	54.38.133.136 OVH
General Check archive.org Show headers Download Go to Full URL https://adlv.hit.gemius.pl/gemius.js Requested by Host: adlv.hit.gemius.pl URL: https://adlv.hit.gemius.pl/gdejs/xgde.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.38.133.136 , France, ASN16276 (OVH, FR), Reverse DNS ip136.ip-54-38-133.eu Software GHC / Resource Hash 0b13eb7f8a87824c641bdaa6901a83aa55f02e8920b0a6b3887f74d478e498bf Request headers accept-language de-DE,de;q=0.9 Referer https://adlv.hit.gemius.pl/gdejs/xgde.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:14 GMT content-encoding gzip last-modified Mon, 19 Dec 2022 17:44:03 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" content-type application/x-javascript cache-control max-age=43200 cross-origin-resource-policy cross-origin accept-ranges none content-length 17008 expires Sun, 25 Dec 2022 03:12:14 GMT
GET H2	200	cookie cm.adform.net/ Frame A16D	43 B 105 B	177ms 58ms	Image image/gif	37.157.6.253 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT server nginx content-length 43 content-type image/gif
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	316ms 40ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=bgL9VXxFeVJmckpKQlBUZVU0SVRKSkordE5wRG9iQ3ppazJoZnhhOFQwbm55WmpaKzJSRU5za2x5SUltKzlDQnUvbDUxYk5zdkNzb2liaHN6cEY2a2RCMkxuQkI2am1XcmViemlqWVphUjFvRENodU00VW91ZHI5bm1kaDhQUTRMUnVVeTBqUlpoaWUxV1BHTUlSc3psMHZLMUY3ckhXbXl3TkdkdnhSTHkzWGhEMC9jeDF0bTErQUhlUG9JcnBNYmlodFkvdEpMdmVrcGhLVE1sL2F1YjVqZ1E4VnJBM0ZTRzNZNDFXTkpxL3hVSXhnPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin null cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Sat, 24 Dec 2022 15:12:15 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 259195 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
POST H2	200	/ Show response link1s.com/sbbi/ Frame 6364	532 B 754 B	60ms 59ms	Document text/html	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://link1s.com/sbbi/?sbbpg=sbbShell&gprid=mo&sbbgs=h434f820ba5ec1ebca6502e7c48010595686&ddl=3 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software fbs / Resource Hash eebc1e16930f8c02d8df7b36daf1d89122876c974d5599cc37d6f6c4b6c7519d Request headers Content-Type application/x-www-form-urlencoded Origin https://link1s.com Referer https://link1s.com/sbbi/?sbbpg=sbbShell&gprid=mo&sbbgs=h434f820ba5ec1ebca6502e7c48010595686&ddl=3 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 24 Dec 2022 15:12:14 GMT server fbs x-accel-expires 0 x-hw 1671894734.cds166.fr8.hn,1671894734.cds276.fr8.sc,1671894734.cdn2-redis02-fra1.stackpath.systems.-.i,1671894734.cds276.fr8.p x-sp-metadata HS256.CN7JnJ0GEocBCiQwYTZiZDQ3Ny0xZGIzLTRlOWMtODBlNi0xODEwYzRiNWI2YjQQkIWIkYuR+wIaBgjOrZydBiIMODAuMjU1LjcuMTA4KMDrAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiYSJGJlZmJjNjYxLTFhNzEtNGViMC04MDMzLWY2ODdlZjY4YTgxZSIaCAISFGNkczI3Ni5mcjguaHdjZG4ubmV0GAg=.RW7Cv6ex1jw9bLOR/ELcV1pM6AGZ0F7aut2Xwqs6JnE=
OPTIONS H2	200	openrtb adx.adform.net/adx/ Frame	0 0	59ms 59ms	Preflight	37.157.6.253 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://link1s.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods POST,OPTIONS access-control-allow-origin https://link1s.com access-control-max-age 86400 allow POST,OPTIONS cache-control no-cache, no-store, must-revalidate, no-transform date Sat, 24 Dec 2022 15:12:14 GMT expires -1 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" pragma no-cache server nginx strict-transport-security max-age=31536000; includeSubDomains
POST H2	200	cookie_sync Show response prebid-stag.setupad.net/ Frame 25A9	275 B 488 B	69ms 68ms	XHR application/json	2606:4700:20::681a:9b2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prebid-stag.setupad.net/cookie_sync Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0eaee741cff05047dc7513ffacf9c11ab52c277383f407cdc67d8d8f66991247 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyxDMcfDy0JiEeP91Gb280HPgnnJ%2BxrEzAI1QupPZDdyQo39FwCJVPyTCb44srvbPN3U6wIkDvB9a%2BMVS3r6ZHr625Npm%2FlgmLQZHiWu1PrAYJj42Qqg0a3f%2BhbaYrhNIizdbYSnKAblAY08PBNvYbARl6eG"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 77ea462d98d38fe9-FRA expires 0
POST H2	200	auction Show response prebid-stag.setupad.net/openrtb2/ Frame 25A9	3 KB 2 KB	129ms 129ms	XHR application/json	2606:4700:20::681a:9b2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prebid-stag.setupad.net/openrtb2/auction Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2226e075d71311105aa743e76d8e04988700711254d60bc29c23216bbf4ba75 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:15 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-prebid pbs-go/0.234.0-3-gde6ed827 vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5%2BJanO6dYLPVftXYXT7qUtBxlZakSGolSnsG1KcrAai%2FiZMH4CJ8TgjpvbAy31Oh3cUCHTudU2V8Tlbh0wfJTtytwJ3K3U%2FgoEsPuSRuzawDtE2TZNS5M6bV84p6YLxBfJ3JJUYsEGvy63b%2BsPaF7eItoTV"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 77ea462d98d68fe9-FRA expires 0
POST		auction rtb.adxpremium.services/openrtb2/ Frame 25A9	0 0
POST H2	204	cdb Show response bidder.criteo.com/ Frame 25A9	0 211 B	66ms 65ms	XHR text/plain	2a02:2638::24 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=71567808005 Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers date Sat, 24 Dec 2022 15:12:14 GMT strict-transport-security max-age=31536000; preload; server Finatra vary Origin access-control-allow-origin https://link1s.com access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin *
POST H2	204	c Show response prebid.a-mo.net/a/ Frame 25A9	0 20 B	42ms 42ms	XHR text/plain	147.75.85.234 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers x-nbr 8 date Sat, 24 Dec 2022 15:12:14 GMT server envoy vary origin, Accept-Encoding access-control-allow-origin https://link1s.com cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 1
POST H2	204	prebid Show response mp.4dex.io/ Frame 25A9	0 40 B	64ms 63ms	XHR text/plain	2606:4700::6812:372 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mp.4dex.io/prebid Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT x-err Parsing the Prebid Request. unparseable manager site domain x-version 3.0.0-gcp-ams cf-cache-status DYNAMIC via 1.1 google server cloudflare vary Origin, Accept-Encoding access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 77ea462d9b5b917c-FRA expires 0
POST H2	200	adjson Show response ads.betweendigital.com/ Frame 25A9	2 B 300 B	49ms 48ms	XHR application/json	188.42.191.196 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://ads.betweendigital.com/adjson?t=prebid Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://link1s.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-encoding gzip vary Accept-Encoding content-type application/json
POST H2	204	translator Show response hbopenbid.pubmatic.com/ Frame 25A9	0 56 B	83ms 83ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://link1s.com date Sat, 24 Dec 2022 15:12:15 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H2	200	prebid-request Show response onetag-sys.com/ Frame 25A9	15 B 357 B	39ms 38ms	XHR application/json	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip content-type application/json access-control-allow-origin https://link1s.com p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' cache-control no-transform, no-cache access-control-allow-credentials true access-control-allow-headers content-type, origin, referer, user-agent content-length 41
POST H2	204	openrtb Show response adx.adform.net/adx/ Frame 25A9	0 404 B	62ms 61ms	XHR text/plain	37.157.6.253 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:15 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx access-control-max-age 86400 access-control-allow-methods POST,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1
POST H2	204	bids Show response prebid-eu.creativecdn.com/bidder/prebid/ Frame 25A9	0 172 B	41ms 40ms	XHR text/plain	185.184.8.90 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-90.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://link1s.com date Sat, 24 Dec 2022 15:12:14 GMT access-control-allow-credentials true vary Origin access-control-max-age 3600 access-control-allow-methods POST
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 25A9	14 KB 8 KB	148ms 148ms	XHR application/json	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash b0552937c570bc92f642c88f1caa7db8c08470f880a4fd0b85b9873315ddc37e Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers Date Sat, 24 Dec 2022 15:12:15 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 8c0643db-29f9-438a-870e-7e3997234ac4 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://link1s.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	collector-fe29f59.js Show response cdn.pbstck.com/ Frame 25A9	147 KB 41 KB	166ms 126ms	XHR application/javascript	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.pbstck.com/collector-fe29f59.js Requested by Host: boot.pbstck.com URL: https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02fdd4f259ce2e897b1fb10636a5f79c7560fd394721b53892316e11ee97e5d9 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT content-encoding br cf-cache-status HIT age 328262 x-guploader-uploadid ADPycdurUHMy1awZjmll0bd9xf3xI_xIeHRKvJt1LCiP6kAirubLk8zsQvsz6ZzYOdZkRiDF25WFcnlZRx6LKYdR1Ys6z8RLLX5m x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 13 Dec 2022 15:45:54 GMT server cloudflare etag W/"0f0c7663da4109a37deb90115a448b57" vary Accept-Encoding x-goog-hash crc32c=koXiYQ==, md5=Dwx2Y9pBCaN965ARWkSLVw== x-goog-generation 1670946354895591 content-type application/javascript access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=604800, immutable x-goog-stored-content-length 40466 cf-ray 77ea462def0b90c4-FRA expires Tue, 27 Dec 2022 19:19:23 GMT
GET H3	200	index-monitoring-301583c.js Show response cdn.pbstck.com/ Frame 25A9	183 KB 51 KB	91ms 52ms	XHR application/javascript	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.pbstck.com/index-monitoring-301583c.js Requested by Host: boot.pbstck.com URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 628df093648df73d0dbff4905ba7262d40e4e70bead5b3ae73ab4634965719fb Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT content-encoding br cf-cache-status HIT age 365593 x-guploader-uploadid ADPycdu3CiTlrTktQw5otzUVoSyrHFBHPHZ0rh5EY4AaZn4DMK91nHCjNIvH_HnVic9qjjsKha59wYgtIFvMVVvA5zhsb5IttsxD x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 12 Dec 2022 16:22:05 GMT server cloudflare etag W/"2792a8f5102a28ea35670b4c11d66b7d" vary Accept-Encoding x-goog-hash crc32c=K58Y6w==, md5=J5Ko9RAqKOo1ZwtMEdZrfQ== x-goog-generation 1670862125732888 content-type application/javascript access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=604800, immutable x-goog-stored-content-length 50705 cf-ray 77ea462ddf0a90c4-FRA expires Tue, 27 Dec 2022 09:33:03 GMT
GET H3	200	index-refresh-301583c.js Show response cdn.pbstck.com/ Frame 25A9	148 KB 42 KB	208ms 169ms	XHR application/javascript	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.pbstck.com/index-refresh-301583c.js Requested by Host: boot.pbstck.com URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad1075241aa892fe10fd2f06072fd9d2d88bc4f51e6bd32bcc8444d5997a1153 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT content-encoding br cf-cache-status HIT age 365841 x-guploader-uploadid ADPycdtlkn5zgGdGAfKhPh4fN3GaHw5vMyys6IoENCq_2LH9NNHiVXkHAojtTRGDTsB8TeR31EJjfY7xda4TWTk1Na0fg4tVrTO_ x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 12 Dec 2022 16:22:09 GMT server cloudflare etag W/"4bfc9434348caf53e03a05f3e7b5a6e3" vary Accept-Encoding x-goog-hash crc32c=krrFFQ==, md5=S/yUNDSMr1PgOgXz57Wm4w== x-goog-generation 1670862129104500 content-type application/javascript access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=604800, immutable x-goog-stored-content-length 41934 cf-ray 77ea462def0c90c4-FRA expires Tue, 27 Dec 2022 08:45:30 GMT
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	294ms 40ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=QUhmrXxlblNrTnlCeklYeWc3bnJCZ2VOemVtcU42QzlYN3BwcmVOSFFsL0ovZTBUckx1SjBxSWdsTWtRZGJWK1FEUVJZby9lSkRpK0tKOHdUTDVINjIxc0JWRVhnRkYxbzhUK3Roc042ZnVRQ0NkMk50VXZ4OTdra0E2UlRNakhLY3lYck1oVkNsVHFYTGhzZzdiN1F0MVJTMUp4VEsrT3BVaDRJRWVxUXIwZ3A2TDhpb1RGSzBKbnNRalM2bmhORTBydStWVVZzTytkajZmSnhIb3hJS29xV0RTaE5SU1FHNHp4RTB3RTlsemdQSDBNPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin null cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Sat, 24 Dec 2022 15:12:14 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 535329 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
POST H2	200	extra=; adlv.hit.gemius.pl/_1671894734970/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=63A716CDD4316785;/inner=%7C;/	2 B 177 B	68ms 67ms	Ping application/x-javascript	54.38.133.136 OVH
General Check archive.org Show headers Download Go to Full URL https://adlv.hit.gemius.pl/_1671894734970/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=63A716CDD4316785;/inner=%7C;/extra=; Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.38.133.136 , France, ASN16276 (OVH, FR), Reverse DNS ip136.ip-54-38-133.eu Software GHC / Resource Hash 75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT server GHC accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p CP="NOI DSP COR NID PSAo OUR IND" access-control-allow-origin https://link1s.com content-type application/x-javascript cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true cross-origin-resource-policy cross-origin accept-ranges none content-length 2 expires Fri, 23 Dec 2022 15:12:14 GMT
GET H2	200	footer.jpg link1s.com/cloud_theme/build/img/	18 KB 19 KB	50ms 49ms	Image image/jpeg	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Show image Full URL https://link1s.com/cloud_theme/build/img/footer.jpg Requested by Host: link1s.com URL: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software fbs / Resource Hash 4490d0650e3dfb1cbad3fff7bd9d56e557e3894956c4ba05900723803fab21ff Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT x-sp-metadata HS256.CN/JnJ0GEocBCiQ1ZTIwNjVkYy1jYjQ5LTRkMWItODIzNC0xMjRhZjRkNjJhYjAQkIWIkYuR+wIaBgjPrZydBiIMODAuMjU1LjcuMTA4KMDrAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkNGYzMjkxMmItYjk3Ni00NGMyLWE2YjUtYjc2YzdjNzA5Y2M4GISRASIYCAISFGNkczI3NS5mcjguaHdjZG4ubmV0.NGEH50zcwSyitMe+S8G/f2VInIVusdwJMhZAWdQJ1YU= last-modified Mon, 15 Jun 2020 06:02:55 GMT server fbs etag "5ee70f0f-4884" x-hw 1671894734.cds166.fr8.hn,1671894735.cds275.fr8.c content-type image/jpeg access-control-allow-origin * cache-control max-age=2592000, public accept-ranges bytes content-length 18564
GET H2	200	moneybile.js Show response ads.themoneytizer.com/	38 KB 16 KB	47ms 47ms	Script application/javascript	2a02:6ea0:c700::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneybile.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/gen.js?type=5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 4006e0481f9cfffd3a579c3dcbdad1b6953e844c1e3c76a8d9f86844c98d87a3 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-77-nzt AcO1rgXxSh7/qI4AAA pragma public date Sat, 24 Dec 2022 15:12:15 GMT x-77-pop frankfurtDE x-accel-expires @1671944615 last-modified Fri, 12 Mar 2021 17:07:19 GMT server CDN77-Turbo content-encoding gzip x-77-nzt-ray 25b0213101037246cf16a763a0d41f00 x-cache HIT content-type application/javascript x-77-cache HIT cache-control max-age=86400, public, no-transform x-age 36520 expires Sat, 24 Dec 2022 05:03:34 GMT
GET H/1.1	200 OK	/ Show response c.tmyzer.com/c/	0 270 B	310ms 86ms	XHR text/html	54.38.64.100 OVH
General Check archive.org Show headers Download Go to Full URL https://c.tmyzer.com/c/?s=79438&f=5&fi=99 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.38.64.100 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sat, 24 Dec 2022 15:12:15 GMT Server nginx X-IPLB-Request-ID 50FF076C:C084_36264064:01BB_63A716CF_EAE276B:0B53 X-IPLB-Instance 24858 Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	6f4bcf39-b286-4d76-b513-ffb5541d5167-trk.js Show response wt.rqtrk.eu/	10 KB 5 KB	224ms 39ms	Script application/javascript	141.95.97.230 OVH
General Check archive.org Show headers Download Go to Full URL https://wt.rqtrk.eu/6f4bcf39-b286-4d76-b513-ffb5541d5167-trk.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.97.230 , France, ASN16276 (OVH, FR), Reverse DNS haproxy-eu-001.roqad.pl Software istio-envoy / Resource Hash b68db61ea0dfea3990d4d6d63e2e28b4e9898aa0badec7b85bf59fd7bb21c015 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT via 1.1 df26103dc140569d7032449c70c3b140.cloudfront.net (CloudFront) content-encoding gzip last-modified Tue, 13 Dec 2022 14:20:55 GMT server istio-envoy x-amz-cf-pop FRA2-C2 age 7952 etag W/"82fef41533854eb9348a85e5baf8c3af" vary Accept-Encoding,Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control max-age=86400,public x-envoy-upstream-service-time 0 x-amz-cf-id m8zmINce0jLkuwZx8aY-Xx7k4jt2A0uMmnRE8XM_vkP70Zf6z9UHmQ== expires Sun, 25 Dec 2022 15:12:15 GMT
GET H/1.1	200 OK	smart.js Show response ced.sascdn.com/tag/1097/	96 KB 32 KB	197ms 50ms	Script application/javascript	2.18.79.144 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ced.sascdn.com/tag/1097/smart.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.18.79.144 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-18-79-144.deploy.static.akamaitechnologies.com Software / Resource Hash f3ee14e4f07308e0abdb306f63f6ed348fa8f9da18cf161777492083a509370a Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 15:12:15 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/javascript; charset=UTF-8 Cache-Control public, max-age=7200 Connection keep-alive Content-Length 32836 Expires Sat, 24 Dec 2022 17:12:15 GMT
GET H2	200	sync Show response gum.criteo.com/	49 B 290 B	51ms 50ms	Script text/javascript	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:14 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control private, max-age=3600 server-processing-duration-in-ticks 721135 expires 60
GET H2	200	mapper.js Show response spl.zeotap.com/	61 KB 20 KB	150ms 54ms	Script application/javascript	2606:4700:10::6816:1957 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 52d507688e76dfbe48fce79beb89be7f30101e95e9e06c121c461e30517ab36f Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC server cloudflare vary Origin, Accept-Encoding content-type application/javascript access-control-allow-origin https://link1s.com access-control-allow-credentials true cf-ray 77ea462e6d988fef-FRA access-control-allow-headers *
GET H/1.1	200 OK	libJsLP.js Show response tag.leadplace.fr/	5 KB 6 KB	244ms 51ms	Script application/javascript	145.239.192.166 OVH
General Check archive.org Show headers Download Go to Full URL https://tag.leadplace.fr/libJsLP.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.192.166 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.1 / Resource Hash 80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 15:12:15 GMT Last-Modified Thu, 07 Oct 2021 11:26:48 GMT Server nginx/1.20.1 X-IPLB-Request-ID 50FF076C:ED3C_91EFC0A6:01BB_63A716CF_49CC955F:237B8 ETag "615ed978-15ab" X-IPLB-Instance 30195 Content-Type application/javascript Accept-Ranges bytes Content-Length 5547
GET H2	204	/ onetag-sys.com/usync/ Frame F6B7	0 0	39ms 38ms	Document text/plain	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1671894734989 Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://link1s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-store strict-transport-security max-age=15552000
GET H2	200	quant.js Show response secure.quantserve.com/	25 KB 10 KB	188ms 41ms	Script application/javascript	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT content-encoding gzip etag "StHfV9prSwQMxjKWocWEFw==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Sat, 31 Dec 2022 15:12:15 GMT
GET H/1.1	200 OK	px.js Show response p.cpx.to/p/12762/	2 KB 2 KB	259ms 55ms	Script application/javascript	63.32.186.221 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://p.cpx.to/p/12762/px.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.32.186.221 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-32-186-221.eu-west-1.compute.amazonaws.com Software / Resource Hash ee9923b738244929a3c2209848466bccd86eae3672fdef053a0272b60a9e0dfe Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 15:12:15 GMT Cache-Control max-age=2419200, public Connection keep-alive Content-Length 1990 Content-Type application/javascript; charset=UTF-8
GET H/1.1	200 OK	notifyme.js Show response d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/	25 KB 26 KB	173ms 53ms	Script text/javascript	13.224.98.205 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.224.98.205 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-98-205.zrh50.r.cloudfront.net Software Apache / Resource Hash b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 03:26:28 GMT Via 1.1 e6b325a976b10aa826ec63757afbdeda.cloudfront.net (CloudFront) Last-Modified Mon, 18 Feb 2019 16:54:28 GMT Server Apache X-Amz-Cf-Pop ZRH50-C1 Age 42352 X-Cache Hit from cloudfront Content-Type text/javascript Connection keep-alive Accept-Ranges bytes Content-Length 25704 X-Amz-Cf-Id r7UOFwHwqIoLJuPflj82hMRlLei-OvOltlgS_uERnwzdWJe_MOB_zQ==
GET H2	200	prebid.js Show response ads.themoneytizer.com/moneybid7_28/build/dist/	572 KB 181 KB	51ms 50ms	Script application/javascript	2a02:6ea0:c700::11 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://ads.themoneytizer.com/moneybid7_28/build/dist/prebid.js Requested by Host: ads.themoneytizer.com URL: https://ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash a8e48d9bab9acaaf7e219c553dff37ce9707d9f4ed9d31c0c3e79d6ba31e8472 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-77-nzt AcO1rgVPpFz/qI4AAA pragma public date Sat, 24 Dec 2022 15:12:15 GMT x-77-pop frankfurtDE x-accel-expires @1671944615 last-modified Thu, 08 Dec 2022 19:26:45 GMT server CDN77-Turbo content-encoding gzip x-77-nzt-ray 25b0213101037246cf16a76309038d00 x-cache HIT content-type application/javascript x-77-cache HIT cache-control max-age=86400, public, no-transform x-age 36520 expires Sat, 24 Dec 2022 05:03:34 GMT
GET H/1.1	200 OK	adagio.js Show response script.4dex.io/ Frame 25A9	74 KB 24 KB	121ms 57ms	Fetch application/javascript	2606:4700:20::681a:8a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 15:12:15 GMT Content-Encoding br CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 41AJQNED5VNGJKHG Age 105491 Transfer-Encoding chunked Connection keep-alive x-amz-id-2 nerqCL2giREeOv9hnjVeqHsDbYGtA89CuUcxDGuT7rVQUxcQ84tDXcjKnN3gawFIYBnKx9KlPBBICZYfjaTWdg== Last-Modified Tue, 22 Nov 2022 09:44:15 GMT Server cloudflare ETag W/"c56b6332dacf72f135afcd153ae22448" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jB51U94wtB54VNAVFHLBIRqRrsSlmFCAIX3ZrEPGXsBAZ1LrPeCyeM0y5TDBDvKSICOD8Hm3fq4QnBxEXF8MqwyIjNW2mJYtFgw%2BNcg%2Bp9Sqr6Chkc%2FQfnSp9IDyQ87jTDlztkDnToLY3PIf"}],"group":"cf-nel","max_age":604800} Cache-Control public, max-age=1800 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding CF-RAY 77ea462e39f99229-FRA
GET H3	200	f0e1efd3-353f-4ff1-b037-202b7bb3383d Show response boot.pbstck.com/v1/tag/ Frame 0B9C	1 KB 793 B	83ms 83ms	Script application/javascript	2606:4700:10::6816:5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f30adad22f58a4ce17b068d3539990342253f9065049e35d0dcd724b5bec2f93 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare content-type application/javascript access-control-allow-origin * cache-control private,max-age=120 timing-allow-origin * cf-ray 77ea462dd97c9944-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Show response boot.pbstck.com/v1/tag/ Frame 0B9C	2 KB 812 B	79ms 78ms	Script application/javascript	2606:4700:10::6816:5d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:5d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c833cd4e7862b29dc4793819e44b0f7a7f4f960c712fea4e1a1ab9c2d63e327 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare content-type application/javascript access-control-allow-origin * cache-control private,max-age=120 timing-allow-origin * cf-ray 77ea462dd97d9944-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	stpd220112.js Show response stpd.cloud/assets/postbid/ Frame 0B9C	480 KB 138 KB	58ms 58ms	Script application/javascript	2606:4700::6812:1e31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stpd.cloud/assets/postbid/stpd220112.js Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3211d6ac46aa12ce3d633d4676d2e352568cc27c11aaf673265243ff2c39e11 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sat, 24 Dec 2022 15:12:15 GMT content-encoding br cf-cache-status HIT content-md5 HjfY42wqSWw306GoqTYOLw== age 3957 x-ms-lease-status unlocked last-modified Mon, 12 Dec 2022 09:03:11 GMT server cloudflare vary Origin, Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id a40b35fb-901e-001e-6db2-13134f000000 cache-control public, max-age=14400 x-ms-version 2009-09-19 cf-ray 77ea462ddf2b9143-FRA expires Sat, 24 Dec 2022 19:12:15 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/	407 KB 163 KB	120ms 37ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://link1s.com/ Origin https://link1s.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 12:36:18 GMT content-encoding gzip x-content-type-options nosniff age 9357 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 166478 x-xss-protection 0 last-modified Thu, 15 Dec 2022 05:24:10 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 24 Dec 2023 12:36:18 GMT
GET H/1.1	200	9.gif id5-sync.com/i/12/	43 B 1 KB	41ms 41ms	Image image/gif	141.95.98.64 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent= Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.95.98.64 , France, ASN16276 (OVH, FR), Reverse DNS ns3216658.ip-141-95-98.eu Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-type image/gif;charset=UTF-8 date Sat, 24 Dec 2022 15:12:14 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers transfer-encoding chunked p3p CP="CAO PSA OUR"
GET H2	200	cookie cm.adform.net/ Frame 25A9	43 B 106 B	65ms 57ms	Image image/gif	37.157.6.253 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT server nginx content-length 43 content-type image/gif
GET H2	200	/ Show response link1s.com/sbbi/ Frame 6364	7 KB 3 KB	52ms 51ms	Document text/html	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://link1s.com/sbbi/?sbbpg=sbbShell&gprid=mo Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software fbs / Resource Hash 397ecc3eb46df28c816fe14bfcba4655d4cdfcc72d2655f1936b1a57e73de652 Request headers Referer https://link1s.com/sbbi/?sbbpg=sbbShell&gprid=mo&sbbgs=h434f820ba5ec1ebca6502e7c48010595686&ddl=3 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 date Sat, 24 Dec 2022 15:12:15 GMT server fbs x-accel-expires 0 x-hw 1671894735.cds166.fr8.hn,1671894735.cds205.fr8.sc,1671894735.waf1-node03-fra02.stackpath.systems.-.i,1671894735.cds205.fr8.p x-sp-metadata HS256.CN/JnJ0GEocBCiRhN2JmMGIxZS05OWI3LTQ5MDMtYTQ4OC1kNTZkMzE5MWExYjAQkIWIkYuR+wIaBgjPrZydBiIMODAuMjU1LjcuMTA4KMDrAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiYSJDNkMmFhN2Y1LWYxMGUtNDA1Ni05ZTQwLTAwN2IxZTdjNjVlOSIaCAISFGNkczIwNS5mcjguaHdjZG4ubmV0GAg=.LZ1UdJXJqnzhKR6SpkrYCaBlMcf548/06zmBi6wPBIk=
GET H2	200	lsget.html Show response ls.hit.gemius.pl/ Frame ACB9	5 KB 3 KB	226ms 60ms	Document text/html	146.59.30.104 OVH
General Check archive.org Show headers Download Go to Full URL https://ls.hit.gemius.pl/lsget.html Requested by Host: adlv.hit.gemius.pl URL: https://adlv.hit.gemius.pl/gemius.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 146.59.30.104 , France, ASN16276 (OVH, FR), Reverse DNS ip104.ip-146-59-30.eu Software GHC / Resource Hash 421e6f89ddceff2ac0ccf44f83d0838235376120381f39d1fa8ca64c47c37647 Request headers Referer https://adlv.hit.gemius.pl/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 accept-ranges none cache-control private, max-age=2592000 content-encoding gzip content-length 2726 content-type text/html;charset=utf-8 cross-origin-resource-policy cross-origin date Sat, 24 Dec 2022 15:12:15 GMT etag PRIVATE7520710249 expires Mon, 23 Jan 2023 15:12:15 GMT last-modified Mon, 16 Jul 2012 10:03:40 GMT p3p CP="NOI DSP COR NID PSAo OUR IND" server GHC vary Accept-Encoding,Origin,User-Agent
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 4F0B	34 KB 10 KB	45ms 45ms	Script text/html	104.102.39.125 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.102.39.125 Hamburg, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-102-39-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 0cf05fd065a38b84893b9f242784641996e1098497db77b01d8fbca2172f3307 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 15:12:15 GMT Content-Encoding gzip Last-Modified Sat, 24 Dec 2022 01:56:58 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=38684 Connection keep-alive Content-Length 10067 Expires Sun, 25 Dec 2022 01:56:59 GMT
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 4370	34 KB 10 KB	46ms 45ms	Script text/html	104.102.39.125 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.102.39.125 Hamburg, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-102-39-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 0cf05fd065a38b84893b9f242784641996e1098497db77b01d8fbca2172f3307 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 15:12:15 GMT Content-Encoding gzip Last-Modified Sat, 24 Dec 2022 01:56:58 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=38684 Connection keep-alive Content-Length 10067 Expires Sun, 25 Dec 2022 01:56:59 GMT
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	46ms 46ms	Preflight application/json	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://link1s.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Sat, 24 Dec 2022 15:12:14 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 418368 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H/1.1	200 OK	localstore.js Show response script.4dex.io/ Frame 0B9C	483 B 1023 B	46ms 46ms	Script application/javascript	2606:4700:20::681a:8a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 15:12:15 GMT Content-Encoding br CF-Cache-Status HIT Last-Modified Wed, 23 Nov 2022 15:43:18 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Age 2673664 ETag W/"922cffdd75f7192f75231d92684885aa" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7BQKVdgELWmpbWdM4sM9R909abq%2BRJzBiNeMbF2qeO6wnVPFN6q6%2FMP0BFBBgWVfCsJ2NQ3uSdqJf%2FfsboKQ763UdeEx1H4HkBwXLLkPqtds1UXElLEsjqyWQRreLcoJ%2FAXj%2FYJMUJsUhgQg"}],"group":"cf-nel","max_age":604800} Cache-Control public, max-age=1800 Connection keep-alive CF-RAY 77ea462e99da9238-FRA
GET H2	200	sid Show response mug.criteo.com/ Frame 0B9C Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=_5JCvnx2bGlOcFVjZ3BreE9id29GYTQxdkhQQ1h6NjV3MXRDWi8zb29Ma1JXSTFwY3FibDR6ZTA5azBXcHA3WFpGR0l4YjFxelJYclZOYVNmL0wrS1ZmbTNZTXVjWE1JeFJwL05jdFdDeXIveW15WGc3ZGFiVnN5bzlNRT...	362 B 650 B	41ms 40ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=_5JCvnx2bGlOcFVjZ3BreE9id29GYTQxdkhQQ1h6NjV3MXRDWi8zb29Ma1JXSTFwY3FibDR6ZTA5azBXcHA3WFpGR0l4YjFxelJYclZOYVNmL0wrS1ZmbTNZTXVjWE1JeFJwL05jdFdDeXIveW15WGc3ZGFiVnN5bzlNRTlNY1RWZ3dyY2JCOUVvdHU3SUowL0pBZDdHL3NFb09oLzZjMjVJbXZMcHVHMktzaGdwNFdkS1kydWdHVWlzN0N5SzV6WVlVajhocS9JMDJjVUJxK1VsL0V1NEZ3ZlAzVnZJQjJUcHdveUlGckxMSWJlY2NRPXw&cppv=2 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash b7ff6469a87aeecda5d22eaa9473131417b32fa9c06a043a40f271ab9a8e5ab9 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1696105 expires 0 Redirect headers pragma no-cache date Sat, 24 Dec 2022 15:12:14 GMT strict-transport-security max-age=31536000; preload; server Kestrel access-control-allow-methods GET location https://mug.criteo.com/sid?cpp=_5JCvnx2bGlOcFVjZ3BreE9id29GYTQxdkhQQ1h6NjV3MXRDWi8zb29Ma1JXSTFwY3FibDR6ZTA5azBXcHA3WFpGR0l4YjFxelJYclZOYVNmL0wrS1ZmbTNZTXVjWE1JeFJwL05jdFdDeXIveW15WGc3ZGFiVnN5bzlNRTlNY1RWZ3dyY2JCOUVvdHU3SUowL0pBZDdHL3NFb09oLzZjMjVJbXZMcHVHMktzaGdwNFdkS1kydWdHVWlzN0N5SzV6WVlVajhocS9JMDJjVUJxK1VsL0V1NEZ3ZlAzVnZJQjJUcHdveUlGckxMSWJlY2NRPXw&cppv=2 access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 609775 content-length 0 expires 0
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame D041 Redirect Chain https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu	281 B 554 B	44ms 43ms	Document text/html	104.102.39.125 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.102.39.125 Hamburg, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-102-39-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Referer https://link1s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Sat, 24 Dec 2022 15:12:15 GMT ETag "403b9-119-5ec73a0a33d00" Last-Modified Wed, 02 Nov 2022 02:30:44 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding Redirect headers access-control-allow-credentials true access-control-allow-origin * content-length 0 date Sat, 24 Dec 2022 15:12:15 GMT location https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu server AkamaiGHost
GET H3	200	index-monitoring-301583c.js Show response cdn.pbstck.com/ Frame 0B9C	183 KB 50 KB	54ms 54ms	XHR application/javascript	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.pbstck.com/index-monitoring-301583c.js Requested by Host: boot.pbstck.com URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 628df093648df73d0dbff4905ba7262d40e4e70bead5b3ae73ab4634965719fb Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT content-encoding br cf-cache-status HIT age 365593 x-guploader-uploadid ADPycdu3CiTlrTktQw5otzUVoSyrHFBHPHZ0rh5EY4AaZn4DMK91nHCjNIvH_HnVic9qjjsKha59wYgtIFvMVVvA5zhsb5IttsxD x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 12 Dec 2022 16:22:05 GMT server cloudflare etag W/"2792a8f5102a28ea35670b4c11d66b7d" vary Accept-Encoding x-goog-hash crc32c=K58Y6w==, md5=J5Ko9RAqKOo1ZwtMEdZrfQ== x-goog-generation 1670862125732888 content-type application/javascript access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=604800, immutable x-goog-stored-content-length 50705 cf-ray 77ea462eb80990c4-FRA expires Tue, 27 Dec 2022 09:33:03 GMT
GET H3	200	index-refresh-301583c.js Show response cdn.pbstck.com/ Frame 0B9C	148 KB 42 KB	69ms 68ms	XHR application/javascript	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.pbstck.com/index-refresh-301583c.js Requested by Host: boot.pbstck.com URL: https://boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ad1075241aa892fe10fd2f06072fd9d2d88bc4f51e6bd32bcc8444d5997a1153 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT content-encoding br cf-cache-status HIT age 365841 x-guploader-uploadid ADPycdtlkn5zgGdGAfKhPh4fN3GaHw5vMyys6IoENCq_2LH9NNHiVXkHAojtTRGDTsB8TeR31EJjfY7xda4TWTk1Na0fg4tVrTO_ x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 12 Dec 2022 16:22:09 GMT server cloudflare etag W/"4bfc9434348caf53e03a05f3e7b5a6e3" vary Accept-Encoding x-goog-hash crc32c=krrFFQ==, md5=S/yUNDSMr1PgOgXz57Wm4w== x-goog-generation 1670862129104500 content-type application/javascript access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=604800, immutable x-goog-stored-content-length 41934 cf-ray 77ea462eb80b90c4-FRA expires Tue, 27 Dec 2022 08:45:30 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 4F0B	284 B 536 B	211ms 52ms	Image image/jpg	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/jpg Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 284 X-RPHost 611afce88997db6fdd35eb213e662871 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	200	collector-fe29f59.js Show response cdn.pbstck.com/ Frame 0B9C	147 KB 41 KB	54ms 53ms	XHR application/javascript	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.pbstck.com/collector-fe29f59.js Requested by Host: boot.pbstck.com URL: https://boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02fdd4f259ce2e897b1fb10636a5f79c7560fd394721b53892316e11ee97e5d9 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT content-encoding br cf-cache-status HIT age 328262 x-guploader-uploadid ADPycdurUHMy1awZjmll0bd9xf3xI_xIeHRKvJt1LCiP6kAirubLk8zsQvsz6ZzYOdZkRiDF25WFcnlZRx6LKYdR1Ys6z8RLLX5m x-goog-storage-class STANDARD x-goog-metageneration 2 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 13 Dec 2022 15:45:54 GMT server cloudflare etag W/"0f0c7663da4109a37deb90115a448b57" vary Accept-Encoding x-goog-hash crc32c=koXiYQ==, md5=Dwx2Y9pBCaN965ARWkSLVw== x-goog-generation 1670946354895591 content-type application/javascript access-control-allow-origin * access-control-expose-headers Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=604800, immutable x-goog-stored-content-length 40466 cf-ray 77ea462f287290c4-FRA expires Tue, 27 Dec 2022 19:19:23 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 4370	284 B 536 B	207ms 51ms	Image image/jpg	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/jpg Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 284 X-RPHost 611afce88997db6fdd35eb213e662871 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
OPTIONS H2	200	openrtb adx.adform.net/adx/ Frame	0 0	57ms 56ms	Preflight	37.157.6.253 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://link1s.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With access-control-allow-methods POST,OPTIONS access-control-allow-origin https://link1s.com access-control-max-age 86400 allow POST,OPTIONS cache-control no-cache, no-store, must-revalidate, no-transform date Sat, 24 Dec 2022 15:12:15 GMT expires -1 p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" pragma no-cache server nginx strict-transport-security max-age=31536000; includeSubDomains
POST H2	200	cookie_sync Show response prebid-stag.setupad.net/ Frame 0B9C	275 B 489 B	50ms 50ms	XHR application/json	2606:4700:20::681a:9b2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prebid-stag.setupad.net/cookie_sync Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0eaee741cff05047dc7513ffacf9c11ab52c277383f407cdc67d8d8f66991247 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:15 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYIlyEtiIFIADmRa0tU%2BoGuGTUtXMypu7BnkTyTT3AXXYLSOqGT3YPv%2Fu1wVpgeR4EFa8rrtqDPXhp%2BjCWP2NGveMAUY9kGQJq7kuGvKvCbvI04IArTfsvBgqjAJR6I7l2KNdoponp%2BYdJab1Hukt7BlarVc"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 77ea462f5be98fe9-FRA expires 0
POST H2	200	auction Show response prebid-stag.setupad.net/openrtb2/ Frame 0B9C	236 B 481 B	101ms 101ms	XHR application/json	2606:4700:20::681a:9b2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prebid-stag.setupad.net/openrtb2/auction Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee5eceb0ff7268fa16946aa8743c70a02ef9be829b824cb435a4db72ae3c8ed1 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:15 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-prebid pbs-go/0.234.0-3-gde6ed827 vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yngZkKGf8Jct7FrY6AixdS7PDwngUFKHJw7QN2iaUYz58XojOiuxG1Xx4dRn%2BTCsxVlDQmNjh%2FLZwPtiYTr%2FZ7hKtTByKQnLHKb2LFdoBVNabN3s3hMDDEIuPiJIekQ7dEPX8C8IHeTa3tNGRfHckGLyp78%2F"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 77ea462f5bea8fe9-FRA expires 0
POST H2	204	cdb Show response bidder.criteo.com/ Frame 0B9C	0 211 B	65ms 65ms	XHR text/plain	2a02:2638::24 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=21831062226 Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers date Sat, 24 Dec 2022 15:12:15 GMT strict-transport-security max-age=31536000; preload; server Finatra vary Origin access-control-allow-origin https://link1s.com access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin *
POST		auction rtb.adxpremium.services/openrtb2/ Frame 0B9C	0 0
POST H/1.1	200 OK	prebid Show response ib.adnxs.com/ut/v3/ Frame 0B9C	17 KB 9 KB	135ms 134ms	XHR application/json	37.252.172.123 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash c7d665b488f5718ec5465dc2907ad97bc1fcdda7d13d3269c0fb7068161e99e5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers Date Sat, 24 Dec 2022 15:12:15 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 80.255.7.108; 80.255.7.108; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 89aae87f-06bd-45c9-808e-ffc2590786d8 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://link1s.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	openrtb Show response adx.adform.net/adx/ Frame 0B9C	0 404 B	57ms 56ms	XHR text/plain	37.157.6.253 ADFORM
General Check archive.org Show headers Download Go to Full URL https://adx.adform.net/adx/openrtb Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:15 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx access-control-max-age 86400 access-control-allow-methods POST,OPTIONS p3p CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT" access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With expires -1
POST H2	204	translator Show response hbopenbid.pubmatic.com/ Frame 0B9C	0 56 B	80ms 80ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://link1s.com date Sat, 24 Dec 2022 15:12:14 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H2	204	c Show response prebid.a-mo.net/a/ Frame 0B9C	0 41 B	43ms 43ms	XHR text/plain	147.75.85.234 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers x-nbr 8 date Sat, 24 Dec 2022 15:12:15 GMT server envoy vary origin, Accept-Encoding access-control-allow-origin https://link1s.com cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 1
POST H2	204	prebid Show response mp.4dex.io/ Frame 0B9C	0 64 B	63ms 61ms	XHR text/plain	2606:4700::6812:372 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mp.4dex.io/prebid Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:15 GMT x-err Parsing the Prebid Request. unparseable manager site domain x-version 3.0.0-gcp-ams cf-cache-status DYNAMIC via 1.1 google server cloudflare vary Origin, Accept-Encoding access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cf-ray 77ea462f6f55917c-FRA expires 0
POST H2	204	bids Show response prebid-eu.creativecdn.com/bidder/prebid/ Frame 0B9C	0 172 B	42ms 40ms	XHR text/plain	185.184.8.90 RTB-HOUSE-AMS
General Check archive.org Show headers Download Go to Full URL https://prebid-eu.creativecdn.com/bidder/prebid/bids Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL), Reverse DNS ip-185-184-8-90.rtbhouse.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://link1s.com date Sat, 24 Dec 2022 15:12:15 GMT access-control-allow-credentials true vary Origin access-control-max-age 3600 access-control-allow-methods POST
POST H2	200	adjson Show response ads.betweendigital.com/ Frame 0B9C	2 B 300 B	55ms 53ms	XHR application/json	188.42.191.196 SERVERS-COM
General Check archive.org Show headers Download Go to Full URL https://ads.betweendigital.com/adjson?t=prebid Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US), Reverse DNS Software / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://link1s.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-encoding gzip vary Accept-Encoding content-type application/json
POST H2	200	prebid-request Show response onetag-sys.com/ Frame 0B9C	15 B 357 B	39ms 38ms	XHR application/json	51.89.9.253 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip253.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip content-type application/json access-control-allow-origin https://link1s.com p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' cache-control no-transform, no-cache access-control-allow-credentials true access-control-allow-headers content-type, origin, referer, user-agent content-length 41
OPTIONS H2	200	json gum.criteo.com/sid/ Frame	0 0	46ms 46ms	Preflight application/json	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://link1s.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Sat, 24 Dec 2022 15:12:14 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 470863 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	sid Show response mug.criteo.com/ Redirect Chain https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 https://mug.criteo.com/sid?cpp=FjTE93xmSkp3VjN4WUFndjMwNzRXUFphMjc1WmdVRThURm4yc3dkU1F0Z2l0MXE0RFcrdVI5Q0R3VmlVclpUNHZVQzUxS1A5RlZ4cXBOWmtMdGUxUEc2ODE1dCsxVmpLMFlRKzJVTHpRT21Td2dOTUJ1aTFjMGhJd05uSU...	362 B 664 B	39ms 39ms	XHR application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=FjTE93xmSkp3VjN4WUFndjMwNzRXUFphMjc1WmdVRThURm4yc3dkU1F0Z2l0MXE0RFcrdVI5Q0R3VmlVclpUNHZVQzUxS1A5RlZ4cXBOWmtMdGUxUEc2ODE1dCsxVmpLMFlRKzJVTHpRT21Td2dOTUJ1aTFjMGhJd05uSU9sTkZvT1ZJcEQvSWQvRWNSU2x4NDVMSHM3NDUvTDBvSnY1TnBNSzJ3elpXMlNIWjhURldlVmVUdTM1L2V2MGIzWVEyb3NCbzFRaThMZG5PWUd3OTBpbGxON2RpSXVYOHhhQnJjN1ZzZnFuTG9SMEplMnMwPXw&cppv=2 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 75e780370d127a9884d63699b815f90fb80b0450fb5fd7c52b70336bba10b870 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:15 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin null cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1019874 expires 0 Redirect headers pragma no-cache date Sat, 24 Dec 2022 15:12:15 GMT strict-transport-security max-age=31536000; preload; server Kestrel access-control-allow-methods GET location https://mug.criteo.com/sid?cpp=FjTE93xmSkp3VjN4WUFndjMwNzRXUFphMjc1WmdVRThURm4yc3dkU1F0Z2l0MXE0RFcrdVI5Q0R3VmlVclpUNHZVQzUxS1A5RlZ4cXBOWmtMdGUxUEc2ODE1dCsxVmpLMFlRKzJVTHpRT21Td2dOTUJ1aTFjMGhJd05uSU9sTkZvT1ZJcEQvSWQvRWNSU2x4NDVMSHM3NDUvTDBvSnY1TnBNSzJ3elpXMlNIWjhURldlVmVUdTM1L2V2MGIzWVEyb3NCbzFRaThMZG5PWUd3OTBpbGxON2RpSXVYOHhhQnJjN1ZzZnFuTG9SMEplMnMwPXw&cppv=2 access-control-allow-origin https://link1s.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 497581 content-length 0 expires 0
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	39ms 39ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=_5JCvnx2bGlOcFVjZ3BreE9id29GYTQxdkhQQ1h6NjV3MXRDWi8zb29Ma1JXSTFwY3FibDR6ZTA5azBXcHA3WFpGR0l4YjFxelJYclZOYVNmL0wrS1ZmbTNZTXVjWE1JeFJwL05jdFdDeXIveW15WGc3ZGFiVnN5bzlNRTlNY1RWZ3dyY2JCOUVvdHU3SUowL0pBZDdHL3NFb09oLzZjMjVJbXZMcHVHMktzaGdwNFdkS1kydWdHVWlzN0N5SzV6WVlVajhocS9JMDJjVUJxK1VsL0V1NEZ3ZlAzVnZJQjJUcHdveUlGckxMSWJlY2NRPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin null cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Sat, 24 Dec 2022 15:12:14 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 420742 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame D041	34 KB 10 KB	94ms 94ms	Script text/html	104.102.39.125 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.102.39.125 Hamburg, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-102-39-125.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 0cf05fd065a38b84893b9f242784641996e1098497db77b01d8fbca2172f3307 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 15:12:15 GMT Content-Encoding gzip Last-Modified Sat, 24 Dec 2022 01:56:58 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=38684 Connection keep-alive Content-Length 10067 Expires Sun, 25 Dec 2022 01:56:59 GMT
GET H2	200	/ Show response spl.zeotap.com/	429 B 595 B	66ms 65ms	XHR text/html	2606:4700:10::6816:1957 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9fcae2922b26cc220b703f6bd78a6a0fdf636910266233e35a2ad97331b74070 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC server cloudflare vary Origin content-type text/html access-control-allow-origin https://link1s.com access-control-allow-credentials true cf-ray 77ea463068e68fef-FRA access-control-allow-headers *
GET H/1.1	200 OK	adagio.js Show response script.4dex.io/ Frame 0B9C	74 KB 24 KB	66ms 66ms	Fetch application/javascript	2606:4700:20::681a:8a9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 15:12:15 GMT Content-Encoding br CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 41AJQNED5VNGJKHG Age 105491 Transfer-Encoding chunked Connection keep-alive x-amz-id-2 nerqCL2giREeOv9hnjVeqHsDbYGtA89CuUcxDGuT7rVQUxcQ84tDXcjKnN3gawFIYBnKx9KlPBBICZYfjaTWdg== Last-Modified Tue, 22 Nov 2022 09:44:15 GMT Server cloudflare ETag W/"c56b6332dacf72f135afcd153ae22448" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aX%2BvDoF3g8pTCR6M4Y9%2Fc1bJAfxF3wy2tNtWqIlApLxMit%2F9jwqp5dD6ls3dt2cveVy3wikVFgBfl0CXUtV0yoPwoj7qtxDGOh9ECsz35v9jT%2BAI8SHmz7n3oJTUsPFOVH2o%2Fau9FYoKuab"}],"group":"cf-nel","max_age":604800} Cache-Control public, max-age=1800 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding CF-RAY 77ea46306cd89229-FRA
GET H2	200	rules-p-6Fv0cGNfc_bw8.js Show response rules.quantcount.com/	1 KB 1 KB	160ms 43ms	Script application/javascript	2600:9000:2190:5c00:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:5c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 14:17:13 GMT content-encoding gzip via 1.1 cd66c5a89ae3376f15c155e3b52a758c.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 age 3303 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Thu, 13 Oct 2022 22:35:53 GMT server AmazonS3 etag W/"1f431dc94c1f033d6666f0fe637e2d7b" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 x-amz-cf-id A5rw6t48aP6GlmPqaUUS2GOG4s8qTbRcXOHYySlLmJbqbThHlDJaPg==
GET H3	200	anchor Show response www.recaptcha.net/recaptcha/api2/ Frame AA1E	43 KB 23 KB	131ms 55ms	Document text/html	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7&co=aHR0cHM6Ly9saW5rMXMuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=uorhie7l9ubi Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7b659d41b0e82469fc777d2332b8c70d1ad6922830c29dfc01b5946aea49c8a7 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-bSmebP0KHW0atL8j4VVguQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://link1s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 23081 content-security-policy script-src 'report-sample' 'nonce-bSmebP0KHW0atL8j4VVguQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 24 Dec 2022 15:12:15 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	404	gdpr_consent= sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=be415cf8d679b991/gdpr=0/ Frame 11EC Redirect Chain https://adlv.hit.gemius.pl/dataredir?rid=xnjrkiktyj&url=pixel-eu.onprospects.com%2F%3Fpartner%3D254%26mapped%3DHCUDATA%26gdpr%3D0%26gdpr_consent%3D https://pixel-eu.onprospects.com/?partner=254&mapped=TxlwaT1vd5s0CjFeP4e2HtgWlfxUnIpszhv.RQ.7EIj.c7&gdpr=0&gdpr_consent= https://pixel-eu.onaudience.com/?partner=254&mapped=TxlwaT1vd5s0CjFeP4e2HtgWlfxUnIpszhv.RQ.7EIj.c7&gdpr=0&gdpr_consent=&onp https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=be415cf8d679b991/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...	49 B 264 B	188ms 54ms	Image image/gif	54.73.211.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=be415cf8d679b991/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Server 54.73.211.146 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-73-211-146.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language de-DE,de;q=0.9 Referer https://adlv.hit.gemius.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:16 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.11.1 content-length 49 expires 0 Redirect headers location https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=be415cf8d679b991/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D content-length 0
OPTIONS H2	200	sid mug.criteo.com/ Frame	0 0	39ms 38ms	Preflight application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=FjTE93xmSkp3VjN4WUFndjMwNzRXUFphMjc1WmdVRThURm4yc3dkU1F0Z2l0MXE0RFcrdVI5Q0R3VmlVclpUNHZVQzUxS1A5RlZ4cXBOWmtMdGUxUEc2ODE1dCsxVmpLMFlRKzJVTHpRT21Td2dOTUJ1aTFjMGhJd05uSU9sTkZvT1ZJcEQvSWQvRWNSU2x4NDVMSHM3NDUvTDBvSnY1TnBNSzJ3elpXMlNIWjhURldlVmVUdTM1L2V2MGIzWVEyb3NCbzFRaThMZG5PWUd3OTBpbGxON2RpSXVYOHhhQnJjN1ZzZnFuTG9SMEplMnMwPXw&cppv=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET access-control-allow-origin null cache-control no-cache, no-store, must-revalidate content-encoding gzip content-type application/json; charset=utf-8 date Sat, 24 Dec 2022 15:12:15 GMT expires 0 pragma no-cache server Kestrel server-processing-duration-in-ticks 460416 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	cookie cm.adform.net/ Frame 0B9C	43 B 105 B	57ms 57ms	Image image/gif	37.157.6.253 ADFORM
General Check archive.org Show headers Download Go to Show image Full URL https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK), Reverse DNS s1.adform.net Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT server nginx content-length 43 content-type image/gif
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.0.0/	84 KB 30 KB	135ms 37ms	Script text/javascript	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js Requested by Host: d2zur9cc2gf1tx.cloudfront.net URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 01:46:59 GMT content-encoding gzip x-content-type-options nosniff age 134716 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30186 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 23 Dec 2023 01:46:59 GMT
GET H2	200	/ wt.rqtrk.eu/	43 B 196 B	39ms 39ms	Image image/gif	141.95.97.230 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://wt.rqtrk.eu/?pid=6f4bcf39-b286-4d76-b513-ffb5541d5167&url=https%3A%2F%2Flink1s.com%2FxWz8&cb=167189473552550&src=www&type=100&gdpr=1&gdpr_pd=0&gdpr_consent=null&sid=0 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.95.97.230 , France, ASN16276 (OVH, FR), Reverse DNS haproxy-eu-001.roqad.pl Software istio-envoy / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:15 GMT server istio-envoy p3p CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA" content-type image/gif cache-control no-cache,private x-envoy-upstream-service-time 1 content-length 43 expires Sat, 24 Dec 2022 15:12:14 GMT
GET H/1.1	200 OK	wckr.php Show response tag.leadplace.fr/ Frame F1FE	0 247 B	51ms 51ms	Document text/html	145.239.192.166 OVH
General Check archive.org Show headers Download Go to Full URL https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flink1s.com%2FxWz8&id=MTIZ Requested by Host: tag.leadplace.fr URL: https://tag.leadplace.fr/libJsLP.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 145.239.192.166 , France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.20.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Content-Type text/html; charset=UTF-8 Date Sat, 24 Dec 2022 15:12:15 GMT Server nginx/1.20.1 Transfer-Encoding chunked X-IPLB-Instance 30195 X-IPLB-Request-ID 50FF076C:ED3C_91EFC0A6:01BB_63A716CF_49CC9568:237B8
GET H/1.1	200 OK	fire.js Show response s.cpx.to/	718 B 1 KB	234ms 55ms	Script application/javascript	52.211.123.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.cpx.to/fire.js?pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2FxWz8&hn_ver=40&fid=b81f109d-6a02-4cfc-930b-d27372b94e39&dsp=pub_common&dsp_uid=7bbd2de5-5d9d-4839-9ecf-7e452ce2e049 Requested by Host: p.cpx.to URL: https://p.cpx.to/p/12762/px.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.211.123.49 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-123-49.eu-west-1.compute.amazonaws.com Software / Resource Hash 1e5b951bd47acd5cc5c75be47c31a67e307f855692c3fabcd457540d77ea8785 Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Content-Security-Policy default-src 'self' Date Sat, 24 Dec 2022 15:12:15 GMT X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000; includeSubDomains X-Permitted-Cross-Domain-Policies none X-Frame-Options sameorigin P3P CP="NOI DEV ADM" Content-Type application/javascript; charset=UTF-8 Cache-Control no-store, must-revalidate, private, max-age=0 Connection keep-alive Content-Length 718 Expires Thu, 01 Dec 2022 16:20:58 UTC
GET H2	200	mw mwzeom.zeotap.com/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=94139b36-0da2-4a2e-5910-482e0cebd32e&reqId=3f3cc8ff-aaa9-4b5d-714e-b753564bce6a&... https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=94139b36-0da2-4a2e-5910-482e0cebd32e&reqId=3f3cc8ff-aaa9-4b5d-714e-b753564bce6a... https://mwzeom.zeotap.com/mw?google_gid=CAESEDMZ_Q-r7cyKYLb1Hc1osGE&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=94139b36-0da2-4a2e-5910-482e0cebd32e&reqId=3f3cc8ff-aaa9-4b5d-714...	95 B 163 B	65ms 51ms	Image image/png	2606:4700:10::6816:1957 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://mwzeom.zeotap.com/mw?google_gid=CAESEDMZ_Q-r7cyKYLb1Hc1osGE&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=94139b36-0da2-4a2e-5910-482e0cebd32e&reqId=3f3cc8ff-aaa9-4b5d-714e-b753564bce6a&zdid=1258 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Server 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare vary Origin content-type image/png access-control-allow-origin https://link1s.com access-control-allow-credentials true cf-ray 77ea4633ddbe8fef-FRA access-control-allow-headers * content-length 95 Redirect headers pragma no-cache date Sat, 24 Dec 2022 15:12:15 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://mwzeom.zeotap.com/mw?google_gid=CAESEDMZ_Q-r7cyKYLb1Hc1osGE&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=94139b36-0da2-4a2e-5910-482e0cebd32e&reqId=3f3cc8ff-aaa9-4b5d-714e-b753564bce6a&zdid=1258 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 446 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame D041	284 B 536 B	39ms 39ms	Image image/jpg	69.173.144.139 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/jpg Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 284 X-RPHost 611afce88997db6fdd35eb213e662871 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	204 No Content	sync.php pixel-eu.rubiconproject.com/exchange/ Frame 4370	0 239 B	216ms 39ms	Image image/gif	69.173.144.138 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate X-RPHost 4b510f0cc5fcbc9800016ef543086418 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	pixel;r=221219005;labels=Categories.personal-finance%2CMots%20Cl%C3%A9s.earn%20money%2CMots%20Cl%C3%A9s.short%20link%2CMots%20Cl%C3%A9s.get%20paid;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Flink1s.co... pixel.quantserve.com/	35 B 371 B	74ms 41ms	Image image/gif	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=221219005;labels=Categories.personal-finance%2CMots%20Cl%C3%A9s.earn%20money%2CMots%20Cl%C3%A9s.short%20link%2CMots%20Cl%C3%A9s.get%20paid;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Flink1s.com%2FxWz8;uht=2;fpan=1;fpa=P0-2048344906-1671894735415;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=link1s.com;dst=0;et=1671894735578;tzo=0;ogl=image.https%3A%2F%2Fweb-activity-h5%252Exbank%252Eplus%2Fposter%252Ejpg;ses=1e78c2dd-94ad-4628-a3e9-58fcb1fdbaf4 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:15 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame AA1E	52 KB 24 KB	113ms 37ms	Stylesheet text/css	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7&co=aHR0cHM6Ly9saW5rMXMuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=uorhie7l9ubi Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 16:18:51 GMT content-encoding gzip x-content-type-options nosniff age 82404 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24262 x-xss-protection 0 last-modified Thu, 15 Dec 2022 05:24:10 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 23 Dec 2023 16:18:51 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame AA1E	407 KB 163 KB	131ms 55ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7&co=aHR0cHM6Ly9saW5rMXMuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=uorhie7l9ubi Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 12:36:18 GMT content-encoding gzip x-content-type-options nosniff age 9357 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 166478 x-xss-protection 0 last-modified Thu, 15 Dec 2022 05:24:10 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 24 Dec 2023 12:36:18 GMT
POST H2	200	node.php Show response node.setupad.com/node/ Frame A16D	0 209 B	128ms 37ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Sat, 24 Dec 2022 15:12:15 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
POST H2	200	node.php Show response node.setupad.com/node/ Frame A16D	0 208 B	129ms 38ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Sat, 24 Dec 2022 15:12:15 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
GET H/1.1	200 OK	notifyme.php Show response adtrack.adleadevent.com/	0 521 B	283ms 54ms	XHR application/x-javascript	54.78.38.213 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.78.38.213 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-78-38-213.eu-west-1.compute.amazonaws.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Dec 2022 15:12:15 GMT Content-Encoding gzip Last-Modified Sat, 24 Dec 2022 15:12:15 GMT Server Apache Vary Accept-Encoding Content-Type application/x-javascript Access-Control-Allow-Origin https://link1s.com Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Access-Control-Allow-Credentials true Connection keep-alive Content-Length 20 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	ca.png s.cpx.to/ Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=b81f109d-6a02-4cfc-930b-d27372b94e39 https://s.cpx.to/ca.png?dsp=dbm&fid=b81f109d-6a02-4cfc-930b-d27372b94e39&google_gid=CAESEGa0ON3dvk_md2SCDOhOgbY&google_cver=1	95 B 804 B	86ms 55ms	Image image/png	52.211.123.49 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.cpx.to/ca.png?dsp=dbm&fid=b81f109d-6a02-4cfc-930b-d27372b94e39&google_gid=CAESEGa0ON3dvk_md2SCDOhOgbY&google_cver=1 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol HTTP/1.1 Server 52.211.123.49 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-123-49.eu-west-1.compute.amazonaws.com Software / Resource Hash bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Content-Security-Policy default-src 'self' Date Sat, 24 Dec 2022 15:12:16 GMT X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000; includeSubDomains X-Permitted-Cross-Domain-Policies none X-Frame-Options sameorigin Content-Type image/png Cache-Control no-store, must-revalidate, private, max-age=0 Connection keep-alive Content-Length 95 Redirect headers pragma no-cache date Sat, 24 Dec 2022 15:12:15 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://s.cpx.to/ca.png?dsp=dbm&fid=b81f109d-6a02-4cfc-930b-d27372b94e39&google_gid=CAESEGa0ON3dvk_md2SCDOhOgbY&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 334 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	sync s.cpx.to/ Redirect Chain https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db81f109d-6a02-4cfc-930b-d27372b94e39 https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db81f109d-6a02-4cfc-930b-d27372b94e39 https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=01D87403-967A-4C48-ACE7-5A33B2ADF97E&fid=b81f109d-6a02-4cfc-930b-d27372b94e39	95 B 881 B	95ms 56ms	Image image/png	52.211.123.49 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=01D87403-967A-4C48-ACE7-5A33B2ADF97E&fid=b81f109d-6a02-4cfc-930b-d27372b94e39 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol HTTP/1.1 Server 52.211.123.49 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-123-49.eu-west-1.compute.amazonaws.com Software / Resource Hash bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Content-Security-Policy default-src 'self' Date Sat, 24 Dec 2022 15:12:16 GMT X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000; includeSubDomains X-Permitted-Cross-Domain-Policies none X-Frame-Options sameorigin P3P CP="NOI DEV ADM" Content-Type image/png Cache-Control no-store, must-revalidate, private, max-age=0 Connection keep-alive Content-Length 95 Expires Sat, 24 Dec 2022 15:12:16 UTC Redirect headers location https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=01D87403-967A-4C48-ACE7-5A33B2ADF97E&fid=b81f109d-6a02-4cfc-930b-d27372b94e39 date Sat, 24 Dec 2022 15:12:15 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	generic match.adsrvr.org/track/cmf/	70 B 265 B	205ms 57ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sat, 24 Dec 2022 15:12:15 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H/1.1	200 OK	an_fire s.cpx.to/ Redirect Chain https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Flink1s.com%252FxWz8%26hn_ver%3D40%26fid%3Db81f109d-6a02-... https://s.cpx.to/an_fire?app_nexus_uid=3895796451126902620&pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2FxWz8&hn_ver=40&fid=b81f109d-6a02-4cfc-930b-d27372b94e39&dsp=pub_common&dsp_uid=7bbd2de5-5d9d...	95 B 865 B	56ms 56ms	Image image/png	52.211.123.49 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.cpx.to/an_fire?app_nexus_uid=3895796451126902620&pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2FxWz8&hn_ver=40&fid=b81f109d-6a02-4cfc-930b-d27372b94e39&dsp=pub_common&dsp_uid=7bbd2de5-5d9d-4839-9ecf-7e452ce2e049 Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol HTTP/1.1 Server 52.211.123.49 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-211-123-49.eu-west-1.compute.amazonaws.com Software / Resource Hash bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Content-Security-Policy default-src 'self' Date Sat, 24 Dec 2022 15:12:15 GMT X-Content-Type-Options nosniff Strict-Transport-Security max-age=31536000; includeSubDomains X-Permitted-Cross-Domain-Policies none X-Frame-Options sameorigin P3P CP="NOI DEV ADM" Content-Type image/png Cache-Control no-store, must-revalidate, private, max-age=0 Connection keep-alive Content-Length 95 Expires Sat, 24 Dec 2022 15:12:15 UTC Redirect headers Date Sat, 24 Dec 2022 15:12:15 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 80.255.7.108; 80.255.7.108; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 02338e34-9bab-4988-a4e0-9d01ce4604bd Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://s.cpx.to/an_fire?app_nexus_uid=3895796451126902620&pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2FxWz8&hn_ver=40&fid=b81f109d-6a02-4cfc-930b-d27372b94e39&dsp=pub_common&dsp_uid=7bbd2de5-5d9d-4839-9ecf-7e452ce2e049 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET DATA	200 OK	truncated / Frame AA1E	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame AA1E	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/png
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame AA1E	2 KB 2 KB	37ms 37ms	Image image/png	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 20 Dec 2022 18:59:47 GMT x-content-type-options nosniff age 331948 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 27 Dec 2022 18:59:47 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame AA1E	15 KB 15 KB	38ms 38ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7&co=aHR0cHM6Ly9saW5rMXMuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=uorhie7l9ubi Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.recaptcha.net/ Origin https://www.recaptcha.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 12:17:50 GMT x-content-type-options nosniff age 10465 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 24 Dec 2023 12:17:50 GMT
GET H3	200	webworker.js www.recaptcha.net/recaptcha/api2/ Frame AA1E	102 B 134 B	53ms 52ms	Other text/javascript	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4 Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7&co=aHR0cHM6Ly9saW5rMXMuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=uorhie7l9ubi Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/recaptcha/api2/anchor?ar=1&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7&co=aHR0cHM6Ly9saW5rMXMuY29tOjQ0Mw..&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=uorhie7l9ubi User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:15 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Sat, 24 Dec 2022 15:12:15 GMT
POST H2	200	node.php Show response node.setupad.com/node/ Frame 25A9	0 208 B	38ms 37ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Sat, 24 Dec 2022 15:12:15 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
POST H2	200	node.php Show response node.setupad.com/node/ Frame 25A9	0 208 B	38ms 37ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Sat, 24 Dec 2022 15:12:15 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
GET H3	200	bframe Show response www.recaptcha.net/recaptcha/api2/ Frame 2EFC	7 KB 1 KB	48ms 47ms	Document text/html	2a00:1450:4001:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash b5a9577da96c3f0372fa45a4b0ed31230467ca2a37afc9a59345ad89dc9f4976 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-usdEpbvEBoueDlrwgOSdUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://link1s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 1114 content-security-policy script-src 'report-sample' 'nonce-usdEpbvEBoueDlrwgOSdUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 24 Dec 2022 15:12:15 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 2EFC	52 KB 24 KB	38ms 38ms	Stylesheet text/css	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 16:18:51 GMT content-encoding gzip x-content-type-options nosniff age 82405 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24262 x-xss-protection 0 last-modified Thu, 15 Dec 2022 05:24:10 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 23 Dec 2023 16:18:51 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 2EFC	407 KB 163 KB	44ms 44ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js Requested by Host: www.recaptcha.net URL: https://www.recaptcha.net/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6LeB58sUAAAAAEHQEbx3CAs1T-SvXDhShj3K6UQ7 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.recaptcha.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 12:36:18 GMT content-encoding gzip x-content-type-options nosniff age 9358 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 166478 x-xss-protection 0 last-modified Thu, 15 Dec 2022 05:24:10 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Sun, 24 Dec 2023 12:36:18 GMT
POST H2	200	node.php Show response node.setupad.com/node/ Frame 0B9C	0 208 B	38ms 38ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Sat, 24 Dec 2022 15:12:16 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
POST H2	200	node.php Show response node.setupad.com/node/ Frame 0B9C	0 208 B	38ms 38ms	XHR text/html	159.89.25.223 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://node.setupad.com/node/node.php Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Sat, 24 Dec 2022 15:12:16 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) access-control-allow-headers X-Requested-With access-control-allow-methods GET, POST content-type text/html; charset=UTF-8
GET H2	200	publishertag.prebid.117.js Show response static.criteo.net/js/ld/ Frame A16D	87 KB 28 KB	129ms 44ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.117.js Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:17 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 29 Dec 2021 12:30:46 GMT server nginx etag W/"61cc54f6-15c19" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 25 Dec 2022 15:12:17 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame 1CF9	15 KB 6 KB	47ms 47ms	Document text/html	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=link1s.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://link1s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sat, 24 Dec 2022 15:12:17 GMT server Kestrel server-processing-duration-in-ticks 721247 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame A16D	89 KB 29 KB	190ms 95ms	XHR text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:17 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Mon, 24 Oct 2022 11:21:19 GMT server nginx etag W/"6356752f-16294" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 25 Dec 2022 15:12:17 GMT
GET H2	200	sid Show response mug.criteo.com/ Frame 1CF9 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=link1s.com&sn=ChromeSyncframe&so=3&topUrl=link1s.com&bundle=yuZHy183VG0lMkZaWGFUR3Q3SkJaSzc1blRKbnk0QkVkaUV2akNVczRQSkVaTXhyRVlYZzJzQnhUOV... https://mug.criteo.com/sid?cpp=C2MOKXxWd2N2R2lzcWo2a28yVXl4a3pTRWpuZ1NYZmFMRnlUUVhNeHNYaVNib1VJNWU1SitxVzVCWmlMYm8vVlFSb1o2anpsOWowMC9wbGFFV0RDT2FZYVJGR2NYYUJtbUo1SmF2TUNReEF5U1RRQU5JSUh5ZE9tQnM2Ym...	449 B 659 B	40ms 40ms	Fetch application/json	178.250.2.146 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=C2MOKXxWd2N2R2lzcWo2a28yVXl4a3pTRWpuZ1NYZmFMRnlUUVhNeHNYaVNib1VJNWU1SitxVzVCWmlMYm8vVlFSb1o2anpsOWowMC9wbGFFV0RDT2FZYVJGR2NYYUJtbUo1SmF2TUNReEF5U1RRQU5JSUh5ZE9tQnM2Ymp6NnB4ZHppUmtvczZScVJTcC81QVNCbjN0M1VYeCtjM21RWTEydDBQQ1duUFozNDBqZ2psTTUwVmdhcE1SUmhBdDRTMVdBQWkyZTBDWlFHZU1VVjlBQjVLT0g5OG15ZFE3c3FHYjFVQVRJREc2WnNJcGZ2R3dqS2tPNkU4SGxZZmsxaWtsVHVGU011RS9PN1QxMW9CUk5PSzEyQXMyUT09fA&cppv=2 Protocol H2 Server 178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 1fd2bf50fce107acf6bffd1614877cef5a2675448f3dfbbe2d6d57df57eec38b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 24 Dec 2022 15:12:17 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 1392542 expires 0 Redirect headers pragma no-cache date Sat, 24 Dec 2022 15:12:17 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=C2MOKXxWd2N2R2lzcWo2a28yVXl4a3pTRWpuZ1NYZmFMRnlUUVhNeHNYaVNib1VJNWU1SitxVzVCWmlMYm8vVlFSb1o2anpsOWowMC9wbGFFV0RDT2FZYVJGR2NYYUJtbUo1SmF2TUNReEF5U1RRQU5JSUh5ZE9tQnM2Ymp6NnB4ZHppUmtvczZScVJTcC81QVNCbjN0M1VYeCtjM21RWTEydDBQQ1duUFozNDBqZ2psTTUwVmdhcE1SUmhBdDRTMVdBQWkyZTBDWlFHZU1VVjlBQjVLT0g5OG15ZFE3c3FHYjFVQVRJREc2WnNJcGZ2R3dqS2tPNkU4SGxZZmsxaWtsVHVGU011RS9PN1QxMW9CUk5PSzEyQXMyUT09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 541554 content-length 0 expires 0
GET H2	200	publishertag.prebid.117.js Show response static.criteo.net/js/ld/ Frame 25A9	87 KB 28 KB	46ms 46ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.117.js Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:17 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 29 Dec 2021 12:30:46 GMT server nginx etag W/"61cc54f6-15c19" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 25 Dec 2022 15:12:17 GMT
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/ Frame 25A9	89 KB 29 KB	80ms 79ms	XHR text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:18 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Mon, 24 Oct 2022 11:21:19 GMT server nginx etag W/"6356752f-16294" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 25 Dec 2022 15:12:18 GMT
POST H2	204	auction Show response intake.pbstck.com/v1/intake/ Frame A16D	0 33 B	100ms 85ms	XHR text/plain	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://intake.pbstck.com/v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=DE Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sat, 24 Dec 2022 15:12:18 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 77ea464228492be2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H2	204	auction Show response intake.pbstck.com/v1/intake/ Frame A16D	0 64 B	71ms 70ms	XHR text/plain	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://intake.pbstck.com/v1/intake/auction?sId=8e3f84a8&tId=f0e1efd3-353f-4ff1-b037-202b7bb3383d&c=1&ctr=DE Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sat, 24 Dec 2022 15:12:18 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 77ea4642284f2be2-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	publishertag.prebid.117.js Show response static.criteo.net/js/ld/ Frame 0B9C	87 KB 28 KB	50ms 50ms	Script text/javascript	2a02:2638:1::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.117.js Requested by Host: stpd.cloud URL: https://stpd.cloud/assets/postbid/stpd220112.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://link1s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 15:12:18 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Wed, 29 Dec 2021 12:30:46 GMT server nginx etag W/"61cc54f6-15c19" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Sun, 25 Dec 2022 15:12:18 GMT
POST H3	204	auction Show response intake.pbstck.com/v1/intake/ Frame 25A9	0 121 B	81ms 80ms	XHR text/plain	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://intake.pbstck.com/v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=DE Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sat, 24 Dec 2022 15:12:18 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 77ea4643c84d90c4-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	204	auction Show response intake.pbstck.com/v1/intake/ Frame 25A9	0 121 B	70ms 70ms	XHR text/plain	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://intake.pbstck.com/v1/intake/auction?sId=8e3f84a8&tId=f0e1efd3-353f-4ff1-b037-202b7bb3383d&c=1&ctr=DE Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sat, 24 Dec 2022 15:12:18 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 77ea4643d85690c4-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	204	auction Show response intake.pbstck.com/v1/intake/ Frame 0B9C	0 121 B	72ms 72ms	XHR text/plain	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://intake.pbstck.com/v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=DE Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sat, 24 Dec 2022 15:12:18 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 77ea46458a5290c4-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
POST H3	204	auction Show response intake.pbstck.com/v1/intake/ Frame 0B9C	0 121 B	73ms 73ms	XHR text/plain	2606:4700:10::ac43:1997 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://intake.pbstck.com/v1/intake/auction?sId=8e3f84a8&tId=f0e1efd3-353f-4ff1-b037-202b7bb3383d&c=1&ctr=DE Requested by Host: link1s.com URL: https://link1s.com/xWz8 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::ac43:1997 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://link1s.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Sat, 24 Dec 2022 15:12:18 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 77ea46459a5b90c4-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

rtb.adxpremium.services

URL

https://rtb.adxpremium.services/openrtb2/auction

Domain

rtb.adxpremium.services

URL

https://rtb.adxpremium.services/openrtb2/auction

Domain

rtb.adxpremium.services

URL

https://rtb.adxpremium.services/openrtb2/auction