www.users.gobarberrj.com Open in urlscan Pro
68.168.213.90 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.users.gobarberrj.com/
Submission: On March 06 via automatic, source certstream-suspicious (March 6th 2022, 5:17:16 pm UTC) — Scanned from DE

Summary HTTP 218 Redirects Links 77 Behaviour Indicators

Summary

This website contacted 52 IPs in 11 countries across 43 domains to perform 218 HTTP transactions. The main IP is 68.168.213.90, located in United States and belongs to IS-AS-1, US. The main domain is www.users.gobarberrj.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 6th 2022. Valid for: 3 months.

This is the only time www.users.gobarberrj.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	68.168.213.90 68.168.213.90	19318 (IS-AS-1) (IS-AS-1)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
26	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	216.137.180.16 216.137.180.16	55293 (A2HOSTING) (A2HOSTING)
12	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
2	188.114.97.7 188.114.97.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:218... 2600:9000:2182:400:1c:4bbb:9180:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a04:4e42::393 2a04:4e42::393	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	167.86.126.136 167.86.126.136	51167 (CONTABO) (CONTABO)
3	188.114.96.7 188.114.96.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
4 12	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	78.46.33.196 78.46.33.196	24940 (HETZNER-AS) (HETZNER-AS)
3	172.64.170.11 172.64.170.11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.226.145.42 13.226.145.42	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	146.185.142.91 146.185.142.91	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	3.120.18.167 3.120.18.167	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
8	185.66.201.58 185.66.201.58	201702 (SKHOSTING-EU) (SKHOSTING-EU)
6	185.66.200.127 185.66.200.127	201702 (SKHOSTING-EU) (SKHOSTING-EU)
2	13.226.145.27 13.226.145.27	16509 (AMAZON-02) (AMAZON-02)
2	18.189.5.176 18.189.5.176	16509 (AMAZON-02) (AMAZON-02)
7	138.68.105.0 138.68.105.0	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 3	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6812:1d5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	94.130.39.102 94.130.39.102	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	46.101.136.217 46.101.136.217	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
1	52.210.129.48 52.210.129.48	16509 (AMAZON-02) (AMAZON-02)
2	104.16.200.58 104.16.200.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.226.145.94 13.226.145.94	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6810:79c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	63.33.136.74 63.33.136.74	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	185.86.139.113 185.86.139.113	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.195.185.23 18.195.185.23	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f00... 2a03:2880:f00a:11c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
16	2a03:2880:f00... 2a03:2880:f00a:e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
218	52

13 68.168.213.90 (United States)

ASN19318 (IS-AS-1, US)
PTR: webhosting2033-zfs-hostnode.is.cc

www.users.gobarberrj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.137.180.16 (United States)

ASN55293 (A2HOSTING, US)
PTR: server.chinadirect.ng

alternativeadvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.66.200.220 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu

uprimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.7 (Medellín, Colombia)

ASN13335 (CLOUDFLARENET, US)

adhitzads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:400:1c:4bbb:9180:93a1 (United States)

ASN16509 (AMAZON-02, US)

adserver.reklamstore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a04:4e42::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.86.126.136 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: h102.hubuhost.com

radioearn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.114.96.7 (Medellín, Colombia)

ASN13335 (CLOUDFLARENET, US)

static.cbox.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany) 4 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.33.196 (Quedlinburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.33.46.78.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.170.11 (United States)

ASN13335 (CLOUDFLARENET, US)

p3.adhitzads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.145.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-42.dus51.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.185.142.91 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

ads.rekmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.18.167 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-18-167.eu-central-1.compute.amazonaws.com

ads.creative-serving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.66.201.58 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.201.58.skhosting.eu

xe9o.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.66.200.127 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.127.skhosting.eu

ylx-i.advertica-cdn2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.145.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-27.dus51.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.189.5.176 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-5-176.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 138.68.105.0 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: com.reklamstore.bank.v3.lb0

bank.reklamstore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.45 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1d5b (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.130.39.102 (Heilbronn, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mx3.cbox.ws

www5.cbox.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.101.136.217 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: com.reklamselfie.iq

iq.reklamselfie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.245 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.129.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.200.58 (None, )

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.145.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-94.dus51.r.cloudfront.net

adimg.rekmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:79c3 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 63.33.136.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-136-74.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.22 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.113 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.185.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-185-23.eu-central-1.compute.amazonaws.com

pool.grid-data.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f00a:11c:face:b00c:0:3 (Kista, Sweden)

ASN32934 (FACEBOOK, US)

scontent-arn2-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f00a:e:face:b00c:0:3 (Kista, Sweden)

ASN32934 (FACEBOOK, US)

scontent-arn2-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 635 scontent-arn2-2.xx.fbcdn.net — Cisco Umbrella Rank: 79360 scontent-arn2-1.xx.fbcdn.net — Cisco Umbrella Rank: 48228	2 MB
25	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2279	7 MB
13	gobarberrj.com www.users.gobarberrj.com	643 KB
12	facebook.com 4 redirects www.facebook.com — Cisco Umbrella Rank: 96	95 KB
12	uprimp.com uprimp.com — Cisco Umbrella Rank: 182770	14 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	194 KB
8	xe9o.xyz xe9o.xyz — Cisco Umbrella Rank: 162032	19 KB
8	reklamstore.com adserver.reklamstore.com — Cisco Umbrella Rank: 215557 bank.reklamstore.com — Cisco Umbrella Rank: 717626	60 KB
8	alternativeadvert.com alternativeadvert.com	30 KB
6	cpx.to p.cpx.to — Cisco Umbrella Rank: 9610 s.cpx.to — Cisco Umbrella Rank: 1700	7 KB
6	crisp.chat client.crisp.chat — Cisco Umbrella Rank: 19254	137 KB
6	advertica-cdn2.com ylx-i.advertica-cdn2.com — Cisco Umbrella Rank: 180349	76 KB
6	rekmob.com ads.rekmob.com — Cisco Umbrella Rank: 218075 adimg.rekmob.com — Cisco Umbrella Rank: 623005	25 KB
6	cbox.ws static.cbox.ws — Cisco Umbrella Rank: 212650 www5.cbox.ws — Cisco Umbrella Rank: 393249	112 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	6 KB
5	adhitzads.com adhitzads.com — Cisco Umbrella Rank: 175023 p3.adhitzads.com — Cisco Umbrella Rank: 195090	2 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 689 gum.criteo.com — Cisco Umbrella Rank: 347 mug.criteo.com — Cisco Umbrella Rank: 3185	7 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 205 secure.adnxs.com — Cisco Umbrella Rank: 359	4 KB
4	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 257 pool.grid-data.bidswitch.net — Cisco Umbrella Rank: 9668	2 KB
4	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 6833 certify.alexametrics.com — Cisco Umbrella Rank: 3792	5 KB
4	a-ads.com ad.a-ads.com — Cisco Umbrella Rank: 30142	10 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	59 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251 fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 399	217 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1358	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 293	898 B
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 774	631 B
2	glotgrx.com pre.glotgrx.com — Cisco Umbrella Rank: 5974	438 B
2	yabidos.com pixel.yabidos.com — Cisco Umbrella Rank: 6104	25 KB
2	adform.net 2 redirects dmp.adform.net — Cisco Umbrella Rank: 2334	923 B
2	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 899	2 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	95 B
2	creative-serving.com 2 redirects ads.creative-serving.com — Cisco Umbrella Rank: 3287	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	84 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	69 KB
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 595	214 B
1	reklamselfie.com 1 redirects iq.reklamselfie.com — Cisco Umbrella Rank: 819362	215 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8832	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	647 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6130	186 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 600	42 KB
1	radioearn.com radioearn.com	3 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	5 KB
218	43

	Domain	Requested by
25	res.cloudinary.com	www.users.gobarberrj.com
24	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
16	scontent-arn2-1.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
13	www.users.gobarberrj.com	www.users.gobarberrj.com
12	www.facebook.com	4 redirects www.users.gobarberrj.com connect.facebook.net
12	uprimp.com	www.users.gobarberrj.com uprimp.com
8	xe9o.xyz	uprimp.com xe9o.xyz
8	alternativeadvert.com	www.users.gobarberrj.com alternativeadvert.com
7	bank.reklamstore.com	adserver.reklamstore.com www.users.gobarberrj.com bank.reklamstore.com
7	pagead2.googlesyndication.com	www.users.gobarberrj.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	scontent-arn2-2.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
6	client.crisp.chat	www.users.gobarberrj.com client.crisp.chat
6	ylx-i.advertica-cdn2.com	uprimp.com
5	s.cpx.to	p.cpx.to www.users.gobarberrj.com
4	ads.rekmob.com	adserver.reklamstore.com www.users.gobarberrj.com
4	ad.a-ads.com	www.users.gobarberrj.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com alternativeadvert.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	www5.cbox.ws	static.cbox.ws www5.cbox.ws
3	ib.adnxs.com	2 redirects adserver.reklamstore.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	x.bidswitch.net	3 redirects
3	p3.adhitzads.com	adhitzads.com
3	static.cbox.ws	www.users.gobarberrj.com www5.cbox.ws
2	sync.smartadserver.com	1 redirects www.users.gobarberrj.com
2	match.adsrvr.org	2 redirects
2	image2.pubmatic.com	2 redirects
2	pre.glotgrx.com	www.users.gobarberrj.com
2	adimg.rekmob.com	www.users.gobarberrj.com
2	pixel.yabidos.com	adserver.reklamstore.com pixel.yabidos.com
2	dmp.adform.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	ps.eyeota.net	bank.reklamstore.com ps.eyeota.net
2	gum.criteo.com	1 redirects static.criteo.net
2	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	alternativeadvert.com certify-js.alexametrics.com
2	certify.alexametrics.com	alternativeadvert.com
2	ads.creative-serving.com	2 redirects
2	certify-js.alexametrics.com	alternativeadvert.com
2	adhitzads.com	www.users.gobarberrj.com
2	connect.facebook.net	www.users.gobarberrj.com connect.facebook.net
2	www.googletagmanager.com	www.users.gobarberrj.com adserver.reklamstore.com
1	www.google.com	tpc.googlesyndication.com
1	pool.grid-data.bidswitch.net	www.users.gobarberrj.com
1	token.rubiconproject.com	www.users.gobarberrj.com
1	secure.adnxs.com	1 redirects
1	mug.criteo.com	www.users.gobarberrj.com
1	p.cpx.to	bank.reklamstore.com
1	iq.reklamselfie.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	prebid-eu.creativecdn.com	adserver.reklamstore.com
1	bidder.criteo.com	adserver.reklamstore.com
1	imasdk.googleapis.com	adserver.reklamstore.com
1	static.criteo.net	adserver.reklamstore.com
1	fonts.googleapis.com	www.users.gobarberrj.com
1	radioearn.com	www.users.gobarberrj.com
1	cdnjs.cloudflare.com	www.users.gobarberrj.com
1	adserver.reklamstore.com	www.users.gobarberrj.com
1	ajax.googleapis.com	www.users.gobarberrj.com
218	60

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
res.cloudinary.com
m.facebook.com
youtu.be
radioearn.com
www.omegadigibible.com
batangtabon.com

Subject Issuer	Validity	Valid
users.gobarberrj.com cPanel, Inc. Certification Authority	`2022-03-06` - `2022-06-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-14` - `2022-03-14`	3 months	crt.sh
alternativeadvert.com cPanel, Inc. Certification Authority	`2022-01-22` - `2022-04-22`	3 months	crt.sh
uprimp.com R3	`2022-01-01` - `2022-04-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-19` - `2022-05-18`	a year	crt.sh
adserver2.reklamstore.com Amazon	`2021-05-20` - `2022-06-18`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2020-05-27` - `2022-06-22`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
radioearn.com R3	`2022-03-02` - `2022-05-31`	3 months	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2021-12-08` - `2023-01-08`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
ads.rekmob.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-30` - `2022-05-08`	a year	crt.sh
xe9o.xyz R3	`2022-02-28` - `2022-05-29`	3 months	crt.sh
ylx-i.advertica-cdn2.com R3	`2022-02-06` - `2022-05-07`	3 months	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
*.reklamstore.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-11` - `2022-08-11`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
crisp.chat Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
cbox.ws R3	`2022-02-01` - `2022-05-02`	3 months	crt.sh
*.eyeota.net R3	`2022-01-04` - `2022-04-04`	3 months	crt.sh
p.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-13` - `2023-01-13`	a year	crt.sh
adimg.rekmob.com Amazon	`2021-05-31` - `2022-06-29`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
pool.grid-data.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-02-25` - `2023-03-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://www.users.gobarberrj.com/
Frame ID: 3FF9F942D48F43877A75D4A434DC0DA8
Requests: 109 HTTP requests in this frame

Frame: https://alternativeadvert.com/show_i.php?b=1105254902
Frame ID: 9E55A8898508F156F54E01D1C9F19C17
Requests: 6 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=634256&format=160x600&ga=g&xt=164658702812635&xtt=7892804
Frame ID: D031224E4600F2365A583D5A664D5D29
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1506409?size=160x600
Frame ID: 23E925AE0EE0E88B00FC0996E7AAA759
Requests: 2 HTTP requests in this frame

Frame: https://uprimp.com/show.php?u80291646587030=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDcyNTUzNjVhZWNmMTc5NTA4OWExYjUxNGFkZWVkNTI=&u=634256&si=454289452&di=44066180&ci=16&h=3a3f63e9746a35dfe5d9edd0284acc60&cc=DE&https=1&useAf=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Frame ID: 9FAD897A83701156F79C08F32B9DB404
Requests: 5 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=634256&format=468x60&ga=g&xt=164658702852249&xtt=9402595
Frame ID: F9FAE0254626548716CD8EA83DF64172
Requests: 1 HTTP requests in this frame

Frame: https://www.users.gobarberrj.com/RoadTo1ksubcountdown.php
Frame ID: 2A9812E26A3F3CE99298DD2CEA65C815
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/zrt_lookup.html
Frame ID: 2606C29C73C340EB5549C8FD91E380C9
Requests: 1 HTTP requests in this frame

Frame: https://uprimp.com/show.php?u10361646587030=true&ad=673873&f=468x60&a=827929&cri=0&s=NTc5MmYxZTkxMjFkMzlhNTRlMzIwZmYzZTFjMTQ1ZjU=&u=634256&si=454289452&di=44066180&ci=16&h=fcd83a927266ac89d9498dace8f48d78&cc=DE&https=1&useAf=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Frame ID: 0EA004E15C2EFBC7C3F9BA8C6DC8BA13
Requests: 5 HTTP requests in this frame

Frame: https://ad.a-ads.com/1525939?size=320x50
Frame ID: 59BD4BA1103FB20D4825DEEEE70C9483
Requests: 2 HTTP requests in this frame

Frame: https://alternativeadvert.com/show_i.php?b=1105254903
Frame ID: EB0E9529C50D22E33D8042074D1E6FAA
Requests: 7 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=634256&format=120x600&ga=g&xt=164658702931673&xtt=9829646
Frame ID: 72462F48975C6FB7B8B080D39E48A7FC
Requests: 1 HTTP requests in this frame

Frame: https://xe9o.xyz/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCGjrijACxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_17575&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=601547173405&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Frame ID: 38E04D062B34E95E5A3192584AFE57BA
Requests: 3 HTTP requests in this frame

Frame: https://xe9o.xyz/b180228ef7/bd74f6fd55/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCjZGkZkCxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_86046&adApiR=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&adApiR=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=468&height=60&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1567566648766&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Frame ID: 94D889EC6E6DB8F570E2AE86748FF2F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6369761270420377&output=html&h=280&slotname=4795453260&adk=919501952&adf=388061927&pi=t.ma~as.4795453260&w=521&fwrn=4&fwrnh=100&lmt=1646587030&rafmt=1&psa=0&format=521x280&url=https%3A%2F%2Fwww.users.gobarberrj.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587030500&bpp=7&bdt=1964&idt=351&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&correlator=7190239215996&frm=20&pv=2&ga_vid=1114746622.1646587029&ga_sid=1646587031&ga_hid=261795229&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=540&ady=2217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31065370%2C31065447%2C44756896%2C44758229%2C31064018&oid=2&pvsid=1932998923098326&pem=20&tmod=1204429948&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=CEA8rkVIn9&p=https%3A//www.users.gobarberrj.com&dtd=364
Frame ID: D84F1F9E5ADF6F64710DD0CDB0564C14
Requests: 1 HTTP requests in this frame

Frame: https://ad.a-ads.com/1506408?size=120x600
Frame ID: 16504754561AAE10E867A44D079533CF
Requests: 2 HTTP requests in this frame

Frame: https://ad.a-ads.com/1506408?size=120x600
Frame ID: 8AC2C668CD73964E5AE9DCF3E3CC40FB
Requests: 2 HTTP requests in this frame

Frame: https://uprimp.com/show.php?u28001646587030=true&ad=673873&f=120x600&a=491342&cri=0&s=NDIzZjJmYjYxN2RlNzQ5MWU4OTBjOWFhMTMxNjNiOGQ=&u=634256&si=454289452&di=44066180&ci=16&h=3e5a2c84f0feeffc35ca3f043319a5f4&cc=DE&https=1&useAf=loaded_string_44848599232968e17aafe8a20a937736a604d_2558403_1646587030.8546_27506&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Frame ID: 1EF5A2180DC0A14DDD44B07AA8C97EE0
Requests: 5 HTTP requests in this frame

Frame: https://www5.cbox.ws/box/?boxid=913451&boxtag=APTpYR&sec=main
Frame ID: A3FDB1259BFE0AEBB46640745B4B6EDA
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/v9.0/plugins/share_button.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1524b5b0f03d7c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&layout=button&locale=en_US&sdk=joey&size=large
Frame ID: 504C0540B4F1C92C854EA6096E69079A
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
Frame ID: 271A8F6D11A459F5DD81F20EB665D085
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6369761270420377&output=html&adk=1812271804&adf=3025194257&lmt=1646587030&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.users.gobarberrj.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587030935&bpp=1&bdt=2399&idt=1&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&prev_fmts=521x280&nras=1&correlator=7190239215996&frm=20&pv=1&ga_vid=1114746622.1646587029&ga_sid=1646587031&ga_hid=261795229&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31065370%2C31065447%2C44756896%2C44758229%2C31064018&oid=2&pvsid=1932998923098326&pem=20&tmod=1204429948&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=12
Frame ID: F08355111CCB1A304B5750E43799F85F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.users.gobarberrj.com
Frame ID: E07640647793F0D9B740D8FDFDDEDC05
Requests: 2 HTTP requests in this frame

Frame: https://adimg.rekmob.com/logos/rs-b.png
Frame ID: 05EC48D92A85272C090C4C14CBA277C2
Requests: 3 HTTP requests in this frame

Frame: https://xe9o.xyz/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCpkripZCxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_52817&adApiR=loaded_string_44848599232968e17aafe8a20a937736a604d_2558403_1646587030.8546_27506&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=120&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=651540386122&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Frame ID: 34806ACF015C7E02F1A03C69A0E84C12
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v9.0/plugins/share_button.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e07377c538d7%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&layout=button&locale=en_US&sdk=joey&size=large
Frame ID: A062BCA1B7A76B2DC2A0E89C9890D8F4
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
Frame ID: E18F507C0085811538927DD103E938B6
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A10B8B9587FA30D247496CB49E1B8B02
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AF0D2F893BAC4D7607C4A2E1A58AC7AA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

218
Requests

95 %
HTTPS

37 %
IPv6

43
Domains

60
Subdomains

52
IPs

11
Countries

10699 kB
Transfer

17296 kB
Size

43
Cookies

77 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/richard.capili2
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=lckieYUn1PQ
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1588524628/bible_image/batangtabon_fwqvq4.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/louisemaribbay.oblenida/
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=qJEHvVBmA-I
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1610534580/ytimage/loues_tpujsw.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/bernie.vequizo
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=yf1uNKq4ijQ
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1606082038/ytimage/56_j7taxb.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/letecia.equin.5
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=dOX6JUgirAo
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605099596/ytimage/111_hgb6vr.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/rachelle.gilbaliga.9
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=LViO92DHzwc
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605101442/ytimage/11111_y2pclj.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/people/Sophia-Ava-Madalag/100006043830717
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=V1ATqjep5a4&t=4s
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605122135/ytimage/333_rnaake.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MichaelJetClydeBabao/
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=OyRI3yz2aG0
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605193111/ytimage/4_fsvfc5.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/janeth.buyain.7
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=pyqvc5J-tuA
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605308246/ytimage/janerose_akvdwb.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dhang.mamaril.1
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=F2OgDndrnng
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605308730/ytimage/5_n73duz.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dengiemae.gelacio
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=rI_af_NUobg
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605368809/ytimage/6_baaeqh.jpg

Search URL Search Domain Scan URL

URL: https://m.facebook.com/ipuffmo420
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://youtu.be/vIpX-8GeuEw
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/dwaf1cgqp/image/upload/v1605351151/20200615_164059_cmgdvw.jpg

Search URL Search Domain Scan URL

URL: https://youtu.be/Sxj4wsvJ9Nw
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/dwaf1cgqp/image/upload/v1605432972/FB_IMG_1603175152867_hu8jhg.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nerihansi/
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=VvpISbJkLvw
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605438745/ytimage/45_wrky93.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/garygarcia23/
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=O9uuWrdIgSk
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605470804/ytimage/777_mxe4rt.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/katherine.balasi/
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=XRwUrodIeIw
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605471335/ytimage/7_r8sfhz.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/johnroe.magno
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://youtu.be/40m033STzoE
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/dklk6302v/image/upload/v1605488987/PicsArt_11-13-01.53.15_gysq1f.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/reaferandos
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://youtu.be/nYEP3uFGisM
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605552451/ytimage/888_a55bmy.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ChloeChlea0630
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://youtu.be/nzY5xUu2cYw
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605514304/ytimage/FB_IMG_1605514229809_lxleoq.jpg

Search URL Search Domain Scan URL

URL: https://m.facebook.com/MunchMunch03?ref=bookmarks
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=LjkBs09fwyw&t=18s
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605552016/ytimage/77_z8gezu.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/janice.oclidina/
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=QnoJq_Z9i1A&t=200s
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605561833/ytimage/99_vmdiyi.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fionamay.araja/
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=OlFZIqxmlSg
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605615987/ytimage/99_ynlp4o.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/shalynhallel.cayudong/
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=4pDwEnxJjtU
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1606059144/ytimage/123456_xnlcsp.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kim.catubig.94
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://youtu.be/3m-yRCinGqM
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1606082508/ytimage/563_km6mrx.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ObjuanShinobi
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=9_FmGVVJBLQ
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605803297/ytimage/ob_udgsyw.jpg

Search URL Search Domain Scan URL

URL: https://www.facebook.com/emerson.mangaoil
Title: Send_Message

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCG4PdnqYTUKh-1mz-RUmulg
Title: Watch_3-5Mins_B4_Subs

Search URL Search Domain Scan URL

URL: https://res.cloudinary.com/dtlknkivv/image/upload/v1605869544/IMG_20201007_151259_ifv1sx.jpg

Search URL Search Domain Scan URL

URL: https://radioearn.com/?ref=12467

Search URL Search Domain Scan URL

URL: https://www.omegadigibible.com/download

Search URL Search Domain Scan URL

URL: https://batangtabon.com/
Title: Batang Tabon

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://x.bidswitch.net/sync?ssp=reklamstore HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=9d79b45c-0244-4847-8e61-11a097415db3 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=9d79b45c-0244-4847-8e61-11a097415db3 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=fcf4968c-6344-4ce0-8964-9272cdc25a3b&ssp=reklamstore&expires=30&user_group=5&bsw_param=9d79b45c-0244-4847-8e61-11a097415db3 HTTP 302
https://ads.rekmob.com/retarget/pix?id=bs&cv=9d79b45c-0244-4847-8e61-11a097415db3&d=1

Request Chain 118

https://www.facebook.com/v9.0/plugins/comments.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550

Request Chain 127

https://iq.reklamselfie.com/585ce73218044 HTTP 302
https://bank.reklamstore.com/rs.js

Request Chain 129

https://ib.adnxs.com/getuid?https://bank.reklamstore.com/anx.php?uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbank.reklamstore.com%2Fanx.php%3Fuid%3D%24UID HTTP 302
https://bank.reklamstore.com/anx.php?uid=7013630141775087107

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm HTTP 302
https://bank.reklamstore.com/adx.php?google_gid=CAESEC0yHvOP6pmLDcyejHkpvUo&google_cver=1

Request Chain 131

https://dmp.adform.net/serving/cookie/match?party=1068 HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1068 HTTP 302
https://bank.reklamstore.com/adform.php?uid=7905369500523989728

Request Chain 141

https://gum.criteo.com/sid/json?origin=publishertag&domain=gobarberrj.com&sn=ChromeSyncframe&so=0&topUrl=www.users.gobarberrj.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=V6rqkHwwTEZPL0V6V0hFQUFUc0pLdTFwSWZPOThHdk1PM2U4Y2Z1TEtVbHYvOFJIcXNRMG9LaCtndGo4UGtmeWtURHFMaFhNY2tIcnpTLzFuQ3BjZExzWGlvR3Y4dGhRT3dVMXFYblJXeVREL1c1TEpUQml6UDJ2WlZPZi9iN1hHeXU5N3U1NEx4d2VLcnhkNEFYb09tMG5Od0V3QUN3Z0JtTnNCQXpWUjZUeGM1Rk42QzIvWEhZVFR5WkFJZ1FHR3FCcE9ITGxSbmQwMXlYRGdoWWp6STNxczJtdVVpUmI5OVZhMnE1cnlDekpGWnhSeVR5Qm01V1ZUZDZCRXVDRXJWdC83OFVoeVdzblpUYVdzZG5MWmlyTk1zdz09fA&cppv=2

Request Chain 165

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D77d57edd-8f50-4169-a605-0d53063e9bee HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D77d57edd-8f50-4169-a605-0d53063e9bee HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FF3F21FC-F624-43DF-84F0-44EF7FAE1938&fid=77d57edd-8f50-4169-a605-0d53063e9bee

Request Chain 166

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252F%26hn_ver%3D40%26fid%3D77d57edd-8f50-4169-a605-0d53063e9bee HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=7013630141775087107&pid=12475&ref=&url=https%3A%2F%2Fwww.users.gobarberrj.com%2F&hn_ver=40&fid=77d57edd-8f50-4169-a605-0d53063e9bee

Request Chain 168

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP 302
https://s.cpx.to/sync?dsp_uid=513d0668-f9e3-4234-9588-26c0f3544214&dsp=TTD

Request Chain 169

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D77d57edd-8f50-4169-a605-0d53063e9bee&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=77d57edd-8f50-4169-a605-0d53063e9bee&gdpr=0&cklb=1

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=77d57edd-8f50-4169-a605-0d53063e9bee HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=77d57edd-8f50-4169-a605-0d53063e9bee&google_gid=CAESEJ8ke00pRqnsJRQ4jsxKm-k&google_cver=1

Request Chain 190

https://www.facebook.com/v9.0/plugins/comments.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550

218 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.users.gobarberrj.com/ 45 KB
11 KB 381ms
130ms Document
text/html 68.168.213.90
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.168.213.90 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2033-zfs-hostnode.is.cc
Software: LiteSpeed /
Resource Hash: 08adc3978f87c754fde8143b94b68a832d37ac78dcbc3a6cda1264eb950850f4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Mar 2022 17:17:08 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
36 KB 254ms
93ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113153126-2

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08f422c67963f951376370501ab341593499940cf808bf12b5c2015c6b2bae11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36671
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 06 Mar 2022 17:17:08 GMT

GET
H2 200 formoid-solid-blue.css
www.users.gobarberrj.com/ 33 KB
9 KB 127ms
123ms Stylesheet
text/css 68.168.213.90
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.users.gobarberrj.com/formoid-solid-blue.css
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.168.213.90 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2033-zfs-hostnode.is.cc
Software: LiteSpeed /
Resource Hash: 5a2e10d20d0cd41c41f2773a050bee4f19b11a25d8a270d721a8299180b46c8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:08 GMT
content-encoding: br
last-modified: Sun, 06 Mar 2022 17:10:51 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8843
expires: Sun, 13 Mar 2022 17:17:08 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.2/ 93 KB
93 KB 241ms
77ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 01:46:20 GMT
x-content-type-options: nosniff
age: 315048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94840
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 01:46:20 GMT

GET
H2 200 iframe.js Show response
www.users.gobarberrj.com/ 779 B
464 B 129ms
125ms Script
application/javascript 68.168.213.90
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.users.gobarberrj.com/iframe.js
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.168.213.90 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2033-zfs-hostnode.is.cc
Software: LiteSpeed /
Resource Hash: b68f081f406ff506acb336dd2373449ff799d38325dd615662843985df003725

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:08 GMT
content-encoding: br
last-modified: Sun, 06 Mar 2022 17:10:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 391
expires: Sun, 13 Mar 2022 17:17:08 GMT

GET
H2 200 form.css
www.users.gobarberrj.com/ 542 B
335 B 127ms
124ms Stylesheet
text/css 68.168.213.90
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.users.gobarberrj.com/form.css
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.168.213.90 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2033-zfs-hostnode.is.cc
Software: LiteSpeed /
Resource Hash: 7a9fecc84498aa7b7e10256a4a35357ea00ed5740a3caf7392316a763b75b23a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:08 GMT
content-encoding: br
last-modified: Sun, 06 Mar 2022 17:10:50 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 280
expires: Sun, 13 Mar 2022 17:17:08 GMT

GET
H2 404 style.css
www.users.gobarberrj.com/ytcmenu_files/css3menu1/ 0
0 128ms
124ms Stylesheet
text/html 68.168.213.90
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.users.gobarberrj.com/ytcmenu_files/css3menu1/style.css
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.168.213.90 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2033-zfs-hostnode.is.cc
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:08 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 style.css
www.users.gobarberrj.com/ytcmenu_files/css3menu2/ 0
0 128ms
124ms Stylesheet
text/html 68.168.213.90
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.users.gobarberrj.com/ytcmenu_files/css3menu2/style.css
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.168.213.90 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2033-zfs-hostnode.is.cc
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:08 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 ytchallenge.css
www.users.gobarberrj.com/css/ 7 KB
2 KB 128ms
125ms Stylesheet
text/css 68.168.213.90
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.users.gobarberrj.com/css/ytchallenge.css
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.168.213.90 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2033-zfs-hostnode.is.cc
Software: LiteSpeed /
Resource Hash: f6d7b9fc7e566ede0dda55fa06b882d2a38dc1a58946658ffca9cc8cf8eddf2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:08 GMT
content-encoding: br
last-modified: Sun, 06 Mar 2022 17:11:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1728
expires: Sun, 13 Mar 2022 17:17:08 GMT

GET
H2 200 animated.css
www.users.gobarberrj.com/css/ 466 B
337 B 128ms
125ms Stylesheet
text/css 68.168.213.90
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.users.gobarberrj.com/css/animated.css
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.168.213.90 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2033-zfs-hostnode.is.cc
Software: LiteSpeed /
Resource Hash: b4433b579c93f32b5128f54d5d7d949c20668b3140fb4884f37ffbf72e2622a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:08 GMT
content-encoding: br
last-modified: Sun, 06 Mar 2022 17:11:42 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 282
expires: Sun, 13 Mar 2022 17:17:08 GMT

GET
H2 404 animated2.css
www.users.gobarberrj.com/css/ 0
0 129ms
126ms Stylesheet
text/html 68.168.213.90
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.users.gobarberrj.com/css/animated2.css
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.168.213.90 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2033-zfs-hostnode.is.cc
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:08 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 anime.min.js Show response
www.users.gobarberrj.com/ 695 B
436 B 251ms
249ms Script
application/javascript 68.168.213.90
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.users.gobarberrj.com/anime.min.js
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.168.213.90 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2033-zfs-hostnode.is.cc
Software: LiteSpeed /
Resource Hash: 957c4cd622090c3c567717c5dd1e5f69c03cb9b7dff00a569672287333d99a26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:08 GMT
content-encoding: br
last-modified: Sun, 06 Mar 2022 17:10:44 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 380
expires: Sun, 13 Mar 2022 17:17:08 GMT

GET
H2 200 bootstrap.min.css
www.users.gobarberrj.com/css/ 118 KB
29 KB 129ms
126ms Stylesheet
text/css 68.168.213.90
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.users.gobarberrj.com/css/bootstrap.min.css
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.168.213.90 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2033-zfs-hostnode.is.cc
Software: LiteSpeed /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:08 GMT
content-encoding: br
last-modified: Sun, 06 Mar 2022 17:11:43 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 29488
expires: Sun, 13 Mar 2022 17:17:08 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 124ms
37ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

31e8040e46b1ea2b581a3249fd9e498441b89b5ce1bee0fdeed122fdf1ae90e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.users.gobarberrj.com/
Origin: https://www.users.gobarberrj.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GpazvTozd8w2ZDB0jiHcLA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: 4vHsA7gfBlGbI6wnu0xWpMFH87x9r52ATXbKVysLGp3HZphuT4JO1Wsq4wyRLbRDI+X1frrVr6J7+l53fooHvw==
x-fb-trip-id: 2050670934
x-fb-content-md5: cce964df3950138369fa19337248c990
x-frame-options: DENY
date: Sun, 06 Mar 2022 17:17:09 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "fd9a4c1c9540de41d52dc31bb3351b6b"
timing-allow-origin: *
expires: Sun, 06 Mar 2022 17:17:17 GMT

GET
H2 200 show.js Show response
alternativeadvert.com/ 2 KB
764 B 1303ms
53ms Script
application/javascript 216.137.180.16
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://alternativeadvert.com/show.js
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.137.180.16 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: server.chinadirect.ng
Software: LiteSpeed /
Resource Hash: b93fe652eab9cbf4c17956c890f3f38366fd822e8844e936748f9dac55d38e6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
content-encoding: br
last-modified: Fri, 27 Nov 2020 10:47:01 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 457
expires: Sun, 13 Mar 2022 17:17:10 GMT

GET
H2 200 bnr.php Show response
uprimp.com/ 430 B
684 B 216ms
69ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=General&pub=634256&format=160x600&ga=g
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 75928cd5063a9cea272c1c4e73ed650a878ac3bd2393e2864ce2f1be7bb124b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:08 GMT
last-modified: Sun, 06 Mar 2022 17:17:08 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sun, 06 Mar 2022 17:17:08 GMT

GET
H2 200 1113988 Show response
adhitzads.com/ 448 B
835 B 198ms
76ms Script
text/html 188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1113988
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd1d224412a462721acd1220b9e8cfd125d832ccf0fb57318b690dcbc842ed72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFFA3s%2BuajUOW5FF4AAtbrj22WC7vqBNSdJzqOkHsqY9RCZWHITqINuonmQiP30EASB5lRPG3wqwZSi1rbrjMW6S1yhn87OXigDrPpsop2YHLzmznCf8ChYFbFpmfB8e"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 6e7cbe417acc90b5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 06 Mar 2022 18:17:08 GMT

GET
H2 200 bnr.php Show response
uprimp.com/ 427 B
680 B 216ms
69ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=General&pub=634256&format=468x60&ga=g
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: d674d75d8c3d870a5b8c11f2a434ff3c90732eba5a1f80aecff8d8eed44666c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:08 GMT
last-modified: Sun, 06 Mar 2022 17:17:08 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sun, 06 Mar 2022 17:17:08 GMT

GET
H2 200 reklamstore.js Show response
adserver.reklamstore.com/ 96 KB
29 KB 260ms
48ms Script
application/javascript 2600:9000:2182:400:1c:4bbb:9180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.reklamstore.com/reklamstore.js
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:400:1c:4bbb:9180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92e83fdf1ed8bb4a50fb72331cb20f536a1159ce55d523ebfca3441ce8e30294

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 00:45:12 GMT
content-encoding: gzip
last-modified: Mon, 28 Jun 2021 18:35:51 GMT
server: AmazonS3
age: 59517
etag: "78cf0f1f296c61b336db981022359dbc"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
content-length: 29778
x-amz-cf-id: BKsqq7ApnHhe8GzbBcDMlmt6B8QcDz7eLXMz9mrAVdgeijU5EiAtmQ==

GET
H2 200 anime.min.js Show response
cdnjs.cloudflare.com/ajax/libs/animejs/2.0.2/ 11 KB
5 KB 172ms
62ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animejs/2.0.2/anime.min.js

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7813f21ffc8ab5a9c4808a33cae9e6234b4ab3b14245a8900bdd62879642077c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 527764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4468
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-2be1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZP8qdK6pdg10OrUu1cUOMWGJ8dSdfkdAnhIJq1ZDtHiqO7TvaTaSanven8X5JrJIcdcKE7cEWH%2Bxkrvna3xHMDgkN04lRawN%2FEy6%2BivO5HkN5QyAUVtL3gt5TeRDZgKP4SDRgRoWqZ7HoNJDcEe0gOAr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e7cbe415d4e9ba0-FRA
expires: Fri, 24 Feb 2023 17:17:08 GMT

GET
H2 200 batangtabon_fwqvq4.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1588524628/bible_image/ 19 KB
19 KB 435ms
326ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1588524628/bible_image/batangtabon_fwqvq4.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e6038d90041624ed0727ac4ed46c5285e5f7e1074e91c5c5822e4e01bc1c019d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 03 May 2020 16:50:30 GMT
server: Cloudinary
etag: "10dab3844704c5d90c12160fbcba7d4e"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=290;cpu=163;start=2022-03-06T17:17:09.109Z;desc=miss,rtt;dur=36,cloudinary;dur=35;start=2022-03-06T17:17:09.317Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 19112

GET
H2 200 loues_tpujsw.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1610534580/ytimage/ 2 KB
2 KB 446ms
337ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1610534580/ytimage/loues_tpujsw.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

996dc3adcba0e172a95a466d755af8cd30b6c955b7f041bdac60f4959c693c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Jan 2021 10:43:01 GMT
server: Cloudinary
etag: "3df257d9b20f47826af52e6125a13c06"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=301;cpu=163;start=2022-03-06T17:17:09.109Z;desc=miss,rtt;dur=36,cloudinary;dur=47;start=2022-03-06T17:17:09.319Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 1610

GET
H2 200 56_j7taxb.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1606082038/ytimage/ 2 KB
2 KB 528ms
420ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1606082038/ytimage/56_j7taxb.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

ac67e8e93aa3409acc004511392ae5168a0f44a67729fa4d380697e73c2f6745

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Nov 2020 21:53:59 GMT
server: Cloudinary
etag: "fcd15dc0b9cb55223ceb799a1370344a"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=325;cpu=163;start=2022-03-06T17:17:09.109Z;desc=miss,rtt;dur=36,cloudinary;dur=67;start=2022-03-06T17:17:09.321Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 2090

GET
H2 200 111_hgb6vr.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605099596/ytimage/ 136 KB
137 KB 564ms
456ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605099596/ytimage/111_hgb6vr.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

4c40362b282b85dcbc5d03af07a9ccef72720302ba2461e2f6855a59e3419ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 12:59:57 GMT
server: Cloudinary
etag: "2ce62f83dba42915a6dabd0a9a786f95"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=404;cpu=163;start=2022-03-06T17:17:09.110Z;desc=miss,rtt;dur=36,cloudinary;dur=146;start=2022-03-06T17:17:09.320Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 139716

GET
H2 200 11111_y2pclj.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605101442/ytimage/ 823 KB
824 KB 533ms
426ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605101442/ytimage/11111_y2pclj.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8d3c3490d56fffa040252f235800b4eab6ee832b574171a55bd6527fdfc6b8ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 13:30:43 GMT
server: Cloudinary
etag: "659a507b27570c7fedbe9e8b6e64df65"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=334;cpu=163;start=2022-03-06T17:17:09.110Z;desc=miss,rtt;dur=36,cloudinary;dur=77;start=2022-03-06T17:17:09.317Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 843165

GET
H2 200 333_rnaake.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605122135/ytimage/ 226 KB
227 KB 739ms
632ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605122135/ytimage/333_rnaake.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

5061a1cda7e5649b099158261260ff069dcc9dc0f2454d018a82974068acd733

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 19:15:36 GMT
server: Cloudinary
etag: "b384ab3dd2a9ecd787afce8371aa331e"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=595;cpu=163;start=2022-03-06T17:17:09.110Z;desc=miss,rtt;dur=36,cloudinary;dur=76;start=2022-03-06T17:17:09.583Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 231392

GET
H2 200 4_fsvfc5.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605193111/ytimage/ 37 KB
37 KB 389ms
386ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605193111/ytimage/4_fsvfc5.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

fa8b4bd660415bf2479bee62717e7d89086d5c596cbaef5767a876e9eceb4684

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 14:58:32 GMT
server: Cloudinary
etag: "11b025e885a9b08453471b1ab8dfd45e"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=299;cpu=145;start=2022-03-06T17:17:09.128Z;desc=miss,rtt;dur=36,cloudinary;dur=63;start=2022-03-06T17:17:09.316Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 38111

GET
H2 200 janerose_akvdwb.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605308246/ytimage/ 5 KB
5 KB 334ms
331ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605308246/ytimage/janerose_akvdwb.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

2fc03d9aedde903d02af6f056e5f650769979b27d899007f8f6e2519178ea9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Nov 2020 22:57:27 GMT
server: Cloudinary
etag: "03b869527540c4a26d213cf852d3ff63"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=295;cpu=145;start=2022-03-06T17:17:09.128Z;desc=miss,rtt;dur=36,cloudinary;dur=59;start=2022-03-06T17:17:09.318Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 5059

GET
H2 200 5_n73duz.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605308730/ytimage/ 4 KB
5 KB 403ms
401ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605308730/ytimage/5_n73duz.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

7f1e765c576edcad537d701ea0c43acb1142355180a69c626b2ab9fadfa5e33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 13 Nov 2020 23:05:31 GMT
server: Cloudinary
etag: "95cb0d5d4947fc2906e863701131d137"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=289;cpu=128;start=2022-03-06T17:17:09.145Z;desc=miss,rtt;dur=36,cloudinary;dur=68;start=2022-03-06T17:17:09.319Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 4560

GET
H2 200 6_baaeqh.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605368809/ytimage/ 450 KB
451 KB 421ms
418ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605368809/ytimage/6_baaeqh.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0f0f00205ee1a871f59d3897682a0de74fe6abc57b8e1ddf68e95f008a0dfe25

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Nov 2020 15:46:51 GMT
server: Cloudinary
etag: "c58dba41c0a4bd45481cb583af721cc2"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=312;cpu=128;start=2022-03-06T17:17:09.145Z;desc=miss,rtt;dur=36,cloudinary;dur=91;start=2022-03-06T17:17:09.319Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 461080

GET
H2 200 20200615_164059_cmgdvw.jpg
res.cloudinary.com/dwaf1cgqp/image/upload/v1605351151/ 524 KB
524 KB 490ms
488ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dwaf1cgqp/image/upload/v1605351151/20200615_164059_cmgdvw.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6661e9217fda53c900048a1bfe58c148a7b1c3e1fe3442044bbb8cb16b85d71b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Sat, 14 Nov 2020 10:52:32 GMT
server: Cloudinary
etag: "c57985024a64464ed23d13f32021baf0"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=434;cpu=278;start=2022-03-06T17:17:09.145Z;desc=miss,rtt;dur=36,cloudinary;dur=64;start=2022-03-06T17:17:09.468Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 536440

GET
H2 200 FB_IMG_1603175152867_hu8jhg.jpg
res.cloudinary.com/dwaf1cgqp/image/upload/v1605432972/ 35 KB
36 KB 529ms
526ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dwaf1cgqp/image/upload/v1605432972/FB_IMG_1603175152867_hu8jhg.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8f999a27deb3d25139105d73518c01d1b8709c3cf36af275580160e5b0390625

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 15 Nov 2020 09:36:13 GMT
server: Cloudinary
etag: "4433a41813b3f76f1a6029f670eeb49d"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=466;cpu=278;start=2022-03-06T17:17:09.145Z;desc=miss,rtt;dur=36,cloudinary;dur=94;start=2022-03-06T17:17:09.470Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 36257

GET
H2 200 45_wrky93.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605438745/ytimage/ 91 KB
91 KB 403ms
401ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605438745/ytimage/45_wrky93.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

88d2d5f0458727a32febe975878c16f43536a2099b37b8f82e2e03a220f42e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 15 Nov 2020 11:12:26 GMT
server: Cloudinary
etag: "35535161a60d435f6799b7a1a28417e7"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=288;cpu=128;start=2022-03-06T17:17:09.146Z;desc=miss,rtt;dur=36,cloudinary;dur=70;start=2022-03-06T17:17:09.315Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 92770

GET
H2 200 777_mxe4rt.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605470804/ytimage/ 384 KB
384 KB 441ms
438ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605470804/ytimage/777_mxe4rt.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

3839486b95bb3fa8cac7109e7f73fd3a139c843dac068c8e14a055e63ed2965f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 15 Nov 2020 20:06:45 GMT
server: Cloudinary
etag: "8f8925db33ae2936b72985ab55820036"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=368;cpu=127;start=2022-03-06T17:17:09.146Z;desc=miss,rtt;dur=36,cloudinary;dur=150;start=2022-03-06T17:17:09.317Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 393175

GET
H2 200 7_r8sfhz.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605471335/ytimage/ 14 KB
14 KB 404ms
402ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605471335/ytimage/7_r8sfhz.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8f76960c70c1d837143b074c2e794b570bcc4a16ebc06a1090d61e5055add611

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 15 Nov 2020 20:15:36 GMT
server: Cloudinary
etag: "9d80c11a701658e2226355f534a57261"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=295;cpu=128;start=2022-03-06T17:17:09.146Z;desc=miss,rtt;dur=36,cloudinary;dur=76;start=2022-03-06T17:17:09.323Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 14010

GET
H2 200 PicsArt_11-13-01.53.15_gysq1f.jpg
res.cloudinary.com/dklk6302v/image/upload/v1605488987/ 510 KB
511 KB 499ms
497ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dklk6302v/image/upload/v1605488987/PicsArt_11-13-01.53.15_gysq1f.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

4b3457bd10b00e8b14e48020610da447149028c997c42d3b2c192ec55ae0b65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 01:09:49 GMT
server: Cloudinary
etag: "0f3d76fe1cd960e65a50b1ae2eff79b1"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=440;cpu=176;start=2022-03-06T17:17:09.146Z;desc=miss,rtt;dur=36,cloudinary;dur=77;start=2022-03-06T17:17:09.370Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 522337

GET
H2 200 888_a55bmy.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605552451/ytimage/ 2 KB
2 KB 403ms
401ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605552451/ytimage/888_a55bmy.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

6d8e0f235d94eb4657900e9afb0ab706aaf3ee761df56da4fc96254b4d42443a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:47:33 GMT
server: Cloudinary
etag: "c9dc02d328c02bb8980caa7fb174b09c"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=284;cpu=127;start=2022-03-06T17:17:09.146Z;desc=miss,rtt;dur=36,cloudinary;dur=66;start=2022-03-06T17:17:09.322Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 1743

GET
H2 200 FB_IMG_1605514229809_lxleoq.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605514304/ytimage/ 62 KB
62 KB 335ms
333ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605514304/ytimage/FB_IMG_1605514229809_lxleoq.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

02e2a28bb51de6f8cac38f355fb0679c63cf88812decef73c7688b9413475221

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 08:11:45 GMT
server: Cloudinary
etag: "b60c0c9b20d425d796512e23b5cb5d9e"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=277;cpu=127;start=2022-03-06T17:17:09.146Z;desc=miss,rtt;dur=36,cloudinary;dur=60;start=2022-03-06T17:17:09.317Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 63063

GET
H2 200 77_z8gezu.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605552016/ytimage/ 4 KB
4 KB 413ms
411ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605552016/ytimage/77_z8gezu.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0322112f46e6deb92272ce7dd23ff07d23e4c7a2d47c1be2df12c6cbac2d6d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 18:40:17 GMT
server: Cloudinary
etag: "4845ef84aa3f94652f30195edeaff73b"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=298;cpu=127;start=2022-03-06T17:17:09.146Z;desc=miss,rtt;dur=36,cloudinary;dur=78;start=2022-03-06T17:17:09.321Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 3770

GET
H2 200 99_vmdiyi.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605561833/ytimage/ 2 KB
2 KB 328ms
326ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605561833/ytimage/99_vmdiyi.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

239829f28f9ffb048658f827830851206f86a2aa5686ded7f3c453077a5b4aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Nov 2020 21:23:54 GMT
server: Cloudinary
etag: "e8feba9e364ed3cff39e4e55d751f86d"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=271;cpu=127;start=2022-03-06T17:17:09.146Z;desc=miss,rtt;dur=36,cloudinary;dur=53;start=2022-03-06T17:17:09.314Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 2043

GET
H2 200 99_ynlp4o.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605615987/ytimage/ 22 KB
22 KB 417ms
415ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605615987/ytimage/99_ynlp4o.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

29848afba3502a3d8f022bbe810fc5f4e78febe0a47ecc7b6c7ef56357a5bfbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 17 Nov 2020 12:26:28 GMT
server: Cloudinary
etag: "ebb5a287528f06065d09ee5ba8ad3496"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=304;cpu=127;start=2022-03-06T17:17:09.146Z;desc=miss,rtt;dur=36,cloudinary;dur=82;start=2022-03-06T17:17:09.323Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 22668

GET
H2 200 123456_xnlcsp.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1606059144/ytimage/ 2 KB
2 KB 325ms
322ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1606059144/ytimage/123456_xnlcsp.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

7d28c834939cec1f5eb479cb4ca319a5a9fe87d092c8399056964db5787afdac

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Nov 2020 15:32:25 GMT
server: Cloudinary
etag: "480c79fcaac551b64419f5245ca11834"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=267;cpu=127;start=2022-03-06T17:17:09.146Z;desc=miss,rtt;dur=36,cloudinary;dur=50;start=2022-03-06T17:17:09.313Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 1918

GET
H2 200 563_km6mrx.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1606082508/ytimage/ 2 KB
2 KB 321ms
319ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1606082508/ytimage/563_km6mrx.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

33b26f836da9ae0ae209f875ce2882f6c36e09c4f01daa28e2cbf73621fa9e06

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 22 Nov 2020 22:01:49 GMT
server: Cloudinary
etag: "93a58ae3a74a22a53d06cf931791b96e"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=263;cpu=127;start=2022-03-06T17:17:09.146Z;desc=miss,rtt;dur=36,cloudinary;dur=46;start=2022-03-06T17:17:09.316Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 2146

GET
H2 200 ob_udgsyw.jpg
res.cloudinary.com/addpro-myurl101-com/image/upload/v1605803297/ytimage/ 4 KB
4 KB 419ms
417ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/addpro-myurl101-com/image/upload/v1605803297/ytimage/ob_udgsyw.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

aa9f36c1c509957a9956868fbcbe65b5728c3b8668e2a626728da6aff78b9b59

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 16:28:18 GMT
server: Cloudinary
etag: "52b345c92419e495e567d50249811a3c"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=303;cpu=126;start=2022-03-06T17:17:09.147Z;desc=miss,rtt;dur=36,cloudinary;dur=87;start=2022-03-06T17:17:09.319Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 4155

GET
H2 200 IMG_20201007_151259_ifv1sx.jpg
res.cloudinary.com/dtlknkivv/image/upload/v1605869544/ 3 MB
3 MB 607ms
605ms Image
image/jpeg 2a04:4e42::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/dtlknkivv/image/upload/v1605869544/IMG_20201007_151259_ifv1sx.jpg

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

19e49ca2b8bf85f2fbc28b709fa56567bc12e907323475e9596209da4efb0c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Fri, 20 Nov 2020 10:52:25 GMT
server: Cloudinary
etag: "2a4c1f679cf1d4a8518848ab64df0af8"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=550;cpu=220;start=2022-03-06T17:17:09.147Z;desc=miss,rtt;dur=36,cloudinary;dur=238;start=2022-03-06T17:17:09.414Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 3617767

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 256ms
101ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3f3aa15cdba8d145b4c66d3c1946eb82e0eb3f05ee43dc15658b82269a399ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53876
x-xss-protection: 0
server: cafe
etag: 3492960895899912688
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 06 Mar 2022 17:17:09 GMT

GET
H2 200 234-1.png
radioearn.com/images/banner/ 3 KB
3 KB 149ms
40ms Image
image/png 167.86.126.136
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://radioearn.com/images/banner/234-1.png

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

167.86.126.136 Nuremberg, Germany, ASN51167 (CONTABO, DE),

Reverse DNS

h102.hubuhost.com

Software

nginx /

Resource Hash

6857bb5ee02c2c90dff470889c6bbd60cb4b5f5f3c619d54bf986a5094a20774

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
last-modified: Thu, 05 Nov 2020 01:45:25 GMT
server: nginx
etag: "5fa35935-a5e"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
accept-ranges: bytes
content-length: 2654
x-xss-protection: 1; mode=block

GET
H3 200 1113990 Show response
adhitzads.com/ 448 B
855 B 183ms
126ms Script
text/html 188.114.97.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://adhitzads.com/1113990
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc2a3a7c2b6137f14c3b182ce0f6552b50c47b6a08a7bbf18e75ae4d2f25c534

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNm5Yw7qzOV58nBIbu%2BT9ALmtlEXRz6blT4zaaYo6UU2uOjjnZvaKOKRT6AkNghS%2BlG%2FSsdTORKkKnB%2FXrO4v%2FXNRZeue6V89gcAnwFOKBdMqFLoHqWJFvmjEHMpdki5"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=3600, public
cf-ray: 6e7cbe438bf96967-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 06 Mar 2022 18:17:09 GMT

GET
H3 200 omega-banner-1316-x-400.gif
www.users.gobarberrj.com/ 590 KB
591 KB 119ms
119ms Image
image/gif 68.168.213.90
IS-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.users.gobarberrj.com/omega-banner-1316-x-400.gif
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 68.168.213.90 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2033-zfs-hostnode.is.cc
Software: LiteSpeed /
Resource Hash: 1f4923be0c1dc15fabb379df3786a298eff02be08132b8effe90ab5d9b8ecdf6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
last-modified: Sun, 06 Mar 2022 17:11:15 GMT
server: LiteSpeed
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 603957
expires: Sun, 13 Mar 2022 17:17:09 GMT

GET
H2 200 bnr.php Show response
uprimp.com/ 430 B
683 B 65ms
61ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=General&pub=634256&format=120x600&ga=g
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 15ae5a2ef95ab21937ed9b72eb3f2e33bb5ef1eb7f47f642472cbd5a39361d3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:09 GMT
last-modified: Sun, 06 Mar 2022 17:17:09 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Sun, 06 Mar 2022 17:17:09 GMT

GET
H2 200 1.js Show response
static.cbox.ws/embed/ 9 KB
5 KB 510ms
364ms Script
application/x-javascript 188.114.96.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cbox.ws/embed/1.js
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5550312bb8d6a298ba228642e403dacc8ca7c6d43a5ed00ada1e1659e7de707e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"58048592-1289"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FLBf65017q9riTNjhONv217fsnyosoH9ITq%2BTgKmFwSQ6WroASWC0j6isZXa1wl0Z%2FQT3JNDqogc1pjLGSlpYWHCPGnsFjRxqJwbFT023B1u01q5tSf67Chkp1yhw5DfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=315360000
cf-ray: 6e7cbe443ee19193-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 245ms
83ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/formoid-solid-blue.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 15:34:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 06 Mar 2022 17:17:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Mar 2022 17:17:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 218ms
69ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-113153126-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6136
date: Sun, 06 Mar 2022 15:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 06 Mar 2022 17:34:53 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 287 KB
82 KB 78ms
39ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0479e485199b6a878a0e5918f7338612

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

94313ef2c6f3c5bb43d9ca39d64dad1a7aecb6bc0b15cb68d712f92bd14e4f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.users.gobarberrj.com/
Origin: https://www.users.gobarberrj.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 4iiy8dsUihGLRDGhCC5BjQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 83578
x-fb-rlafr: 0
x-fb-debug: M5B/OzwEJ13o7M+qZMA+XVR35ghzIf7SEyCurybJFp83+LopDyVvdGCzRrjMelJzEGNIdmiEYqI+QsECzorxWw==
x-fb-content-md5: 39bc5e168ddf7d8a57bad07056aaee58
x-frame-options: DENY
date: Sun, 06 Mar 2022 17:17:09 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "11a551ed23dbacb8c8e7276a4537ac4a"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 06 Mar 2023 15:56:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 121ms
41ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=730601581213821&ev=fb_page_view&dl=https%3A%2F%2Fwww.users.gobarberrj.com%2F&rl=&if=false&ts=1646587029277&sw=1600&sh=1200&at=

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 06 Mar 2022 17:17:09 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 62ms
41ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=197603755137669&ev=fb_page_view&dl=https%3A%2F%2Fwww.users.gobarberrj.com%2F&rl=&if=false&ts=1646587029278&sw=1600&sh=1200&at=

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 06 Mar 2022 17:17:09 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 159ms
79ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=261795229&t=pageview&_s=1&dl=https%3A%2F%2Fwww.users.gobarberrj.com%2F&ul=en-us&de=UTF-8&dt=Home&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1266976399&gjid=768460499&cid=1114746622.1646587029&tid=UA-113153126-2&_gid=52780216.1646587029&_r=1&gtm=2ou320&z=955786780

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.users.gobarberrj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.users.gobarberrj.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show.php Show response
alternativeadvert.com/ 204 B
315 B 397ms
341ms Script
application/javascript 216.137.180.16
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://alternativeadvert.com/show.php?z=0&w=0&p=0&vwidth=0&vheight=0&window_w=1600&window_h=1200&pl=20490&ad_type=11&charset=0&top_space=0&shape=4&c_border=336699&c_background=ffffff&page_background=ffffff&c_text1=000000&c_text2=0000ff&c_text3=0000ff&c_text4=0000ff&c_text5=0&c_text6=0&c_text7=0&c_text8=0&c_text9=0&c_text10=0&j=1&code=1646587029860
Requested by: Host: alternativeadvert.com
URL: https://alternativeadvert.com/show.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.137.180.16 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: server.chinadirect.ng
Software: LiteSpeed /
Resource Hash: 7b90a4dc0654616860f5424f3ff522f33a749a21d2c4cc785232678885a71cb3

Request headers

Referer: https://www.users.gobarberrj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:10 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
content-length: 123
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-Q050 200 show_i.php Show response
alternativeadvert.com/ Frame 9E55 3 KB
1 KB 58ms
58ms Document
text/html 216.137.180.16
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://alternativeadvert.com/show_i.php?b=1105254902
Requested by: Host: alternativeadvert.com
URL: https://alternativeadvert.com/show.php?z=0&w=0&p=0&vwidth=0&vheight=0&window_w=1600&window_h=1200&pl=20490&ad_type=11&charset=0&top_space=0&shape=4&c_border=336699&c_background=ffffff&page_background=ffffff&c_text1=000000&c_text2=0000ff&c_text3=0000ff&c_text4=0000ff&c_text5=0&c_text6=0&c_text7=0&c_text8=0&c_text9=0&c_text10=0&j=1&code=1646587029860
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.137.180.16 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: server.chinadirect.ng
Software: LiteSpeed /
Resource Hash: add17215869d1f241665b96c938e603f3229591f32d31476c3b50c309c054f4a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 1406
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Mar 2022 17:17:10 GMT
server: LiteSpeed

GET
H2 200 bnr_xload.php Show response
uprimp.com/ Frame D031 1 KB
2 KB 146ms
146ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr_xload.php?section=General&pub=634256&format=160x600&ga=g&xt=164658702812635&xtt=7892804
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=634256&format=160x600&ga=g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 44faa2582dc22dda313509a2a3a39de738688d9d106843590fcada1f0054570d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

server: nginx
date: Sun, 06 Mar 2022 17:17:10 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 06 Mar 2022 17:17:10 GMT
last-modified: Sun, 06 Mar 2022 17:17:10 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H/1.1 200
OK 1506409 Show response
ad.a-ads.com/ Frame 23E9 8 KB
2 KB 175ms
68ms Document
text/html 78.46.33.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1506409?size=160x600

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

78.46.33.196 Quedlinburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.33.46.78.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

3cbb1b08e059af451816e51deb37d4c5d0c1e1e571a2a52d3bba52c08bb6f1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

Server: nginx
Date: Sun, 06 Mar 2022 17:17:10 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://www.users.gobarberrj.com/
Content-Encoding: gzip

GET
H2 400 /
p3.adhitzads.com/ 0
0 194ms
75ms Script
text/html 172.64.170.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/?z=1113988&p=554324784&l=https%3A//www.users.gobarberrj.com/&c=1
Requested by: Host: adhitzads.com
URL: https://adhitzads.com/1113988
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.170.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

Referer: https://www.users.gobarberrj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6xvjW%2F1sdyTGC3aMGOR0CfJDgCsRmJIdVlX3r7W8z8bZr7GHKDwtoLUVBXRZNqfa0SxecKaRoMDMba1VhRfUAcSxLUqLKpSafpFm%2FKP3nXneTpq6hs7kiHOySubyMtFiWMt"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 6e7cbe4c1dd55b3e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-Q050 200 ad_icon.png
alternativeadvert.com/images/ Frame 9E55 385 B
483 B 55ms
55ms Image
image/png 216.137.180.16
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alternativeadvert.com/images/ad_icon.png
Requested by: Host: alternativeadvert.com
URL: https://alternativeadvert.com/show_i.php?b=1105254902
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.137.180.16 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: server.chinadirect.ng
Software: LiteSpeed /
Resource Hash: c45cb48b60ad770f952454ba4f309d354f8820c203151a014dd21e50c13b1907

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alternativeadvert.com/show_i.php?b=1105254902
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
last-modified: Thu, 15 Oct 2020 09:23:14 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 385
expires: Sun, 13 Mar 2022 17:17:10 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 9E55 49 KB
20 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: alternativeadvert.com
URL: https://alternativeadvert.com/show_i.php?b=1105254902

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alternativeadvert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6137
date: Sun, 06 Mar 2022 15:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 06 Mar 2022 17:34:53 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ Frame 9E55 4 KB
2 KB 154ms
48ms Script
application/javascript 13.226.145.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: alternativeadvert.com
URL: https://alternativeadvert.com/show_i.php?b=1105254902
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-42.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alternativeadvert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 07:54:07 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 120184
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: nFNZdYGdQ5Kqd8B6OCBwuoi4ZTaRZliEu1MQQUbuvvfMzIqYUyCE3Q==

GET
H2 200 show.php Show response
uprimp.com/ Frame 9FAD 2 KB
2 KB 77ms
77ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/show.php?u80291646587030=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDcyNTUzNjVhZWNmMTc5NTA4OWExYjUxNGFkZWVkNTI=&u=634256&si=454289452&di=44066180&ci=16&h=3a3f63e9746a35dfe5d9edd0284acc60&cc=DE&https=1&useAf=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr_xload.php?section=General&pub=634256&format=160x600&ga=g&xt=164658702812635&xtt=7892804
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 686752d8559239701a6a29c7ce0174f8b0de9a1242c1db8766be70a3687ba153

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/bnr_xload.php?section=General&pub=634256&format=160x600&ga=g&xt=164658702812635&xtt=7892804

Response headers

server: nginx
date: Sun, 06 Mar 2022 17:17:10 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 06 Mar 2022 17:17:10 GMT
last-modified: Sun, 06 Mar 2022 17:17:10 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
DATA 200
OK truncated
/ Frame 23E9 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bnr_xload.php Show response
uprimp.com/ Frame F9FA 1 KB
2 KB 109ms
109ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr_xload.php?section=General&pub=634256&format=468x60&ga=g&xt=164658702852249&xtt=9402595
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=634256&format=468x60&ga=g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 5f9268401c963483b9d7fb2ec51b9de1328518ced42dd8759b71121513082063

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

server: nginx
date: Sun, 06 Mar 2022 17:17:10 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 06 Mar 2022 17:17:10 GMT
last-modified: Sun, 06 Mar 2022 17:17:10 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H3 200 RoadTo1ksubcountdown.php Show response
www.users.gobarberrj.com/ Frame 2A98 3 KB
1 KB 128ms
127ms Document
text/html 68.168.213.90
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.users.gobarberrj.com/RoadTo1ksubcountdown.php
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 68.168.213.90 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS: webhosting2033-zfs-hostnode.is.cc
Software: LiteSpeed /
Resource Hash: f3e6e0f2d06883cbfc58a30167b02d51697b65c29d07d75c8560b77765a555e8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

content-type: text/html; charset=UTF-8
content-length: 1145
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Mar 2022 17:17:10 GMT
server: LiteSpeed

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 128 KB
42 KB 173ms
60ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2b393bb3b10ebc669e26880f42307f502cc8a84ed0e0b873c4155de8b8639cbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 21:31:20 GMT
server: nginx
etag: W/"62194aa8-200be"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 07 Mar 2022 17:17:10 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
122 KB 278ms
88ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7492476dfa60f0146889b13e37c67fd1a70e42e6ddb017c0c08e25148fd8985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124424
x-xss-protection: 0
expires: Sun, 06 Mar 2022 17:17:10 GMT

GET
H/1.1 200
OK / Show response
ads.rekmob.com/m/props/ 296 B
610 B 346ms
49ms XHR
application/json 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rekmob.com/m/props/?regionId=549740
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: 7c01f3573230c0d3f96ed8633d8babd9eb2b4d13eba9df56b5e37be047f3e736

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 16:05:12 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: DE
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Code
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type,X-Code

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 83 KB
33 KB 175ms
89ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCM67V&l=rsdataLayer

Requested by

Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ada48455948f31f08a79c72f8e28d0b697f8be9ccde2aecde979b7b5c62bc286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33352
x-xss-protection: 0
last-modified: Sun, 06 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 06 Mar 2022 17:17:10 GMT

GET
H/1.1

200
OK

pix
ads.rekmob.com/retarget/
Redirect Chain

https://x.bidswitch.net/sync?ssp=reklamstore
https://x.bidswitch.net/ul_cb/sync?ssp=reklamstore
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=9d79b45c-0244-4847-8e61-11a097415db3
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=reklamstore&bsw_custom_parameter=9d79b45c-0244-4847-8e61-11a097415db3
https://x.bidswitch.net/sync?dsp_id=4&user_id=fcf4968c-6344-4ce0-8964-9272cdc25a3b&ssp=reklamstore&expires=30&user_group=5&bsw_param=9d79b45c-0244-4847-8e61-11a097415db3
https://ads.rekmob.com/retarget/pix?id=bs&cv=9d79b45c-0244-4847-8e61-11a097415db3&d=1

35 B
403 B

52ms
51ms

Image
image/gif

146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.rekmob.com/retarget/pix?id=bs&cv=9d79b45c-0244-4847-8e61-11a097415db3&d=1
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: HTTP/1.1
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 16:05:13 GMT
Server: nginx/1.9.6
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Location: //ads.rekmob.com/retarget/pix?id=bs&cv=9d79b45c-0244-4847-8e61-11a097415db3&d=1
Date: Sun, 06 Mar 2022 17:17:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 400 /
p3.adhitzads.com/ 0
0 189ms
128ms Script
text/html 172.64.170.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/?z=1113990&p=554324784&l=https%3A//www.users.gobarberrj.com/&c=2
Requested by: Host: adhitzads.com
URL: https://adhitzads.com/1113990
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.170.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

Referer: https://www.users.gobarberrj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYcd0zUU9XjqI0qovL533BXh%2FN1ELnvKe55trarLz40HHBP5%2BE1MitwdAjm1PNHgIaM9KaSMm%2FT5CqsenUCLIfH%2B2%2FiIRCgmH4%2Buf2QZS%2BVyT5MFAYtVtZCnthaETLS1qQue"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 6e7cbe4d29469b1c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203020101/ 291 KB
105 KB 191ms
106ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6369761270420377&plah=www.users.gobarberrj.com&bust=31065447

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cb72b47129fa2fb1fb59f8fc9f24be4d39abe98cb5f188bab7a78e78b3d5ccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107395
x-xss-protection: 0
server: cafe
etag: 15823422742364604483
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 06 Mar 2022 17:17:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/ Frame 2606 10 KB
5 KB 245ms
79ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 06 Mar 2022 04:18:02 GMT
expires: Sun, 20 Mar 2022 04:18:02 GMT
cache-control: public, max-age=1209600
age: 46748
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
xe9o.xyz/87d1c6c507/4f9c843bb0/ Frame 9FAD 1 KB
954 B 219ms
68ms Script
application/javascript 185.66.201.58
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://xe9o.xyz/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCGjrijACxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_17575&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u80291646587030=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDcyNTUzNjVhZWNmMTc5NTA4OWExYjUxNGFkZWVkNTI=&u=634256&si=454289452&di=44066180&ci=16&h=3a3f63e9746a35dfe5d9edd0284acc60&cc=DE&https=1&useAf=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.58 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.58.skhosting.eu
Software: nginx /
Resource Hash: 431e6d166d9e0ec87e8211a635d07f2be01a8677e826f5c896ef51f6085a7232

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:10 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_le6kgi.png
ylx-i.advertica-cdn2.com/aff/ Frame 9FAD 34 KB
34 KB 300ms
133ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_le6kgi.png?1480419362
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u80291646587030=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDcyNTUzNjVhZWNmMTc5NTA4OWExYjUxNGFkZWVkNTI=&u=634256&si=454289452&di=44066180&ci=16&h=3a3f63e9746a35dfe5d9edd0284acc60&cc=DE&https=1&useAf=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: c0b786773b8199074400ae53a7d18d0af81359e240a51e69c9e97482e7281b76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:36:02 GMT
server: nginx
etag: W/"583d6822-8610"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Tue, 05 Apr 2022 17:17:10 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame 9FAD 2 KB
1 KB 354ms
197ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u80291646587030=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDcyNTUzNjVhZWNmMTc5NTA4OWExYjUxNGFkZWVkNTI=&u=634256&si=454289452&di=44066180&ci=16&h=3a3f63e9746a35dfe5d9edd0284acc60&cc=DE&https=1&useAf=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Tue, 05 Apr 2022 17:17:10 GMT

GET
H2 200 /
uprimp.com/trk/ Frame 9FAD 43 B
268 B 76ms
76ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uprimp.com/trk/?3a3f63e9746a35dfe5d9edd0284acc60
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u80291646587030=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDcyNTUzNjVhZWNmMTc5NTA4OWExYjUxNGFkZWVkNTI=&u=634256&si=454289452&di=44066180&ci=16&h=3a3f63e9746a35dfe5d9edd0284acc60&cc=DE&https=1&useAf=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/show.php?u80291646587030=true&ad=673873&f=160x600&a=781385&cri=0&s=ZDcyNTUzNjVhZWNmMTc5NTA4OWExYjUxNGFkZWVkNTI=&u=634256&si=454289452&di=44066180&ci=16&h=3a3f63e9746a35dfe5d9edd0284acc60&cc=DE&https=1&useAf=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:10 GMT
last-modified: Sun, 06 Mar 2022 17:17:10 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ Frame 9E55 43 B
552 B 162ms
48ms Image
image/gif 13.226.145.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=600&frame_width=120&iframe=1&title=&time=1646587030586&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Fwww.users.gobarberrj.com%2F&host_url=https%3A%2F%2Falternativeadvert.com%2Fshow_i.php%3Fb%3D1105254902&random_number=19664956736&sess_cookie=cf70521017f603c2c3a990ed241&sess_cookie_flag=1&user_cookie=cf70521017f603c2c3a990ed241&user_cookie_flag=1&dynamic=true&domain=alternativeadvert.com&account=1kXHp1IWh910cv&jsv=20130128&user_lang=en-US
Requested by: Host: alternativeadvert.com
URL: https://alternativeadvert.com/show_i.php?b=1105254902
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-27.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alternativeadvert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 03:35:15 GMT
Via: 1.1 0406d08716a9781a5c19ff86db2debd2.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 49315
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: DUS51-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: RPR_UBoqo_DCSDuL4FE5D5QYYYzno6dCXS3PQ28CenmIpMq0IXtpsQ==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame 9E55 0
48 B 450ms
141ms Image
text/plain 18.189.5.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: alternativeadvert.com
URL: https://alternativeadvert.com/show_i.php?b=1105254902
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.189.5.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-5-176.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alternativeadvert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
server: Server

GET
H2 200 show.php Show response
uprimp.com/ Frame 0EA0 2 KB
2 KB 77ms
77ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/show.php?u10361646587030=true&ad=673873&f=468x60&a=827929&cri=0&s=NTc5MmYxZTkxMjFkMzlhNTRlMzIwZmYzZTFjMTQ1ZjU=&u=634256&si=454289452&di=44066180&ci=16&h=fcd83a927266ac89d9498dace8f48d78&cc=DE&https=1&useAf=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr_xload.php?section=General&pub=634256&format=468x60&ga=g&xt=164658702852249&xtt=9402595
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 79a877efe8b734108e34f43876590d9c6887c6dd740edfd218ef8ef9cce87b65

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/bnr_xload.php?section=General&pub=634256&format=468x60&ga=g&xt=164658702852249&xtt=9402595

Response headers

server: nginx
date: Sun, 06 Mar 2022 17:17:10 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 06 Mar 2022 17:17:10 GMT
last-modified: Sun, 06 Mar 2022 17:17:10 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H/1.1 200
OK 1525939 Show response
ad.a-ads.com/ Frame 59BD 6 KB
2 KB 59ms
58ms Document
text/html 78.46.33.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1525939?size=320x50

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

78.46.33.196 Quedlinburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.33.46.78.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

1cdb6311b1838e949bfd34e7501c32c840cbff73ca521081d1944e1dfc44b9b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

Server: nginx
Date: Sun, 06 Mar 2022 17:17:10 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://www.users.gobarberrj.com/
Content-Encoding: gzip

GET
H3-Q050 200 show.php Show response
alternativeadvert.com/ 204 B
215 B 79ms
78ms Script
application/javascript 216.137.180.16
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://alternativeadvert.com/show.php?z=0&w=0&p=0&vwidth=0&vheight=0&window_w=1600&window_h=1200&pl=20489&ad_type=11&charset=0&top_space=0&shape=4&c_border=336699&c_background=ffffff&page_background=ffffff&c_text1=000000&c_text2=0000ff&c_text3=0000ff&c_text4=0000ff&c_text5=0&c_text6=0&c_text7=0&c_text8=0&c_text9=0&c_text10=0&j=1&code=1646587030681
Requested by: Host: alternativeadvert.com
URL: https://alternativeadvert.com/show.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.137.180.16 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: server.chinadirect.ng
Software: LiteSpeed /
Resource Hash: be4c96d81131c0b1b440d2b7cb4c86f78088b9db1ee63738cfaf2826cb78558d

Request headers

Referer: https://www.users.gobarberrj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate
content-length: 124
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 / Show response
xe9o.xyz/b180228ef7/bd74f6fd55/ Frame 0EA0 1 KB
952 B 80ms
69ms Script
application/javascript 185.66.201.58
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://xe9o.xyz/b180228ef7/bd74f6fd55/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCjZGkZkCxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_86046&adApiR=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&adApiR=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=468&height=60&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u10361646587030=true&ad=673873&f=468x60&a=827929&cri=0&s=NTc5MmYxZTkxMjFkMzlhNTRlMzIwZmYzZTFjMTQ1ZjU=&u=634256&si=454289452&di=44066180&ci=16&h=fcd83a927266ac89d9498dace8f48d78&cc=DE&https=1&useAf=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.58 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.58.skhosting.eu
Software: nginx /
Resource Hash: 5992d721f6122553c15bb47fd4da430a21a7a21225670f41ee4bbb8d71e138ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:10 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_5l0n01.png
ylx-i.advertica-cdn2.com/aff/ Frame 0EA0 13 KB
13 KB 222ms
195ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_5l0n01.png?1480419355
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u10361646587030=true&ad=673873&f=468x60&a=827929&cri=0&s=NTc5MmYxZTkxMjFkMzlhNTRlMzIwZmYzZTFjMTQ1ZjU=&u=634256&si=454289452&di=44066180&ci=16&h=fcd83a927266ac89d9498dace8f48d78&cc=DE&https=1&useAf=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: b24c7b4cf1071852c9c17938be9ca02f4e52d0be9f18839aa8e9a6f11183e195

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:35:55 GMT
server: nginx
etag: W/"583d681b-333f"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Tue, 05 Apr 2022 17:17:10 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame 0EA0 2 KB
1 KB 221ms
197ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u10361646587030=true&ad=673873&f=468x60&a=827929&cri=0&s=NTc5MmYxZTkxMjFkMzlhNTRlMzIwZmYzZTFjMTQ1ZjU=&u=634256&si=454289452&di=44066180&ci=16&h=fcd83a927266ac89d9498dace8f48d78&cc=DE&https=1&useAf=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Tue, 05 Apr 2022 17:17:10 GMT

GET
H2 200 /
uprimp.com/trk/ Frame 0EA0 43 B
268 B 87ms
87ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uprimp.com/trk/?fcd83a927266ac89d9498dace8f48d78
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u10361646587030=true&ad=673873&f=468x60&a=827929&cri=0&s=NTc5MmYxZTkxMjFkMzlhNTRlMzIwZmYzZTFjMTQ1ZjU=&u=634256&si=454289452&di=44066180&ci=16&h=fcd83a927266ac89d9498dace8f48d78&cc=DE&https=1&useAf=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/show.php?u10361646587030=true&ad=673873&f=468x60&a=827929&cri=0&s=NTc5MmYxZTkxMjFkMzlhNTRlMzIwZmYzZTFjMTQ1ZjU=&u=634256&si=454289452&di=44066180&ci=16&h=fcd83a927266ac89d9498dace8f48d78&cc=DE&https=1&useAf=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:10 GMT
last-modified: Sun, 06 Mar 2022 17:17:10 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
DATA 200
OK truncated
/ Frame 59BD 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 show_i.php Show response
alternativeadvert.com/ Frame EB0E 4 KB
2 KB 55ms
55ms Document
text/html 216.137.180.16
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://alternativeadvert.com/show_i.php?b=1105254903
Requested by: Host: alternativeadvert.com
URL: https://alternativeadvert.com/show.php?z=0&w=0&p=0&vwidth=0&vheight=0&window_w=1600&window_h=1200&pl=20489&ad_type=11&charset=0&top_space=0&shape=4&c_border=336699&c_background=ffffff&page_background=ffffff&c_text1=000000&c_text2=0000ff&c_text3=0000ff&c_text4=0000ff&c_text5=0&c_text6=0&c_text7=0&c_text8=0&c_text9=0&c_text10=0&j=1&code=1646587030681
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.137.180.16 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: server.chinadirect.ng
Software: LiteSpeed /
Resource Hash: 86a4828ddf8912b9c0fbbec0c2b2f35b07e3bffb81de9005f4d95eeed10f8dec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 1502
content-encoding: br
vary: Accept-Encoding
date: Sun, 06 Mar 2022 17:17:11 GMT
server: LiteSpeed

GET
H2 200 bnr_xload.php Show response
uprimp.com/ Frame 7246 1 KB
2 KB 106ms
106ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr_xload.php?section=General&pub=634256&format=120x600&ga=g&xt=164658702931673&xtt=9829646
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=634256&format=120x600&ga=g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 6f9be47c5dbd1d3fc9da57efaa61bdfbeeee81a3ff0610d40e7c478e6a9585b8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

server: nginx
date: Sun, 06 Mar 2022 17:17:10 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 06 Mar 2022 17:17:10 GMT
last-modified: Sun, 06 Mar 2022 17:17:10 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H3 400 /
p3.adhitzads.com/ 0
0 109ms
108ms Script
text/html 172.64.170.11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p3.adhitzads.com/?z=1113988&p=554324784&l=https%3A//www.users.gobarberrj.com/&c=3
Requested by: Host: adhitzads.com
URL: https://adhitzads.com/1113988
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.170.11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash

Request headers

Referer: https://www.users.gobarberrj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEq5V0Vi2tkX1%2BiN9lkBoRY7zgm9TSHtZqboFhOb0SjVvx%2FdG58fnNgJ5YGkVDDGMWTVX28bY2JwJDAx%2BY5cdxCPtOh398c2pEb0ZSEjSFXc4NDzObmZezpUuFZgt1bambxO"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 6e7cbe4e9ca99b1c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
xe9o.xyz/87d1c6c507/4f9c843bb0/ Frame 38E0 25 KB
4 KB 74ms
74ms Document
text/html 185.66.201.58
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://xe9o.xyz/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCGjrijACxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_17575&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=601547173405&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Requested by: Host: xe9o.xyz
URL: https://xe9o.xyz/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCGjrijACxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_17575&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.58 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.58.skhosting.eu
Software: nginx /
Resource Hash: 5a31b7f81e62c786475de1427532f84c85c30b71b83e0c88feba6ce68ffeb85c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/

Response headers

server: nginx
date: Sun, 06 Mar 2022 17:17:10 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br

GET
H2 200 / Show response
xe9o.xyz/b180228ef7/bd74f6fd55/ Frame 94D8 30 KB
4 KB 74ms
74ms Document
text/html 185.66.201.58
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://xe9o.xyz/b180228ef7/bd74f6fd55/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCjZGkZkCxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_86046&adApiR=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&adApiR=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=468&height=60&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=1567566648766&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Requested by: Host: xe9o.xyz
URL: https://xe9o.xyz/b180228ef7/bd74f6fd55/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCjZGkZkCxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_86046&adApiR=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&adApiR=loaded_string_59210599232968e17aafe8a20a937736a604d_2667667_1646587030.5337_6521&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=468&height=60&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.58 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.58.skhosting.eu
Software: nginx /
Resource Hash: 817c7bfa636487e7881a3981354309e81e662fbaec22497e24e25e8797f43488

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/

Response headers

server: nginx
date: Sun, 06 Mar 2022 17:17:10 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br

GET
H/1.1 200
OK init.js Show response
bank.reklamstore.com/ 125 KB
28 KB 226ms
90ms Script
application/javascript 138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/init.js?v1
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: 95e69938c2784591c8057f4094a979a152856ae64abeceae9a55ef75c15ca7ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 17:11:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Jan 2018 13:16:00 GMT
Server: nginx/1.14.0
Etag: eccbc87e4b5ce2fe28308fd9f2a7baf3
Vary: Accept-Encoding
P3P: policyref="http://bank.reklamstore.com/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.39.102:80
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 27843
Expires: Sun, 06 Mar 2022 18:17:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v2/ 50 B
753 B 133ms
42ms XHR
application/json 37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v2/prebid

Requested by

Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.users.gobarberrj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 06 Mar 2022 17:17:10 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bf34abe9-160f-49a1-8390-536c6f76517a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.users.gobarberrj.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK adp Show response
ads.rekmob.com/m/ 4 KB
2 KB 220ms
73ms Script
text/plain 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rekmob.com/m/adp?uid=b6ad3026cbf440849e950ded4e8124b2&ufid=R1Y7VZIKEYA13CQjTVUo&mobile_web=1&dt=3&as=0&os=3&jsonp=1&callback=rmb__R1Y7VZIKEYA13CQjTVUo&ref=www.users.gobarberrj.com&_=1646587030826&crtg=-1
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: f7ea557c5ed871b8bbf621829ce5b9447ef55d0f4729b860806feb63de7369bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 16:05:12 GMT
Content-Encoding: gzip
Server: nginx/1.9.6
X-Code: DE
Vary: Accept-Encoding
Content-Type: text/plain;charset=ISO-8859-1
Transfer-Encoding: chunked
Connection: keep-alive

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
225 B 161ms
51ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=208&cb=3547572632

Requested by

Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.users.gobarberrj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://www.users.gobarberrj.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 / Show response
prebid-eu.creativecdn.com/bidder/prebid/bids/ 0
186 B 158ms
52ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids/
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.users.gobarberrj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.users.gobarberrj.com
date: Sun, 06 Mar 2022 17:17:10 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H3-Q050 200 ad_icon.png
alternativeadvert.com/images/ Frame EB0E 385 B
427 B 53ms
52ms Image
image/png 216.137.180.16
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alternativeadvert.com/images/ad_icon.png
Requested by: Host: alternativeadvert.com
URL: https://alternativeadvert.com/show_i.php?b=1105254903
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.137.180.16 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: server.chinadirect.ng
Software: LiteSpeed /
Resource Hash: c45cb48b60ad770f952454ba4f309d354f8820c203151a014dd21e50c13b1907

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alternativeadvert.com/show_i.php?b=1105254903
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
last-modified: Thu, 15 Oct 2020 09:23:14 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 385
expires: Sun, 13 Mar 2022 17:17:11 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame EB0E 49 KB
20 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: alternativeadvert.com
URL: https://alternativeadvert.com/show_i.php?b=1105254903

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alternativeadvert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6137
date: Sun, 06 Mar 2022 15:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 06 Mar 2022 17:34:53 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ Frame EB0E 4 KB
2 KB 44ms
44ms Script
application/javascript 13.226.145.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: alternativeadvert.com
URL: https://alternativeadvert.com/show_i.php?b=1105254903
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-42.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alternativeadvert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 07:54:07 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 120184
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: 3NldWKJZTZPJGYjeAVXu2CPKPC8qBfB2lQmwX61GNqx5AoLpe7wm0g==

GET
H3-Q050 200 7339-1-1626532700.jpg
alternativeadvert.com/banners/ Frame EB0E 25 KB
25 KB 53ms
53ms Image
image/jpeg 216.137.180.16
A2HOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alternativeadvert.com/banners/7339-1-1626532700.jpg
Requested by: Host: alternativeadvert.com
URL: https://alternativeadvert.com/show_i.php?b=1105254903
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.137.180.16 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS: server.chinadirect.ng
Software: LiteSpeed /
Resource Hash: d6af6f8200da0892c42a36664106a02cd4e0c54c6a945ea8bae8585b65c34a66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alternativeadvert.com/show_i.php?b=1105254903
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
last-modified: Sat, 17 Jul 2021 13:38:20 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25830
expires: Sun, 13 Mar 2022 17:17:11 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
647 B 250ms
81ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.users.gobarberrj.com&callback=_gfp_s_&client=ca-pub-6369761270420377

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203020101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6369761270420377&plah=www.users.gobarberrj.com&bust=31065447

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

90609b534e01cdfdc36da743da94cc2a5a90e40d477834b922b4d48be2915491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 252ms
84ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.users.gobarberrj.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 238ms
84ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.users.gobarberrj.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 400 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D84F 603 B
67 B 193ms
111ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6369761270420377&output=html&h=280&slotname=4795453260&adk=919501952&adf=388061927&pi=t.ma~as.4795453260&w=521&fwrn=4&fwrnh=100&lmt=1646587030&rafmt=1&psa=0&format=521x280&url=https%3A%2F%2Fwww.users.gobarberrj.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587030500&bpp=7&bdt=1964&idt=351&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&correlator=7190239215996&frm=20&pv=2&ga_vid=1114746622.1646587029&ga_sid=1646587031&ga_hid=261795229&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=540&ady=2217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31065370%2C31065447%2C44756896%2C44758229%2C31064018&oid=2&pvsid=1932998923098326&pem=20&tmod=1204429948&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=CEA8rkVIn9&p=https%3A//www.users.gobarberrj.com&dtd=364

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 06 Mar 2022 17:17:11 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 1506408 Show response
ad.a-ads.com/ Frame 1650 7 KB
2 KB 63ms
63ms Document
text/html 78.46.33.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1506408?size=120x600

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

78.46.33.196 Quedlinburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.33.46.78.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

9874d4c8010a0e32cb8f9eed0e642b2cfdc6e41508fe6a11fadef5da10c89f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

Server: nginx
Date: Sun, 06 Mar 2022 17:17:10 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://www.users.gobarberrj.com/
Content-Encoding: gzip

GET
H/1.1 200
OK 1506408 Show response
ad.a-ads.com/ Frame 8AC2 7 KB
2 KB 128ms
64ms Document
text/html 78.46.33.196
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1506408?size=120x600

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

78.46.33.196 Quedlinburg, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.196.33.46.78.clients.your-server.de

Software

nginx / Phusion Passenger(R)

Resource Hash

bcf18a2ea356761f236ddfc75a09cb76de557b099649609105497e31c8470365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

Server: nginx
Date: Sun, 06 Mar 2022 17:17:11 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://www.users.gobarberrj.com/
Content-Encoding: gzip

GET
H2 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 174ms
62ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e71d08f626e0c80269671eb376ca9d6741dd81ca6caa5451063f0f2bc9b5c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3718
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Jan 2022 08:47:47 GMT
server: cloudflare
etag: W/"61e67eb3-1ebe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=86400
access-control-allow-credentials: false
cf-ray: 6e7cbe500dad9090-FRA
access-control-allow-headers: Content-Type, Origin
expires: Mon, 07 Mar 2022 17:17:11 GMT

GET
H2 200 8BBF619A.jpg
xe9o.xyz/87d1c6c507/4f9c843bb0/ Frame 38E0 2 KB
2 KB 72ms
71ms Image
application/javascript 185.66.201.58
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xe9o.xyz/87d1c6c507/4f9c843bb0/8BBF619A.jpg
Requested by: Host: xe9o.xyz
URL: https://xe9o.xyz/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCGjrijACxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_17575&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=601547173405&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.58 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.58.skhosting.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xe9o.xyz/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCGjrijACxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_17575&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=601547173405&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:10 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 BC211697.jpg
xe9o.xyz/87d1c6c507/4f9c843bb0/ Frame 38E0 2 KB
2 KB 72ms
72ms Image
application/javascript 185.66.201.58
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xe9o.xyz/87d1c6c507/4f9c843bb0/BC211697.jpg
Requested by: Host: xe9o.xyz
URL: https://xe9o.xyz/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCGjrijACxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_17575&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=601547173405&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.58 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.58.skhosting.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://xe9o.xyz/87d1c6c507/4f9c843bb0/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCGjrijACxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_17575&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&capSettings=dXByaW1wLmNvbXwyNTAwMHwyNHw1MzY3MQ==&adApiR=loaded_string_30228599232968e17aafe8a20a937736a604d_2667667_1646587030.3726_95059&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=160&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=601547173405&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:10 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ Frame EB0E 0
47 B 143ms
142ms Image
text/plain 18.189.5.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.189.5.176 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-5-176.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alternativeadvert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:10 GMT
server: Server

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ Frame EB0E 43 B
552 B 46ms
46ms Image
image/gif 13.226.145.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=600&frame_width=120&iframe=1&title=&time=1646587030909&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Fwww.users.gobarberrj.com%2F&host_url=https%3A%2F%2Falternativeadvert.com%2Fshow_i.php%3Fb%3D1105254903&random_number=12149791065&sess_cookie=950c571917f603c2d7dfb6b78cc&sess_cookie_flag=1&user_cookie=950c571917f603c2d7dfb6b78cc&user_cookie_flag=1&dynamic=true&domain=alternativeadvert.com&account=1kXHp1IWh910cv&jsv=20130128&user_lang=en-US
Requested by: Host: alternativeadvert.com
URL: https://alternativeadvert.com/show_i.php?b=1105254903
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-27.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://alternativeadvert.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 03:35:15 GMT
Via: 1.1 0406d08716a9781a5c19ff86db2debd2.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 49315
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: DUS51-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: O6Cx6xVSAF2dkOPOrYyRNG5COQErWqC_Y9tzwek1cs-iEf2ACceazA==

GET
H2 200 show.php Show response
uprimp.com/ Frame 1EF5 2 KB
2 KB 74ms
73ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/show.php?u28001646587030=true&ad=673873&f=120x600&a=491342&cri=0&s=NDIzZjJmYjYxN2RlNzQ5MWU4OTBjOWFhMTMxNjNiOGQ=&u=634256&si=454289452&di=44066180&ci=16&h=3e5a2c84f0feeffc35ca3f043319a5f4&cc=DE&https=1&useAf=loaded_string_44848599232968e17aafe8a20a937736a604d_2558403_1646587030.8546_27506&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr_xload.php?section=General&pub=634256&format=120x600&ga=g&xt=164658702931673&xtt=9829646
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: c8c08689413542637990368e0a13b61ee5e3aeaa6635c2d5ef0f30be7acd073c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/bnr_xload.php?section=General&pub=634256&format=120x600&ga=g&xt=164658702931673&xtt=9829646

Response headers

server: nginx
date: Sun, 06 Mar 2022 17:17:10 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 06 Mar 2022 17:17:10 GMT
last-modified: Sun, 06 Mar 2022 17:17:10 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H2 200 / Show response
www5.cbox.ws/box/ Frame A3FD 8 KB
3 KB 269ms
84ms Document
text/html 94.130.39.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.cbox.ws/box/?boxid=913451&boxtag=APTpYR&sec=main
Requested by: Host: static.cbox.ws
URL: https://static.cbox.ws/embed/1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.39.102 Heilbronn, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mx3.cbox.ws
Software: nginx /
Resource Hash: 0e9a271186c09aaa5c7d7fd34398822b17d6dd3d9828a2c4ced07dc44a6d6d09

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

server: nginx
date: Sun, 06 Mar 2022 17:17:11 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR NID CURa OUR NOR"
cache-control: public, max-age=60
last-modified: Sun, 06 Mar 2022 17:16:28 GMT
x-cache: HIT
content-encoding: gzip

GET
H3 200 share_button.php Show response
www.facebook.com/v9.0/plugins/ Frame 504C 42 KB
13 KB 205ms
161ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v9.0/plugins/share_button.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1524b5b0f03d7c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&layout=button&locale=en_US&sdk=joey&size=large

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0479e485199b6a878a0e5918f7338612

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1bad79e624c692809dacfa82e89e91e1f2fb6387902bad4e12d6ebf7cc963301

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v9.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: uvi83N3zQeGeE2dFCR4EJA2LyKmQSnLH0TkKxd2Mi2G9IY83AT+Ly7yY4XKCST0v6Snzzy5f/eKin3+Ax/X9Mw==
date: Sun, 06 Mar 2022 17:17:11 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame 271A
Redirect Chain

https://www.facebook.com/v9.0/plugins/comments.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dw...
https://www.facebook.com/plugins/comments.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.us...
https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.us...

152 KB
34 KB

394ms
394ms

Document
text/html

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0479e485199b6a878a0e5918f7338612

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f745615864637dec109b8df3fb6707fef8c2f1e6eed5b8bcd4535f2a055d9819

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: uFyp9UzNN03sJdZLDb5gfNM9zEkVSM3BFUmN7j5vjxX4O7cNUAU//0BuxiVP1RCLkZSIsBKCWQ8DE2RTCC24RQ==
date: Sun, 06 Mar 2022 17:17:11 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 0z6dY4fKgAoThybh+O3HSQRZZ9K1fKN1fXTXAq89rCCvtNmgJGTa0g+cOC9zOeQfa+JH8Go+jxhFM8w5R9yTIQ==
content-length: 0
date: Sun, 06 Mar 2022 17:17:11 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 105ms
104ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.users.gobarberrj.com%2F&tn=DIV&cls=CboxButton&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F083 0
19 B 84ms
84ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6369761270420377&output=html&adk=1812271804&adf=3025194257&lmt=1646587030&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.users.gobarberrj.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587030935&bpp=1&bdt=2399&idt=1&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&prev_fmts=521x280&nras=1&correlator=7190239215996&frm=20&pv=1&ga_vid=1114746622.1646587029&ga_sid=1646587031&ga_hid=261795229&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31065370%2C31065447%2C44756896%2C44758229%2C31064018&oid=2&pvsid=1932998923098326&pem=20&tmod=1204429948&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 06 Mar 2022 17:17:10 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 06 Mar 2022 17:17:10 GMT
cache-control: private

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E076 13 KB
5 KB 162ms
55ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.users.gobarberrj.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2518
date: Sun, 06 Mar 2022 17:17:10 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H2 200 / Show response
xe9o.xyz/1ccf616e0b/c3706a2c96/ Frame 1EF5 1 KB
913 B 65ms
65ms Script
application/javascript 185.66.201.58
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://xe9o.xyz/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCpkripZCxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_52817&adApiR=loaded_string_44848599232968e17aafe8a20a937736a604d_2558403_1646587030.8546_27506&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=120&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u28001646587030=true&ad=673873&f=120x600&a=491342&cri=0&s=NDIzZjJmYjYxN2RlNzQ5MWU4OTBjOWFhMTMxNjNiOGQ=&u=634256&si=454289452&di=44066180&ci=16&h=3e5a2c84f0feeffc35ca3f043319a5f4&cc=DE&https=1&useAf=loaded_string_44848599232968e17aafe8a20a937736a604d_2558403_1646587030.8546_27506&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.58 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.58.skhosting.eu
Software: nginx /
Resource Hash: cd563f93983d5d448d7757bc63eff246ee86c209eeda0dffbf154bb324115599

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex,nofollow
expires: Sun, 01 Jan 2014 00:00:00 GMT

GET
H2 200 pub_93xzfo.png
ylx-i.advertica-cdn2.com/aff/ Frame 1EF5 25 KB
25 KB 67ms
66ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/aff/pub_93xzfo.png?1480419357
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u28001646587030=true&ad=673873&f=120x600&a=491342&cri=0&s=NDIzZjJmYjYxN2RlNzQ5MWU4OTBjOWFhMTMxNjNiOGQ=&u=634256&si=454289452&di=44066180&ci=16&h=3e5a2c84f0feeffc35ca3f043319a5f4&cc=DE&https=1&useAf=loaded_string_44848599232968e17aafe8a20a937736a604d_2558403_1646587030.8546_27506&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 2e3bde453441d9f45ecd50d01b2c733966873025911722e720fcdd577d6e4479

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2016 11:35:57 GMT
server: nginx
etag: W/"583d681d-6389"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Tue, 05 Apr 2022 17:17:11 GMT

GET
H2 200 logo_n_small.png
ylx-i.advertica-cdn2.com/ Frame 1EF5 2 KB
1 KB 66ms
66ms Image
image/png 185.66.200.127
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u28001646587030=true&ad=673873&f=120x600&a=491342&cri=0&s=NDIzZjJmYjYxN2RlNzQ5MWU4OTBjOWFhMTMxNjNiOGQ=&u=634256&si=454289452&di=44066180&ci=16&h=3e5a2c84f0feeffc35ca3f043319a5f4&cc=DE&https=1&useAf=loaded_string_44848599232968e17aafe8a20a937736a604d_2558403_1646587030.8546_27506&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.127 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.127.skhosting.eu
Software: nginx /
Resource Hash: 6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
server: nginx
etag: W/"58409a4a-631"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-server: cdnbts
expires: Tue, 05 Apr 2022 17:17:11 GMT

GET
H2 200 /
uprimp.com/trk/ Frame 1EF5 43 B
268 B 71ms
70ms Image
image/gif 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uprimp.com/trk/?3e5a2c84f0feeffc35ca3f043319a5f4
Requested by: Host: uprimp.com
URL: https://uprimp.com/show.php?u28001646587030=true&ad=673873&f=120x600&a=491342&cri=0&s=NDIzZjJmYjYxN2RlNzQ5MWU4OTBjOWFhMTMxNjNiOGQ=&u=634256&si=454289452&di=44066180&ci=16&h=3e5a2c84f0feeffc35ca3f043319a5f4&cc=DE&https=1&useAf=loaded_string_44848599232968e17aafe8a20a937736a604d_2558403_1646587030.8546_27506&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/show.php?u28001646587030=true&ad=673873&f=120x600&a=491342&cri=0&s=NDIzZjJmYjYxN2RlNzQ5MWU4OTBjOWFhMTMxNjNiOGQ=&u=634256&si=454289452&di=44066180&ci=16&h=3e5a2c84f0feeffc35ca3f043319a5f4&cc=DE&https=1&useAf=loaded_string_44848599232968e17aafe8a20a937736a604d_2558403_1646587030.8546_27506&ar=aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:11 GMT
last-modified: Sun, 06 Mar 2022 17:17:11 GMT
server: nginx
cache-directive: no-cache
content-type: image/gif
cache-control: public, no-cache
pragma-directive: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
content-length: 43
expires: 0

GET
DATA 200
OK truncated
/ Frame 1650 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rs.js Show response
bank.reklamstore.com/
Redirect Chain

https://iq.reklamselfie.com/585ce73218044
https://bank.reklamstore.com/rs.js

24 B
378 B

51ms
44ms

Script
application/javascript

138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/rs.js
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: HTTP/1.1
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: 9f49609d94cf82f3d089ddd83d5895d4048236deee85dc7cfc9853735f36a0f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 17:11:03 GMT
Last-Modified: Tue, 21 Feb 2017 07:13:43 GMT
Server: nginx/1.14.0
ETag: "18-549051ec0ae13"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24

Redirect headers

Location: https://bank.reklamstore.com/rs.js
Date: Sun, 06 Mar 2022 17:16:38 GMT
Server: openresty/1.11.2.2
Connection: keep-alive
Content-Length: 167
Content-Type: text/html

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 1 KB
2 KB 185ms
47ms Script
text/plain 3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=6224ec96f0fab
Requested by: Host: bank.reklamstore.com
URL: https://bank.reklamstore.com/init.js?v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: eca9652bd84e574c9c47f5e7054e0b7f4af970d31111fa85a88068f4c53f222c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 17:17:11 GMT
Content-Length: 1208
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

anx.php Show response
bank.reklamstore.com/
Redirect Chain

https://ib.adnxs.com/getuid?https://bank.reklamstore.com/anx.php?uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbank.reklamstore.com%2Fanx.php%3Fuid%3D%24UID
https://bank.reklamstore.com/anx.php?uid=7013630141775087107

41 B
440 B

46ms
45ms

Script
text/javascript

138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/anx.php?uid=7013630141775087107
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: HTTP/1.1
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: 655a093aca97709cf22755eed2a846475b505ac8bfabe31d2e4455b8bbf09f55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 17:11:03 GMT
Server: nginx/1.14.0
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.39.102:80
Connection: keep-alive
Content-Length: 41

Redirect headers

Pragma: no-cache
Date: Sun, 06 Mar 2022 17:17:11 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 34606dac-c779-4fd4-83b5-fcf86f29f51e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://bank.reklamstore.com/anx.php?uid=7013630141775087107
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

adx.php Show response
bank.reklamstore.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=reklam_store&google_cm
https://bank.reklamstore.com/adx.php?google_gid=CAESEC0yHvOP6pmLDcyejHkpvUo&google_cver=1

49 B
454 B

46ms
45ms

Script
text/javascript

138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/adx.php?google_gid=CAESEC0yHvOP6pmLDcyejHkpvUo&google_cver=1
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: HTTP/1.1
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: 2fdddfa7ce636a3b2624106d4d6d2e14c8267e8473b944882d13d915cf08843e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 17:11:04 GMT
Server: nginx/1.14.0
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.15.5:80
Connection: keep-alive
Content-Length: 49

Redirect headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://bank.reklamstore.com/adx.php?google_gid=CAESEC0yHvOP6pmLDcyejHkpvUo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

adform.php Show response
bank.reklamstore.com/
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1068
https://dmp.adform.net/serving/cookie/match?CC=1&party=1068
https://bank.reklamstore.com/adform.php?uid=7905369500523989728

41 B
440 B

47ms
46ms

Script
text/javascript

138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/adform.php?uid=7905369500523989728
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: HTTP/1.1
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: d0cf2d66eac71dca1b844d85e94caece64301a0f8238a493b46e3d0b10243a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 17:11:04 GMT
Server: nginx/1.14.0
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.39.102:80
Connection: keep-alive
Content-Length: 41

Redirect headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:11 GMT
server: nginx
location: https://bank.reklamstore.com/adform.php?uid=7905369500523989728
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12475/ 2 KB
2 KB 282ms
71ms Script
application/javascript 52.210.129.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12475/px.js
Requested by: Host: bank.reklamstore.com
URL: https://bank.reklamstore.com/init.js?v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.129.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-129-48.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b6bf35f686eba718e56f8d347cc33d9bdc6a018ca152398ae1d23e1d8cb588e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 17:17:10 GMT
Cache-Control: max-age=2419200, public
Connection: keep-alive
Content-Length: 1912
Content-Type: application/javascript; charset=UTF-8

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ 2 KB
1 KB 172ms
61ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=11207&s=www.users.gobarberrj.com&x=rekmob&nci=&adtg=b6ad3026cbf440849e950ded4e8124b2&nai=&si=25514&pn=&h=50&w=320&bp=&pp=&ci=&ip=185.213.155.166&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36
Requested by: Host: adserver.reklamstore.com
URL: https://adserver.reklamstore.com/reklamstore.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 05 Mar 2022 11:39:44 GMT
server: cloudflare
age: 5538
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6e7cbe510fc19945-FRA
content-length: 1168
expires: Sun, 06 Mar 2022 19:17:11 GMT

GET
H/1.1 200
OK rs-b.png
adimg.rekmob.com/logos/ Frame 05EC 471 B
911 B 190ms
47ms Image
image/png 13.226.145.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adimg.rekmob.com/logos/rs-b.png
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 23:05:26 GMT
Via: 1.1 bfd667b9fb826986b85315f856bf5884.cloudfront.net (CloudFront)
Last-Modified: Thu, 26 Jul 2018 10:20:15 GMT
Server: AmazonS3
Age: 65818
ETag: "5965d59f86a925e809f20a75e26c9d0c"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 471
X-Amz-Cf-Id: ToFF4TvYCMD-JgDLs5FHNaCg0VXfd2_bQkdpKXkxyx4HnjQeE-vjVQ==

GET
H/1.1 200
OK 125b60957a4544e9af2f03e8596cdfe3
adimg.rekmob.com/ Frame 05EC 20 KB
21 KB 186ms
52ms Image
image/jpeg 13.226.145.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adimg.rekmob.com/125b60957a4544e9af2f03e8596cdfe3
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-94.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d0ac9911a560fee79bbafa54a46ca817f7d852f059846c05c27ffd18409084d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 07:50:24 GMT
Via: 1.1 51054083366f59cdc509361d23d873ea.cloudfront.net (CloudFront)
Last-Modified: Wed, 20 May 2020 15:52:18 GMT
Server: AmazonS3
Age: 34107
ETag: "3b9eae4dc398c495162367411fa23564"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 20583
X-Amz-Cf-Id: bAnpGZMme2rF9kewBoG8AJAKYfx39nBDvABPREtQIFEGqdK6sYTqaw==

GET
H/1.1 200
OK imp
ads.rekmob.com/m/ Frame 05EC 2 B
179 B 49ms
49ms Image
image/avif 146.185.142.91
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.rekmob.com/m/imp?uid=b6ad3026cbf440849e950ded4e8124b2&udid=95e52e4e8959414dab2a139d4b993dcf&rid=NjIyNGVjOTcwY2YyOWIzMWE0ZDcwMWY0&adId=MTM1Nw==
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.142.91 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.9.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 16:05:12 GMT
Connection: keep-alive
Server: nginx/1.9.6
X-Code: DE
Content-Length: 2
Content-Type: image/avif;charset=ISO-8859-1

GET
DATA 200
OK truncated
/ Frame 8AC2 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
xe9o.xyz/1ccf616e0b/c3706a2c96/ Frame 3480 30 KB
4 KB 74ms
74ms Document
text/html 185.66.201.58
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://xe9o.xyz/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCpkripZCxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_52817&adApiR=loaded_string_44848599232968e17aafe8a20a937736a604d_2558403_1646587030.8546_27506&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=120&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2&randomA=651540386122&realRef=V2JKVlhUc3hPazhFd284YWh5TmpFa1loTGJwbDYxcTdNNTBBL0s4cVMwZz0=
Requested by: Host: xe9o.xyz
URL: https://xe9o.xyz/1ccf616e0b/c3706a2c96/?placementName=ROTATOR&type=n&cv=XAdCpApZjkpAZCpkripZCxCrjANZriNrAANrddCrCZZZCCrixCkkCrCrGCxCrjppjAGiZCCrxi_52817&adApiR=loaded_string_44848599232968e17aafe8a20a937736a604d_2558403_1646587030.8546_27506&refferer=2773200890_aHR0cHM6Ly93d3cudXNlcnMuZ29iYXJiZXJyai5jb20v&width=120&height=600&yxDom=dXByaW1wLmNvbQ==_99fc24843f51da23d36abbfd0ce9aff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.58 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.201.58.skhosting.eu
Software: nginx /
Resource Hash: e074e72bb8e703571421a434098f50e7562e8571822b35d35ac30c8b882e80be

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://uprimp.com/

Response headers

server: nginx
date: Sun, 06 Mar 2022 17:17:11 GMT
content-type: text/html; charset=UTF-8
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br

GET
H3 200 client.js Show response
client.crisp.chat/static/javascripts/ 381 KB
89 KB 137ms
79ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13c49ce264224a16b8e2b5daad1b593e25479cc6724b5f7e312d532e898b239f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27858
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Jan 2022 08:47:47 GMT
server: cloudflare
etag: W/"61e67eb3-5f54e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6e7cbe50d83b5b8c-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 03 Mar 2032 17:17:11 GMT

GET
H3 200 client_default.css
client.crisp.chat/static/stylesheets/ 328 KB
40 KB 239ms
182ms Stylesheet
text/css 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7561e680878d5b0ead8704c157156c65b315bae88ba04b914aee6535f4de00c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 27838
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Jan 2022 08:47:47 GMT
server: cloudflare
etag: W/"61e67eb3-521ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6e7cbe50d8385b8c-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 03 Mar 2032 17:17:11 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame E076
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=gobarberrj.com&sn=ChromeSyncframe&so=0&topUrl=www.users.gobarberrj.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=V6rqkHwwTEZPL0V6V0hFQUFUc0pLdTFwSWZPOThHdk1PM2U4Y2Z1TEtVbHYvOFJIcXNRMG9LaCtndGo4UGtmeWtURHFMaFhNY2tIcnpTLzFuQ3BjZExzWGlvR3Y4dGhRT3dVMXFYblJXeVREL1c1TEpUQml6UDJ2WlZPZi...

428 B
634 B

175ms
55ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=V6rqkHwwTEZPL0V6V0hFQUFUc0pLdTFwSWZPOThHdk1PM2U4Y2Z1TEtVbHYvOFJIcXNRMG9LaCtndGo4UGtmeWtURHFMaFhNY2tIcnpTLzFuQ3BjZExzWGlvR3Y4dGhRT3dVMXFYblJXeVREL1c1TEpUQml6UDJ2WlZPZi9iN1hHeXU5N3U1NEx4d2VLcnhkNEFYb09tMG5Od0V3QUN3Z0JtTnNCQXpWUjZUeGM1Rk42QzIvWEhZVFR5WkFJZ1FHR3FCcE9ITGxSbmQwMXlYRGdoWWp6STNxczJtdVVpUmI5OVZhMnE1cnlDekpGWnhSeVR5Qm01V1ZUZDZCRXVDRXJWdC83OFVoeVdzblpUYVdzZG5MWmlyTk1zdz09fA&cppv=2

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

0fbdca850a55be20ef466b693461ee39b40a48c253e862ce1a77e4da753e94d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4528
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:10 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=V6rqkHwwTEZPL0V6V0hFQUFUc0pLdTFwSWZPOThHdk1PM2U4Y2Z1TEtVbHYvOFJIcXNRMG9LaCtndGo4UGtmeWtURHFMaFhNY2tIcnpTLzFuQ3BjZExzWGlvR3Y4dGhRT3dVMXFYblJXeVREL1c1TEpUQml6UDJ2WlZPZi9iN1hHeXU5N3U1NEx4d2VLcnhkNEFYb09tMG5Od0V3QUN3Z0JtTnNCQXpWUjZUeGM1Rk42QzIvWEhZVFR5WkFJZ1FHR3FCcE9ITGxSbmQwMXlYRGdoWWp6STNxczJtdVVpUmI5OVZhMnE1cnlDekpGWnhSeVR5Qm01V1ZUZDZCRXVDRXJWdC83OFVoeVdzblpUYVdzZG5MWmlyTk1zdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1816
content-length: 541
expires: 0

GET
H2 200 ps3LEjFUMch.png
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 504C 441 B
1 KB 133ms
44ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/ps3LEjFUMch.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v9.0/plugins/share_button.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1524b5b0f03d7c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&layout=button&locale=en_US&sdk=joey&size=large

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
x-content-type-options: nosniff
content-md5: bIdClDVUx2JypSkH1jl0jQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 441
x-fb-rlafr: 0
x-fb-debug: pIJQNxC4t6C5jcSAI/VGfBBCs3Bxy/1N3KDhJFp2A7Il1aNAc88cZSJ5YNuZYwmbcWJHCXGEDKKYcrCtHU6f5A==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 28 Feb 2023 15:36:36 GMT

GET
H2 200 iZ7dclye650.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yF/l/en_US/ Frame 504C 521 KB
136 KB 132ms
45ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yF/l/en_US/iZ7dclye650.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

510e28e7a3373dadc6be252b20f490a6586b3b4b158a76eca3c16a7af6166e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lnE9Ao7pslJvUlsfxYxx/g==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 139108
x-fb-rlafr: 0
x-fb-debug: QuNyzSyy6Acwcphn3au3B+iuNaNxyWHp0a+gpo66Fwz7j2gjORBWI0Aujhzo3E8ER9ze2wgZP+SSEs+tO1j/3w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 04 Mar 2023 19:11:39 GMT

GET
H2 200 /
www5.cbox.ws/box/ Frame A3FD 17 KB
5 KB 88ms
87ms Stylesheet
text/css 94.130.39.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.cbox.ws/box/?boxid=913451&boxtag=APTpYR&sec=css&theme=6&v=1629383500&h=ff04eb4b
Requested by: Host: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=913451&boxtag=APTpYR&sec=main
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.39.102 Heilbronn, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mx3.cbox.ws
Software: nginx /
Resource Hash: 5f67413ce9bb699abbcb39fdc806ddd52112e0930182005f054ad4435e5c2a49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www5.cbox.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: gzip
server: nginx
x-cache: HIT
p3p: CP="NOI DSP COR NID CURa OUR NOR"
cache-control: public, max-age=10368000
content-type: text/css;charset=UTF-8
expires: Mon, 04 Jul 2022 17:14:43 GMT

GET
H3 200 jsc_10_1629383500.js Show response
static.cbox.ws/jsc/ Frame A3FD 76 KB
27 KB 120ms
65ms Script
application/x-javascript 188.114.96.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cbox.ws/jsc/jsc_10_1629383500.js
Requested by: Host: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=913451&boxtag=APTpYR&sec=main
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a036f72be2af61fa73108715a5b67b29e3a501685488dc67d83154bfd08403b6

Request headers

Referer: https://www5.cbox.ws/
Origin: https://www5.cbox.ws
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3492736
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 19 Aug 2021 14:31:45 GMT
server: cloudflare
etag: W/"611e6b51-64a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEdMKmQvkd2zF0uSm0Hyqh5LNUDtn%2FNqcdqSAnJEDB1jx%2BLHFJoUrYPqCz8jIl0q8UoZAdQfcoINeh2g4RHqsdGi6f9go4Tbp5PhML6iwzKRz6voFVtJQlsq13kZ9r%2FpLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=315360000
cf-ray: 6e7cbe517a2f9be2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ 31 KB
24 KB 63ms
63ms Script
application/javascript 104.16.200.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1646587031235&ver1=2.2.3&qid=230383f5530383f5434353&rnd=8odsx8hz0q4n&cid=544
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=230383f5530383f5434353&cid=544&p=11207&s=www.users.gobarberrj.com&x=rekmob&nci=&adtg=b6ad3026cbf440849e950ded4e8124b2&nai=&si=25514&pn=&h=50&w=320&bp=&pp=&ci=&ip=185.213.155.166&ai=&di=&mm=&os=&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.200.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 05 Mar 2022 11:39:44 GMT
server: cloudflare
age: 1628
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6e7cbe5168a79945-FRA
content-length: 24217
expires: Sun, 06 Mar 2022 19:17:11 GMT

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ 0
344 B 46ms
45ms Script
text/plain 3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=6224ec96f0fab&c_b=1&gdpr=0&gdpr_consent=&c_l=0&c_s=1
Requested by: Host: ps.eyeota.net
URL: https://ps.eyeota.net/pixel?pid=bsbc9g1&t=ajs&uid=6224ec96f0fab
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 17:17:11 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H3 200 fontawesome-webfont.woff2
static.cbox.ws/fonts/ Frame A3FD 70 KB
71 KB 81ms
80ms Font
application/octet-stream 188.114.96.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cbox.ws/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www5.cbox.ws
URL: https://www5.cbox.ws/box/?boxid=913451&boxtag=APTpYR&sec=css&theme=6&v=1629383500&h=ff04eb4b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.7 Medellín, Colombia, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://www5.cbox.ws/
Origin: https://www5.cbox.ws
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 513039
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71896
last-modified: Fri, 29 Jul 2016 08:15:26 GMT
server: cloudflare
etag: "579b109e-118d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVDrorSv36tlgpMacN4DnjeYV7vzd4vNcg1IrjZFwWTaalkoWJyd4w2vCRnM2l8sxudoeB1KCKB9xF0BY45vjx386YOEfY4izBqPZ1K5CutWvRD3ZYVo4MQd5nEPLMU3rA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6e7cbe51baed9be2-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ 26 B
304 B 190ms
68ms Image
image/gif 2606:4700::6810:79c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=1646587031323545&ver=1.2r81&qid=230383f5530383f5434353&p=11207&s=www.users.gobarberrj.com&x=rekmob&cid=544&od1=&od2=&adtg=b6ad3026cbf440849e950ded4e8124b2&nci=&nai=&si=25514&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=8odsx8hz0q4n&impid=&idl=&ttduid=&id5=&emh=&tps=53&ver1=2.2.3&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&os=&mm=&di=&ip=185.213.155.166&ci=&pp=&bp=&w=320&h=50&pn=&1=b7fc69a3c700f9fbd813b1e3eb2aeba2&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=1600x1200&atf=&dbgcid=544&ifm=0&penv=b&pt=&ptbp=&tw=1&ldp=0&icpl=37&icp=https%253A//www.users.gobarberrj.com/&irfl=0&irf=&cty=4&fcs=1&flky=ver-fl-6-qid-fl-22-p-fl-5-s-fl-24-x-fl-6-cid-fl-3-od1-fl-0-od2-fl-0-adtg-fl-32-nci-fl-0-nai-fl-0-si-fl-5-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-ua-fl-136-os-fl-0-mm-fl-0-di-fl-0-ip-fl-15-ci-fl-0-pp-fl-0-bp-fl-0-w-fl-3-h-fl-2-pn-fl-0-&spfp=1&spfnp=0&sp1=Chromefl_andLinux&sp2=Chromefl_andWindows&adv=0&det=0&adb=0&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=1600x1200&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_9_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=26
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Mar 2022 11:39:33 GMT
server: cloudflare
age: 1046
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6e7cbe52ed289159-FRA
content-length: 26
expires: Sun, 06 Mar 2022 19:17:11 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ 1015 B
2 KB 268ms
63ms Script
application/javascript 63.33.136.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.cpx.to/fire.js?pid=12475&ref=&url=https%3A%2F%2Fwww.users.gobarberrj.com%2F&hn_ver=40&fid=77d57edd-8f50-4169-a605-0d53063e9bee

Requested by

Host: p.cpx.to
URL: https://p.cpx.to/p/12475/px.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.136.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-136-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

3de1cf66362a1b046fd966b3e0e6afaac2f4c91be08c818dd994032aeecdc709

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 06 Mar 2022 17:17:11 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Content-Length: 1015
Expires: Sat, 05 Mar 2022 17:29:49 UTC

POST
H/1.1 200
OK store.php Show response
bank.reklamstore.com/ 0
263 B 189ms
50ms XHR
text/html 138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/store.php
Requested by: Host: bank.reklamstore.com
URL: https://bank.reklamstore.com/init.js?v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.users.gobarberrj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 06 Mar 2022 17:11:04 GMT
Server: nginx/1.14.0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.39.102:80
Connection: keep-alive
Content-Length: 0

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 504C 67 B
101 B 77ms
77ms Image
image/png 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1646587031144&t_start=1646587031144&t_domcontent=1646587031155&t_layout=1646587031421&t_onload=1646587031421&t_paint=1646587031421&t_creport=1646587031421&t_tti=1646587031155&lid=7072037449677302327-0

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v9.0/plugins/share_button.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1524b5b0f03d7c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&layout=button&locale=en_US&sdk=joey&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: m2lKtWAASx54tZ+fwBHLhwGgY8b64IVQGJvhq+BL0xiBg2/5q1GQwsYb3Tr+QJtqiFy6AtgIfZrqzfyaK69bHA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 06 Mar 2022 17:17:11 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A3FD 198 B
0 Image
image/x-icon

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7f556737034e1f62f52cae62a87cfb2b8b4ce81cafc6ac89cf5a094c8c38d23

Request headers

Referer: https://www5.cbox.ws/
Origin: https://www5.cbox.ws
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/x-icon

POST
H/1.1 200
OK store.php Show response
bank.reklamstore.com/ 0
263 B 159ms
46ms XHR
text/html 138.68.105.0
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bank.reklamstore.com/store.php
Requested by: Host: bank.reklamstore.com
URL: https://bank.reklamstore.com/init.js?v1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.68.105.0 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: com.reklamstore.bank.v3.lb0
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.users.gobarberrj.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 06 Mar 2022 17:11:04 GMT
Server: nginx/1.14.0
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Upstream: 10.135.39.102:80
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf6269237b73159a2ebdd0b997f408016aa1da003a2e8a52c231fc408aace0ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 / Show response
client.crisp.chat/settings/website/74787e13-c96a-4918-9a3e-b987c6a1a800/prelude/ 78 B
511 B 107ms
107ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/74787e13-c96a-4918-9a3e-b987c6a1a800/prelude/?callback=window.%24crisp.__spool.website_handler&2022-2-6-17-17

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cbbbf367f4ecc498a504b1a555698218687c0d2493046977b4a9f3f4a4c2003

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Mar 2022 17:17:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 6e7cbe534cb45b8c-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sun, 06 Mar 2022 21:17:11 GMT

GET
H3 200 BDlK8zqKAGP.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame 271A 102 KB
16 KB 46ms
45ms Stylesheet
text/css 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/BDlK8zqKAGP.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2344c121da58dc1992caebcdeaeeb136f7d288cc12ffcb3bc597e487a587343

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gOs4hnEHogDonW5mGOpflA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 16521
x-fb-rlafr: 0
x-fb-debug: sU8/6J2eZ2ZgQa2qwL/KPbvfQ51cQNdBjc0+/7j6d1YBGLW+wcRtyryknLrJgvTHhHrKZEfLnib6/3QDvrCccg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 05 Mar 2023 20:12:25 GMT

GET
H3 200 V0h2-P0LqLF.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ Frame 271A 125 KB
20 KB 47ms
45ms Stylesheet
text/css 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9fe08002d7d36471c82209ce1e38a398c743a3b490e8d199a63307f60f2b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DaMRuE+YoIxDIzGIPbrOjw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20378
x-fb-rlafr: 0
x-fb-debug: U6wowsWzmoTGo17r5KeigCuUj8eGI/4T2fZYUzLfHu0s9DoV3PDgBItevuzkK4HmaTqVScfVs9cLgrUtcTrxJw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Tue, 28 Feb 2023 09:50:20 GMT

GET
H3 200 YhCBOLs0G8W.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ Frame 271A 307 KB
82 KB 50ms
48ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/YhCBOLs0G8W.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cebc0b7e3c9904af6f553ef5e9f2a86b29091ade9aa57001ff90febb82a7b95b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sAzbJnwBdy7PcinKiS3bxA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84390
x-fb-rlafr: 0
x-fb-debug: KMeL9M6QgC0ZghO/5TbqBHfh/7GJKP3UttyKJOa1COUnD0hyvv1e7lr7U/MfPIZhoAtchcCffcp46XAjW2G1cA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 02 Mar 2023 20:24:53 GMT

GET
H3 200 dO4kLJ0yWm5.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yj/l/en_US/ Frame 271A 157 KB
44 KB 90ms
88ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yj/l/en_US/dO4kLJ0yWm5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24b2ffba61cf17f85a28dcd58be33190a15364461312d4868f1aa6c2047d5ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ymA+tyKJS1UU2W520laDDw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 44843
x-fb-rlafr: 0
x-fb-debug: J+4gIWVNo5Oe3/7X32DUaM6fXyH4OByoM2ZmxkgMm7UApWcN+7slrnD3KVIlCxAa4QKTXGPPnq/QexUAWtciVg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 25 Feb 2023 05:32:20 GMT

GET
H3 200 TGDS0cOovUY.js Show response
static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/ Frame 271A 1 MB
333 KB 90ms
88ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/TGDS0cOovUY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e4071c4201e9dc9352d8d45e034808dc45e8351d305bd9a0871d5c4f19eeaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0OKivXfwwebVkbPKofeVrA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 340751
x-fb-rlafr: 0
x-fb-debug: jHvhyUwv7hnlnQqzG3M3rtn3/EvVY1Pkuqgn1M5ALv2bOFxO/q/HDQgNdJY8Z0T782OnAutu5indP6iaHtb92w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 05 Mar 2023 16:19:55 GMT

GET
H3 200 RICrecDQjt5.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 271A 26 KB
8 KB 86ms
85ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/RICrecDQjt5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ce060c4b31136228f92c39acd9a2b4e090d0cdb950d0f68c641cc4f2477decfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /OU5RA0NY50SIBcbFH/cGQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 8493
x-fb-rlafr: 0
x-fb-debug: S8UXw56IfM60wmaXUmp0V+KZomb1fJpVzEOl5JrPbYg26qJahl1n6gBCyxiB17TjosNhvpUr/7f6vdXGulCJBA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Tue, 28 Feb 2023 09:50:20 GMT

GET
H3 200 IA4gBMYzDSk.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ Frame 271A 1000 B
580 B 87ms
86ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/IA4gBMYzDSk.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be97083c08c332143d83235b12e2f4b2b0261d15f4ae409ce11c73920ab313ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CmMUbZR0QNsQWLAnrndkow==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 525
x-fb-rlafr: 0
x-fb-debug: 9lDKmyeNa/Zx7n00enFSFHNy6uijZE9ixmpwQE8/ct6QYTVTaKzrrq9IvhkHND3+Qn0MUCOvqEF0I1dsVbhI7g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sun, 05 Mar 2023 16:17:39 GMT

GET
H3 200 klhJBeX9tLA.js Show response
static.xx.fbcdn.net/rsrc.php/v3iPwL4/yt/l/en_US/ Frame 271A 40 KB
12 KB 88ms
86ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iPwL4/yt/l/en_US/klhJBeX9tLA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

caede6025d19ea335df15131532dcfdcad654dee373086a625dabdd3cf308143

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nToqwR/+LoNBT8B1QPkkng==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12107
x-fb-rlafr: 0
x-fb-debug: DmferFiOY5vbWTb/Ik7mWPie+2HlrNz8DOILlo1K126pTf11Y61QXWzE5T2YuUCbTShiJNa/ZTbfKN6wwxTnYA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 04 Mar 2023 19:14:49 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D77d57edd-8f50-4169-a605-0d53063e9bee
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D77d57edd-8f50-4169-a605-0d53063e9bee
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FF3F21FC-F624-43DF-84F0-44EF7FAE1938&fid=77d57edd-8f50-4169-a605-0d53063e9bee

95 B
881 B

145ms
69ms

Image
image/png

63.33.136.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FF3F21FC-F624-43DF-84F0-44EF7FAE1938&fid=77d57edd-8f50-4169-a605-0d53063e9bee

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

HTTP/1.1

Server

63.33.136.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-136-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 06 Mar 2022 17:17:12 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sun, 06 Mar 2022 17:17:12 UTC

Redirect headers

location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=FF3F21FC-F624-43DF-84F0-44EF7FAE1938&fid=77d57edd-8f50-4169-a605-0d53063e9bee
date: Sun, 06 Mar 2022 17:17:11 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

an_fire
s.cpx.to/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12475%26ref%3D%26url%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252F%26hn_ver%3D40%26fid%3D77d5...
https://s.cpx.to/an_fire?app_nexus_uid=7013630141775087107&pid=12475&ref=&url=https%3A%2F%2Fwww.users.gobarberrj.com%2F&hn_ver=40&fid=77d57edd-8f50-4169-a605-0d53063e9bee

95 B
865 B

64ms
64ms

Image
image/png

63.33.136.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/an_fire?app_nexus_uid=7013630141775087107&pid=12475&ref=&url=https%3A%2F%2Fwww.users.gobarberrj.com%2F&hn_ver=40&fid=77d57edd-8f50-4169-a605-0d53063e9bee

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

HTTP/1.1

Server

63.33.136.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-136-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 06 Mar 2022 17:17:11 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sun, 06 Mar 2022 17:17:11 UTC

Redirect headers

Pragma: no-cache
Date: Sun, 06 Mar 2022 17:17:11 GMT
X-Proxy-Origin: 185.213.155.166; 185.213.155.166; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 49cb3227-4d1b-4e44-9a3a-1a5c7d6b8394
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/an_fire?app_nexus_uid=7013630141775087107&pid=12475&ref=&url=https%3A%2F%2Fwww.users.gobarberrj.com%2F&hn_ver=40&fid=77d57edd-8f50-4169-a605-0d53063e9bee
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ 0
214 B 211ms
45ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=34010&puid=1661518bebc7210c&gdpr=0
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

sync
s.cpx.to/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=0fkciot&ttd_tpi=1
https://s.cpx.to/sync?dsp_uid=513d0668-f9e3-4234-9588-26c0f3544214&dsp=TTD

95 B
876 B

105ms
68ms

Image
image/png

63.33.136.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/sync?dsp_uid=513d0668-f9e3-4234-9588-26c0f3544214&dsp=TTD

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

HTTP/1.1

Server

63.33.136.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-136-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 06 Mar 2022 17:17:12 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Sun, 06 Mar 2022 17:17:12 UTC

Redirect headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:11 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.cpx.to/sync?dsp_uid=513d0668-f9e3-4234-9588-26c0f3544214&dsp=TTD
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 179

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D77d57edd-8f50-4169-a605-0d53063e9bee&gdpr=0
https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=77d57edd-8f50-4169-a605-0d53063e9bee&gdpr=0&cklb=1

0
316 B

55ms
54ms

Image
text/plain

185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=77d57edd-8f50-4169-a605-0d53063e9bee&gdpr=0&cklb=1
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: HTTP/1.1
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:11 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=77d57edd-8f50-4169-a605-0d53063e9bee&gdpr=0&cklb=1
pragma: no-cache
date: Sun, 06 Mar 2022 17:17:11 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H/1.1

200
OK

ca.png
s.cpx.to/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=77d57edd-8f50-4169-a605-0d53063e9bee
https://s.cpx.to/ca.png?dsp=dbm&fid=77d57edd-8f50-4169-a605-0d53063e9bee&google_gid=CAESEJ8ke00pRqnsJRQ4jsxKm-k&google_cver=1

95 B
804 B

130ms
65ms

Image
image/png

63.33.136.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?dsp=dbm&fid=77d57edd-8f50-4169-a605-0d53063e9bee&google_gid=CAESEJ8ke00pRqnsJRQ4jsxKm-k&google_cver=1

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

HTTP/1.1

Server

63.33.136.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-136-74.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 06 Mar 2022 17:17:11 GMT
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Length: 95

Redirect headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.cpx.to/ca.png?dsp=dbm&fid=77d57edd-8f50-4169-a605-0d53063e9bee&google_gid=CAESEJ8ke00pRqnsJRQ4jsxKm-k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
pool.grid-data.bidswitch.net/ 43 B
220 B 242ms
44ms Image
image/gif 18.195.185.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pool.grid-data.bidswitch.net/sync?pid=42
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.185.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-185-23.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 17:17:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 271A 251 KB
251 KB 89ms
43ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:11 GMT
x-content-type-options: nosniff
content-md5: VO922XrIvf6dPbMlbETwCQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 257139
x-fb-rlafr: 0
x-fb-debug: c0A6s4H3cDKcyaqNCChwrVQQV7qgqw6bH/6xgeUUBMc9RIA7enDsb1dVkZ8qVELwKZ1ZbKVzYqWpOtDjpOEYfQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 28 Feb 2023 17:56:52 GMT

GET
H3 200 1f642.png
static.xx.fbcdn.net/images/emoji.php/v9/t4c/1/16/ Frame 271A 480 B
537 B 89ms
44ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/images/emoji.php/v9/t4c/1/16/1f642.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

790febcf2123f481b536e9443d1843fb4fca516886c4df9ebbaa45c6c2e1f393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-type-options: nosniff
content-md5: vVk4MGJSkMeB6vn2kaVICg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 480
x-fb-rlafr: 0
x-fb-debug: xMIjmzEFF8Exk/sqTWOlNVglkS1Y1mZmYLVjEM8ferwNME7819RnYAVzJxCgeSJQn0QfnNQ0J81VJMvPx/RzkA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
cross-origin-opener-policy: same-origin
date: Sun, 06 Mar 2022 17:17:11 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 28 Feb 2023 09:51:12 GMT

GET
H2 200 269683083_4709042389186275_3111039626260862342_n.jpg
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-1/ Frame 271A 2 KB
2 KB 243ms
64ms Image
image/jpeg 2a03:2880:f00a:11c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-2.xx.fbcdn.net/v/t39.30808-1/269683083_4709042389186275_3111039626260862342_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=100&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=4k82G20rVgYAX8zF3XI&_nc_ht=scontent-arn2-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT-Ob_nRZwtF0BT5WG1E86pKrbuUP0ok70VIvF6Pet-MCA&oe=622A810E
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:11c:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0152d89b40aa4de3331d48ae81013d94aa1f8eac3b389af112ac0fbc7d1ea799

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3549258676
date: Sun, 06 Mar 2022 17:17:12 GMT
x-fb-trip-id: 1904183273
last-modified: Mon, 20 Dec 2021 16:29:57 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=476019063
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2042030919
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1789

GET
H2 200 13718727_1186929258013399_6126369738152085083_n.jpg
scontent-arn2-2.xx.fbcdn.net/v/t1.18169-1/ Frame 271A 2 KB
2 KB 285ms
107ms Image
image/jpeg 2a03:2880:f00a:11c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-2.xx.fbcdn.net/v/t1.18169-1/13718727_1186929258013399_6126369738152085083_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=100&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=gIaFhM91bOQAX8mupKi&_nc_ht=scontent-arn2-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT-1HQMFn-0t4EJjNdRAFHPey2FXqxAblyWsBiuH24K6ng&oe=624C34E1
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:11c:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 21f559552f6a67789c352b5530ef626f304c3434b7622f8e7e1100db3a59375f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 4052791773
date: Sun, 06 Mar 2022 17:17:12 GMT
x-fb-trip-id: 1904183273
last-modified: Sat, 23 Jul 2016 15:42:39 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3966698553
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: b6QtpAjauHvKX-8RMfXVGPcr8rsAcmQnsJ1QqseSilkQf9EOaTcDukTdZ0IWwFQCymFADEmKSubd4dcMMLmclA
cross-origin-resource-policy: cross-origin
x-needle-checksum: 351007174
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1563

GET
H2 200 242505751_405688184314669_2587529035867073743_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 271A 1 KB
2 KB 326ms
183ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/242505751_405688184314669_2587529035867073743_n.jpg?stp=c0.0.48.48a_cp0_dst-jpg_p48x48&_nc_cat=107&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=lYVtEhBi2vMAX8ZzmCr&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT98Wr06gpB5nBUiXpftf6_7DhhsST59DmSpI2UKx9ewEg&oe=6229B79E
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 063838df65b17918813bc3edf38d6cbf0111f98f2d639fac8350c398137b50dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3733475756
date: Sun, 06 Mar 2022 17:17:12 GMT
x-fb-trip-id: 1904183273
last-modified: Mon, 20 Sep 2021 04:30:40 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1184624667
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: 1BZQMw3J1T5PxM3-eJKWcvqdV6gjOBwxVQviLixCNAAnYmn0N9skmLHZjl8LHbog_cDjvXXRUg-LLCf969kMjg
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2018696468
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1506

GET
H2 200 230993355_1469385330100866_1051532767553102183_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 271A 1 KB
2 KB 246ms
104ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/230993355_1469385330100866_1051532767553102183_n.jpg?stp=c0.2.48.48a_cp0_dst-jpg_p48x48&_nc_cat=106&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=QIZZ7XVxubEAX9n0PAG&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT_wfAkIgXEYw1tUmFh7y7ptkAyNQHyP3GlTz2isDynM2w&oe=6229B26E
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a709ef8bb2814356477b46c375d350dbe8b522795fe41453cae8e953d40cf17d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 2858891265
date: Sun, 06 Mar 2022 17:17:12 GMT
x-fb-trip-id: 1904183273
last-modified: Tue, 03 Aug 2021 02:19:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3137306762
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: ogCqtSK1G5KNkAA_3fdlmdNlvYUw88WQTrjuofeeRQhLyf3bz-MoUZV2SPRM6TLfPms20IkCHLL9432t1XOtTA
cross-origin-resource-policy: cross-origin
x-needle-checksum: 153217469
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1285

GET
H2 200 243058124_10225881265796460_6055940575844007314_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 271A 2 KB
2 KB 328ms
186ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/243058124_10225881265796460_6055940575844007314_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=109&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=IaBBLkaVB08AX-CsITf&_nc_oc=AQl5LOA2IEbz74-V-MP_Vsm8APYANKClLFW7NH5xWBOoB6QmdZv3IF6z11AykQgXu2ceAmDz1Pe--D8ZurEW1fG5&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT_hO3y8fvroD1EX9IattY5f_MSjnv_DleGt86a5FgV_4A&oe=622A7F17
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a4e52df77bb37e84b79807e3fee987e1f006753f66ee67cef414c6a2fe8430d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 4241255403
date: Sun, 06 Mar 2022 17:17:12 GMT
x-fb-trip-id: 1904183273
last-modified: Sun, 26 Sep 2021 12:45:59 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=683576334
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: UOThKUfUeARdYSy9u5vtK5YehSR_oXq3maf8FVrMdwGl_t8_0P1SRghpvJIUBVU_JXLJjr-5KSOA8Vk89DsDNA
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4230650921
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1791

GET
H2 200 181483263_859294318007311_8585933724265060003_n.jpg
scontent-arn2-2.xx.fbcdn.net/v/t1.6435-1/ Frame 271A 2 KB
2 KB 276ms
100ms Image
image/jpeg 2a03:2880:f00a:11c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-2.xx.fbcdn.net/v/t1.6435-1/181483263_859294318007311_8585933724265060003_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=105&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=RI0axgMtnS8AX--YmuR&_nc_oc=AQmp2J34ZZi_uLB8KLP3H1H9XUFMXpvuqphEEAFtiSDCiU8tVdBJAkh-X_pd9Uj1DUCQcgnUxcXRqwj-DqTUGYuy&_nc_ht=scontent-arn2-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT838FY_gnTxSU9hI60XktPHb1PIDcwRbksX4BD_R3bplA&oe=6248FD80
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:11c:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ecc9e412f022ead9dfa65a83b28d013994a27cd7dd77b257848370abf98f6cfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 347429473
date: Sun, 06 Mar 2022 17:17:12 GMT
x-fb-trip-id: 1904183273
last-modified: Sun, 09 May 2021 02:30:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=882922615
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: UwtrHsQM6MplWYUlSiPfBjDf_EWvr1yOnS9RznBFx-IPBJxBIzhmTBtd5nq6xqiBf-ZfM-BZtRYAZJT-QTHWvQ
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1874042248
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1709

GET
H2 200 274702967_1598316067196193_346721908891403261_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 271A 1 KB
1 KB 540ms
399ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/274702967_1598316067196193_346721908891403261_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=103&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=Egg5jqwqYfkAX_eWrbC&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT-97EHXBJ-HdTbbTs0HoJ-RehuHmPm0y7MdQxsiOepCXw&oe=622920B2
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3fdb8daf38909cc108f3e5dff02c2816a8558743f77723bfaab3f2b7ecd05b47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 2203682055
date: Sun, 06 Mar 2022 17:17:12 GMT
x-fb-trip-id: 1904183273
last-modified: Thu, 24 Feb 2022 14:28:11 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1169467674
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: fT9lnC04fgjuMJI1FRuCXHYxf2eRlD5OnukF4FNYCtADlGBeKhaJ_4W0OSN6Nf4OnXhARkB-cmrbSYbxYiT2Eg
cross-origin-resource-policy: cross-origin
x-needle-checksum: 469427359
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1353

GET
H2 200 125163039_499006251055425_3169222080505399063_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t1.6435-1/ Frame 271A 2 KB
2 KB 251ms
110ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t1.6435-1/125163039_499006251055425_3169222080505399063_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=103&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=UKtSpLW1O6IAX_H6jyU&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT8dCjTwyJyzym462hFGlSPKRgzqCZqpQzrVyX4J-qiZRg&oe=6249715F
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f1192339145616e49146fd47487f27e4e9a5b264868a11c9a724ad75cdeb5e48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3240968915
date: Sun, 06 Mar 2022 17:17:12 GMT
x-fb-trip-id: 1904183273
last-modified: Thu, 12 Nov 2020 06:30:52 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1171527535
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: Xjhza5vSAJWT7HlwylpsvPE_mLzc9CutBEc6aI-GWjFl5MUPepEQWG2Y68lmSP3y00mxk86yhNoRVR7wmK7VpA
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4140110301
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1605

GET
H2 200 36874915_10204913771601197_3605701422395424768_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t1.6435-1/ Frame 271A 1 KB
2 KB 245ms
105ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t1.6435-1/36874915_10204913771601197_3605701422395424768_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=102&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=zk6XC_oR494AX8OeDyN&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT8nLlB5XUdHdyY9hgOUGGnOuu6nPhZMj3ThcZ-8-ZnuAA&oe=6249337C
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a0a95495b25accfa800815aff27c5eb65957c039295a02486f9263a5a8b39c58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3834679169
date: Sun, 06 Mar 2022 17:17:12 GMT
x-fb-trip-id: 1904183273
last-modified: Mon, 09 Jul 2018 13:16:27 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1138802600
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: uXBtAuDEEEIWNlxT5Bj0ZNq5P_i4H9TCol-tvrnG-ru6KhPScbkUbHECqCBZJyX94hrGMVswDcStYqgWN-I4MA
cross-origin-resource-policy: cross-origin
x-needle-checksum: 671639692
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1410

GET
H2 200 241715957_547582956495621_8032535404001713593_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 271A 1 KB
2 KB 232ms
112ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/241715957_547582956495621_8032535404001713593_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=110&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=j7rMqZ8V6YUAX9-t29g&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT_5jkccPnNwpn6ixwxR0TyBp9YpepTfL-C5PRwkIvx0cQ&oe=622929F8
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b8b810cdb0faf8b810fcf74d9775d894b8248ea1033cb790d2612270699922b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3111348073
date: Sun, 06 Mar 2022 17:17:12 GMT
x-fb-trip-id: 1904183273
last-modified: Fri, 10 Sep 2021 04:32:50 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3128411060
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: OYefc4iKT8sv4GTe1j4Q_rNJe96NKYjGx2y_aLbUPg2IRkrfioWrPLn1ZN_Dbnpp_nKlAu_lQHnXfW_J3LrWsg
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1237257901
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1420

GET
H2 200 268013684_4773309546041418_7324926204533089857_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 271A 2 KB
2 KB 225ms
105ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/268013684_4773309546041418_7324926204533089857_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=107&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=_E9wN82w6BMAX-2bJkR&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT-9fF72rNRFOJ7FLCKklNkNNjJz2RPbga7nAjSSCJx2SQ&oe=622A166F
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3beae65eda51c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=555&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 08b70188ae1d4087176f63ab63c9461d44aa318bf5a7b94ee70bc733dd80a231

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3658376242
date: Sun, 06 Mar 2022 17:17:12 GMT
x-fb-trip-id: 1904183273
last-modified: Sat, 18 Dec 2021 15:51:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1954095988
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: 4RQrXRAYUvCXipCzK7KY0tCMAPKSDz5CTOKiG45jn1GMGAnmYJWCnvr91_fKY0RSzrlq_0hIzmHDYVgC5cPUrw
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3093518857
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1629

GET
H3 200 / Show response
client.crisp.chat/settings/website/74787e13-c96a-4918-9a3e-b987c6a1a800/ 1 KB
1 KB 90ms
89ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/74787e13-c96a-4918-9a3e-b987c6a1a800/?callback=window.%24crisp.__spool.website_handler&1607154132308

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f204d83207c67903162f9e891a12307f766b9812fee2e3fd7c73771a4985de14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Mar 2022 17:17:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 6e7cbe5649fa5b8c-FRA
access-control-allow-headers: Content-Type, Origin
expires: Sun, 06 Mar 2022 21:17:12 GMT

GET
H3 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 6 KB
3 KB 62ms
61ms Script
application/javascript 2606:4700::6812:1d5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?14441ec

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?14441ec

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1d5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ae91dd76ffe339d4668fe648aea2624d7d348c5164d296ccd5edd32d655711e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24388
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 Jan 2022 08:47:47 GMT
server: cloudflare
etag: W/"61e67eb3-1822"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 6e7cbe56db575b8c-FRA
access-control-allow-headers: Content-Type, Origin
expires: Wed, 03 Mar 2032 17:17:12 GMT

GET
DATA 200
OK truncated
/ 881 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 vbl.gif
pre.glotgrx.com/ 26 B
134 B 76ms
76ms Image
image/gif 2606:4700::6810:79c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1646587032340&rnd=8odsx8hz0q4n&ifm=0&uai=1&cid=544&s=www.users.gobarberrj.com&p=11207&x=rekmob&adtg=b6ad3026cbf440849e950ded4e8124b2&ats=1600x1200&atf=&nsi=&si=25514&nci=&nai=&pft=0&iip=0&adb=0&adc=0&adcd=i0_f0_o0_e0&ai=&icp=https%253A//www.users.gobarberrj.com/&impid=&idl=&ttduid=&id5=&emh=
Requested by: Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:79c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:12 GMT
cf-cache-status: HIT
last-modified: Sat, 05 Mar 2022 11:39:33 GMT
server: cloudflare
age: 1675
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6e7cbe585d069159-FRA
content-length: 26
expires: Sun, 06 Mar 2022 19:17:12 GMT

GET
H3 200 share_button.php Show response
www.facebook.com/v9.0/plugins/ Frame A062 42 KB
13 KB 113ms
113ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v9.0/plugins/share_button.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e07377c538d7%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&layout=button&locale=en_US&sdk=joey&size=large

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0479e485199b6a878a0e5918f7338612

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

db7264295600ec6b22e9e08c3373da63aaeb39f8fdca61cc378fb065e3a12cf0

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v9.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: 2pW082yVwP6/iU9WMfVlIOrrQrh9VE+qdlqvRP3WO/wKl5gQC7aP8Ew6EWDlMn41An1QINcyXTAOWiJJI+dvvg==
date: Sun, 06 Mar 2022 17:17:12 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame E18F
Redirect Chain

https://www.facebook.com/v9.0/plugins/comments.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3D...
https://www.facebook.com/plugins/comments.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.u...
https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.u...

152 KB
34 KB

223ms
222ms

Document
text/html

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0479e485199b6a878a0e5918f7338612

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a8aa5799a4c5515fa568424bc2fca34b8d1d5e863201d5f702c5858320b9e870

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: nZscECt5dxSkbSsGWCAFxcU00aG5qpynNYafCsjctV6iTWv6z+asN7Vvx6HvK3E1I4HhcH8NYC91aQaz8HJQWw==
date: Sun, 06 Mar 2022 17:17:12 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: TO3vmVdhOopct5j58771tJTG5rBWm5HLvkMIeMU0+dTxgskGGqvRk8NgOgkW+KbbWZZaMNwu41kBqi+GQpOgwg==
content-length: 0
date: Sun, 06 Mar 2022 17:17:12 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=0

GET
H3 200 ps3LEjFUMch.png
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame A062 441 B
494 B 45ms
44ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/ps3LEjFUMch.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v9.0/plugins/share_button.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e07377c538d7%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&layout=button&locale=en_US&sdk=joey&size=large

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:12 GMT
x-content-type-options: nosniff
content-md5: bIdClDVUx2JypSkH1jl0jQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 441
x-fb-rlafr: 0
x-fb-debug: pIJQNxC4t6C5jcSAI/VGfBBCs3Bxy/1N3KDhJFp2A7Il1aNAc88cZSJ5YNuZYwmbcWJHCXGEDKKYcrCtHU6f5A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 28 Feb 2023 15:36:36 GMT

GET
H3 200 iZ7dclye650.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yF/l/en_US/ Frame A062 521 KB
136 KB 45ms
45ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yF/l/en_US/iZ7dclye650.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v9.0/plugins/share_button.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e07377c538d7%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&layout=button&locale=en_US&sdk=joey&size=large

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

510e28e7a3373dadc6be252b20f490a6586b3b4b158a76eca3c16a7af6166e71

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lnE9Ao7pslJvUlsfxYxx/g==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 139108
x-fb-rlafr: 0
x-fb-debug: QuNyzSyy6Acwcphn3au3B+iuNaNxyWHp0a+gpo66Fwz7j2gjORBWI0Aujhzo3E8ER9ze2wgZP+SSEs+tO1j/3w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 04 Mar 2023 19:11:39 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame A062 67 B
99 B 76ms
76ms Image
image/png 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1646587032524&t_start=1646587032525&t_domcontent=1646587032530&t_layout=1646587032609&t_onload=1646587032609&t_paint=1646587032609&t_creport=1646587032609&t_tti=1646587032530&lid=7072037453435665010-0

Requested by

Host: www.users.gobarberrj.com
URL: https://www.users.gobarberrj.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v9.0/plugins/share_button.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3e07377c538d7%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&layout=button&locale=en_US&sdk=joey&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: no-cache
x-fb-debug: uPNAk5Nw3NGwSKMURJU+CeIlb68DvAb4oMIfiaRXDvgXg3SDECybxk7zGnggb4pNE4M2iIFwquHkP+2XCTEWpQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 06 Mar 2022 17:17:12 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 BDlK8zqKAGP.css
static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/ Frame E18F 102 KB
16 KB 49ms
48ms Stylesheet
text/css 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/l/0,cross/BDlK8zqKAGP.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2344c121da58dc1992caebcdeaeeb136f7d288cc12ffcb3bc597e487a587343

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gOs4hnEHogDonW5mGOpflA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 16521
x-fb-rlafr: 0
x-fb-debug: sU8/6J2eZ2ZgQa2qwL/KPbvfQ51cQNdBjc0+/7j6d1YBGLW+wcRtyryknLrJgvTHhHrKZEfLnib6/3QDvrCccg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 05 Mar 2023 20:12:25 GMT

GET
H3 200 V0h2-P0LqLF.css
static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/ Frame E18F 125 KB
20 KB 50ms
49ms Stylesheet
text/css 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9fe08002d7d36471c82209ce1e38a398c743a3b490e8d199a63307f60f2b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DaMRuE+YoIxDIzGIPbrOjw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20378
x-fb-rlafr: 0
x-fb-debug: U6wowsWzmoTGo17r5KeigCuUj8eGI/4T2fZYUzLfHu0s9DoV3PDgBItevuzkK4HmaTqVScfVs9cLgrUtcTrxJw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=0
expires: Tue, 28 Feb 2023 09:50:20 GMT

GET
H3 200 YhCBOLs0G8W.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ Frame E18F 307 KB
82 KB 51ms
50ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/YhCBOLs0G8W.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cebc0b7e3c9904af6f553ef5e9f2a86b29091ade9aa57001ff90febb82a7b95b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sAzbJnwBdy7PcinKiS3bxA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84390
x-fb-rlafr: 0
x-fb-debug: KMeL9M6QgC0ZghO/5TbqBHfh/7GJKP3UttyKJOa1COUnD0hyvv1e7lr7U/MfPIZhoAtchcCffcp46XAjW2G1cA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Thu, 02 Mar 2023 20:24:53 GMT

GET
H3 200 dO4kLJ0yWm5.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yj/l/en_US/ Frame E18F 157 KB
44 KB 59ms
57ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yj/l/en_US/dO4kLJ0yWm5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24b2ffba61cf17f85a28dcd58be33190a15364461312d4868f1aa6c2047d5ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ymA+tyKJS1UU2W520laDDw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 44843
x-fb-rlafr: 0
x-fb-debug: J+4gIWVNo5Oe3/7X32DUaM6fXyH4OByoM2ZmxkgMm7UApWcN+7slrnD3KVIlCxAa4QKTXGPPnq/QexUAWtciVg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 25 Feb 2023 05:32:20 GMT

GET
H3 200 TGDS0cOovUY.js Show response
static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/ Frame E18F 1 MB
333 KB 60ms
58ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/TGDS0cOovUY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e4071c4201e9dc9352d8d45e034808dc45e8351d305bd9a0871d5c4f19eeaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0OKivXfwwebVkbPKofeVrA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 340751
x-fb-rlafr: 0
x-fb-debug: jHvhyUwv7hnlnQqzG3M3rtn3/EvVY1Pkuqgn1M5ALv2bOFxO/q/HDQgNdJY8Z0T782OnAutu5indP6iaHtb92w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 05 Mar 2023 16:19:55 GMT

GET
H3 200 RICrecDQjt5.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame E18F 26 KB
8 KB 56ms
55ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/RICrecDQjt5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ce060c4b31136228f92c39acd9a2b4e090d0cdb950d0f68c641cc4f2477decfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /OU5RA0NY50SIBcbFH/cGQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 8493
x-fb-rlafr: 0
x-fb-debug: S8UXw56IfM60wmaXUmp0V+KZomb1fJpVzEOl5JrPbYg26qJahl1n6gBCyxiB17TjosNhvpUr/7f6vdXGulCJBA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Tue, 28 Feb 2023 09:50:20 GMT

GET
H3 200 IA4gBMYzDSk.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ Frame E18F 1000 B
580 B 57ms
56ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/IA4gBMYzDSk.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be97083c08c332143d83235b12e2f4b2b0261d15f4ae409ce11c73920ab313ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CmMUbZR0QNsQWLAnrndkow==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 525
x-fb-rlafr: 0
x-fb-debug: 9lDKmyeNa/Zx7n00enFSFHNy6uijZE9ixmpwQE8/ct6QYTVTaKzrrq9IvhkHND3+Qn0MUCOvqEF0I1dsVbhI7g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sun, 05 Mar 2023 16:17:39 GMT

GET
H3 200 klhJBeX9tLA.js Show response
static.xx.fbcdn.net/rsrc.php/v3iPwL4/yt/l/en_US/ Frame E18F 40 KB
12 KB 57ms
56ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iPwL4/yt/l/en_US/klhJBeX9tLA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

caede6025d19ea335df15131532dcfdcad654dee373086a625dabdd3cf308143

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:12 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: nToqwR/+LoNBT8B1QPkkng==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 12107
x-fb-rlafr: 0
x-fb-debug: DmferFiOY5vbWTb/Ik7mWPie+2HlrNz8DOILlo1K126pTf11Y61QXWzE5T2YuUCbTShiJNa/ZTbfKN6wwxTnYA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=1
expires: Sat, 04 Mar 2023 19:14:49 GMT

GET
H3 200 269683083_4709042389186275_3111039626260862342_n.jpg
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-1/ Frame E18F 2 KB
2 KB 146ms
73ms Image
image/jpeg 2a03:2880:f00a:11c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-2.xx.fbcdn.net/v/t39.30808-1/269683083_4709042389186275_3111039626260862342_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=100&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=4k82G20rVgYAX8zF3XI&_nc_ht=scontent-arn2-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT-Ob_nRZwtF0BT5WG1E86pKrbuUP0ok70VIvF6Pet-MCA&oe=622A810E
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/TGDS0cOovUY.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f00a:11c:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0152d89b40aa4de3331d48ae81013d94aa1f8eac3b389af112ac0fbc7d1ea799

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3549258676
date: Sun, 06 Mar 2022 17:17:13 GMT
last-modified: Mon, 20 Dec 2021 16:29:57 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=476019063
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2042030919
content-length: 1789
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority: u=1

GET
H3 200 13718727_1186929258013399_6126369738152085083_n.jpg
scontent-arn2-2.xx.fbcdn.net/v/t1.18169-1/ Frame E18F 2 KB
2 KB 137ms
72ms Image
image/jpeg 2a03:2880:f00a:11c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-2.xx.fbcdn.net/v/t1.18169-1/13718727_1186929258013399_6126369738152085083_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=100&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=gIaFhM91bOQAX8mupKi&_nc_ht=scontent-arn2-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT-1HQMFn-0t4EJjNdRAFHPey2FXqxAblyWsBiuH24K6ng&oe=624C34E1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/TGDS0cOovUY.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f00a:11c:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 21f559552f6a67789c352b5530ef626f304c3434b7622f8e7e1100db3a59375f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 4052791773
date: Sun, 06 Mar 2022 17:17:13 GMT
last-modified: Sat, 23 Jul 2016 15:42:39 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3966698553
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 351007174
content-length: 1563
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority: u=1

GET
H3 200 242505751_405688184314669_2587529035867073743_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame E18F 1 KB
2 KB 145ms
72ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/242505751_405688184314669_2587529035867073743_n.jpg?stp=c0.0.48.48a_cp0_dst-jpg_p48x48&_nc_cat=107&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=lYVtEhBi2vMAX8ZzmCr&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT98Wr06gpB5nBUiXpftf6_7DhhsST59DmSpI2UKx9ewEg&oe=6229B79E
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/TGDS0cOovUY.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 063838df65b17918813bc3edf38d6cbf0111f98f2d639fac8350c398137b50dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3733475756
date: Sun, 06 Mar 2022 17:17:13 GMT
last-modified: Mon, 20 Sep 2021 04:30:40 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1184624667
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2018696468
content-length: 1506
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority: u=1

GET
H3 200 230993355_1469385330100866_1051532767553102183_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame E18F 1 KB
1 KB 144ms
72ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/230993355_1469385330100866_1051532767553102183_n.jpg?stp=c0.2.48.48a_cp0_dst-jpg_p48x48&_nc_cat=106&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=QIZZ7XVxubEAX9n0PAG&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT_wfAkIgXEYw1tUmFh7y7ptkAyNQHyP3GlTz2isDynM2w&oe=6229B26E
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/TGDS0cOovUY.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a709ef8bb2814356477b46c375d350dbe8b522795fe41453cae8e953d40cf17d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 2858891265
date: Sun, 06 Mar 2022 17:17:13 GMT
last-modified: Tue, 03 Aug 2021 02:19:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3137306762
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 153217469
content-length: 1285
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority: u=1

GET
H3 200 243058124_10225881265796460_6055940575844007314_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame E18F 2 KB
2 KB 143ms
72ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/243058124_10225881265796460_6055940575844007314_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=109&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=IaBBLkaVB08AX-CsITf&_nc_oc=AQl5LOA2IEbz74-V-MP_Vsm8APYANKClLFW7NH5xWBOoB6QmdZv3IF6z11AykQgXu2ceAmDz1Pe--D8ZurEW1fG5&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT_hO3y8fvroD1EX9IattY5f_MSjnv_DleGt86a5FgV_4A&oe=622A7F17
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/TGDS0cOovUY.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a4e52df77bb37e84b79807e3fee987e1f006753f66ee67cef414c6a2fe8430d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 4241255403
date: Sun, 06 Mar 2022 17:17:13 GMT
last-modified: Sun, 26 Sep 2021 12:45:59 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=683576334
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4230650921
content-length: 1791
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority: u=1

GET
H3 200 181483263_859294318007311_8585933724265060003_n.jpg
scontent-arn2-2.xx.fbcdn.net/v/t1.6435-1/ Frame E18F 2 KB
2 KB 131ms
72ms Image
image/jpeg 2a03:2880:f00a:11c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-2.xx.fbcdn.net/v/t1.6435-1/181483263_859294318007311_8585933724265060003_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=105&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=RI0axgMtnS8AX--YmuR&_nc_oc=AQmp2J34ZZi_uLB8KLP3H1H9XUFMXpvuqphEEAFtiSDCiU8tVdBJAkh-X_pd9Uj1DUCQcgnUxcXRqwj-DqTUGYuy&_nc_ht=scontent-arn2-2.xx&edm=AJqh0Q8EAAAA&oh=00_AT838FY_gnTxSU9hI60XktPHb1PIDcwRbksX4BD_R3bplA&oe=6248FD80
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/TGDS0cOovUY.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f00a:11c:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ecc9e412f022ead9dfa65a83b28d013994a27cd7dd77b257848370abf98f6cfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 347429473
date: Sun, 06 Mar 2022 17:17:13 GMT
last-modified: Sun, 09 May 2021 02:30:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=882922615
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1874042248
content-length: 1709
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority: u=1

GET
H3 200 274702967_1598316067196193_346721908891403261_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame E18F 1 KB
1 KB 141ms
74ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/274702967_1598316067196193_346721908891403261_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=103&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=Egg5jqwqYfkAX_eWrbC&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT-97EHXBJ-HdTbbTs0HoJ-RehuHmPm0y7MdQxsiOepCXw&oe=622920B2
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/TGDS0cOovUY.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3fdb8daf38909cc108f3e5dff02c2816a8558743f77723bfaab3f2b7ecd05b47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 2203682055
date: Sun, 06 Mar 2022 17:17:13 GMT
last-modified: Thu, 24 Feb 2022 14:28:11 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1169467674
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 469427359
content-length: 1353
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority: u=1

GET
H3 200 125163039_499006251055425_3169222080505399063_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t1.6435-1/ Frame E18F 2 KB
2 KB 139ms
74ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t1.6435-1/125163039_499006251055425_3169222080505399063_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=103&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=UKtSpLW1O6IAX_H6jyU&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT8dCjTwyJyzym462hFGlSPKRgzqCZqpQzrVyX4J-qiZRg&oe=6249715F
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/TGDS0cOovUY.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f1192339145616e49146fd47487f27e4e9a5b264868a11c9a724ad75cdeb5e48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3240968915
date: Sun, 06 Mar 2022 17:17:13 GMT
last-modified: Thu, 12 Nov 2020 06:30:52 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1171527535
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4140110301
content-length: 1605
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority: u=1

GET
H3 200 36874915_10204913771601197_3605701422395424768_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t1.6435-1/ Frame E18F 1 KB
1 KB 138ms
74ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t1.6435-1/36874915_10204913771601197_3605701422395424768_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=102&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=zk6XC_oR494AX8OeDyN&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT8nLlB5XUdHdyY9hgOUGGnOuu6nPhZMj3ThcZ-8-ZnuAA&oe=6249337C
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/TGDS0cOovUY.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a0a95495b25accfa800815aff27c5eb65957c039295a02486f9263a5a8b39c58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3834679169
date: Sun, 06 Mar 2022 17:17:13 GMT
last-modified: Mon, 09 Jul 2018 13:16:27 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1138802600
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 671639692
content-length: 1410
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority: u=1

GET
H3 200 241715957_547582956495621_8032535404001713593_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame E18F 1 KB
1 KB 134ms
73ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/241715957_547582956495621_8032535404001713593_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=110&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=j7rMqZ8V6YUAX9-t29g&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT_5jkccPnNwpn6ixwxR0TyBp9YpepTfL-C5PRwkIvx0cQ&oe=622929F8
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/TGDS0cOovUY.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b8b810cdb0faf8b810fcf74d9775d894b8248ea1033cb790d2612270699922b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3111348073
date: Sun, 06 Mar 2022 17:17:13 GMT
last-modified: Fri, 10 Sep 2021 04:32:50 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3128411060
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1237257901
content-length: 1420
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority: u=1

GET
H3 200 268013684_4773309546041418_7324926204533089857_n.jpg
scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/ Frame E18F 2 KB
2 KB 132ms
73ms Image
image/jpeg 2a03:2880:f00a:e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-arn2-1.xx.fbcdn.net/v/t39.30808-1/268013684_4773309546041418_7324926204533089857_n.jpg?stp=cp0_dst-jpg_p48x48&_nc_cat=107&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=_E9wN82w6BMAX-2bJkR&_nc_ht=scontent-arn2-1.xx&edm=AJqh0Q8EAAAA&oh=00_AT-9fF72rNRFOJ7FLCKklNkNNjJz2RPbga7nAjSSCJx2SQ&oe=622A166F
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yc/l/en_US/TGDS0cOovUY.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f00a:e:face:b00c:0:3 Kista, Sweden, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 08b70188ae1d4087176f63ab63c9461d44aa318bf5a7b94ee70bc733dd80a231

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum: 3658376242
date: Sun, 06 Mar 2022 17:17:13 GMT
last-modified: Sat, 18 Dec 2021 15:51:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1954095988
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3093518857
content-length: 1629
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
priority: u=1

GET
H3 200 VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame E18F 251 KB
251 KB 49ms
49ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yS/l/0,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:13 GMT
x-content-type-options: nosniff
content-md5: VO922XrIvf6dPbMlbETwCQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 257139
x-fb-rlafr: 0
x-fb-debug: c0A6s4H3cDKcyaqNCChwrVQQV7qgqw6bH/6xgeUUBMc9RIA7enDsb1dVkZ8qVELwKZ1ZbKVzYqWpOtDjpOEYfQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 28 Feb 2023 17:56:52 GMT

GET
H3 200 1f642.png
static.xx.fbcdn.net/images/emoji.php/v9/t4c/1/16/ Frame E18F 480 B
537 B 51ms
51ms Image
image/png 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/images/emoji.php/v9/t4c/1/16/1f642.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=197603755137669&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df228b0418223f0c%26domain%3Dwww.users.gobarberrj.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.users.gobarberrj.com%252Ffc927c09585f04%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fyoutubechallenge.batangtabon.com%2Fv04%2Findex.php&locale=en_US&numposts=10&sdk=joey&version=v9.0&width=550

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

790febcf2123f481b536e9443d1843fb4fca516886c4df9ebbaa45c6c2e1f393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-type-options: nosniff
content-md5: vVk4MGJSkMeB6vn2kaVICg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 480
x-fb-rlafr: 0
x-fb-debug: xMIjmzEFF8Exk/sqTWOlNVglkS1Y1mZmYLVjEM8ferwNME7819RnYAVzJxCgeSJQn0QfnNQ0J81VJMvPx/RzkA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
cross-origin-opener-policy: same-origin
date: Sun, 06 Mar 2022 17:17:13 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 28 Feb 2023 09:51:12 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 185ms
97ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220302&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1ff3300d6a39fd7337641c07429777baa8d5f3f777c357e3cfbe20fdfd0ab68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Mar 2022 17:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10570
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 251ms
88ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Mar 2022 17:17:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A10B 13 KB
5 KB 154ms
72ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Mar 2022 17:00:10 GMT
expires: Mon, 06 Mar 2023 17:00:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AF0D 783 B
1 KB 242ms
86ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

61e1d7ecba08e0392278c075cc5599e121e29c903a7723bc5442bd28b9e36877

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4lfj9S+BrvQFQnbayLJ6aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 06 Mar 2022 17:17:13 GMT
date: Sun, 06 Mar 2022 17:17:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4lfj9S+BrvQFQnbayLJ6aQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js Show response
pagead2.googlesyndication.com/bg/ Frame A10B 35 KB
14 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 16:37:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13820
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Mar 2023 16:37:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AF0D 0
0 125ms
125ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220302&jk=1932998923098326&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A10B 0
9 B 76ms
76ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DQWcRQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 108ms
107ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220302&jk=1932998923098326&bg=!tLelt_PNAAb7UztL-1M7ACkAdvg8WqQRy1QAWM0hR6F5VUl_R-Yqxthr0Hhb-odgQlxNOeSeewXKvwIAAABWUgAAAANoAQcKAHSpw11dnclGCTs3naftrCZQ9n2r1EjPoaXP5D97KjXqSiv8y8PG0Lrskot_b7IBOn6UnZblvVgLYAR-87uMO5gKEckK6RZWuFtap1dKyIIexHFlM15UJmD0Jc-viJjm_mzPaUSb20NLh4M_3Xj5uI9-qKPE65kCsDPE2eOEfY4-R9gmNPHV7TzPI5zyxIALgnAQ01T-ukb_6nbS16Mxqqvw2YqaolpnyENRISz4BCnbTjddfQX2o38vmBHHuVeYDshSXj-j-b0Rh1aPjWiP5rbYvKAMdXjJiFQjB_7HWaPX2d1oQssaMrpuYLsmvBsWbwSz7qq9IhP3ZykTHjWMzke1kcSeUDnndzTxJcf1sBZo2QLdTWd2pSi6t0CDi1av4mPxk9Q9gxd-tLjFVp1jMGTDUy5jbabrr6b5Ytc1AeEZzbwVxnLuiE29wNmYvMycLLfyn1P0EM1beTAfaxX0Fw6VpmWjIeOY-zr6a9WHVsP2PqSDHEQnA73X8u-uVpIBA9_omX_vlF8Oxc6NGcDdAV2G9vNVo6Yd_yqSM0cJkmmdtZ_IWG6zuiqHHLNGxy9iJj0gdQeJlGOwes_13q1h1b_QT7sDiriRDBIWyZIahmN2-NpRZpdhc76CFymRBg7FvwhW0NLK-F3OWyn0bEXyCuH-qJWzBq_XfXUK8M0aITbypvoFZtPbDXQImUCdSU43FP7WsNjq4E64f9_sV6gr5S_R6zNKXCn3vjDzYoy7icJF-cSEQQc6nEl3g6KncNUzAZ5SaLxNlFXa-pAPQ9eL4IeyxR0MBgEU8ZVdwJKVTxzT6hn3Sy-U0JIlewoIIpTIoiBWzuW33IKZUCqG_-9BKkIa7MRMvRqmqhCBxxWtBX6iMa9Tm72IzrY9AhiEmSJQR_ywjBlW0u7OGSoi6o3TO6Ub0v4kD1d6NINcyYAhWeo2JBDjuI7xcZUZMt2rzA-Xs7V27gFzyu8pPjGs9Y0-WMhLcT7DbFmv-23eMnIZEyQMS7GIxxLfmZkInVuIfOG-fuHk0XxNVEUTuIvmYQqa5T5N6e1tchWGct5Uj5z6QTjIqhH0mZhYR3M

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.users.gobarberrj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Mar 2022 17:17:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www5.cbox.ws/box/ Frame A3FD 17 B
195 B 87ms
86ms XHR
text/html 94.130.39.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www5.cbox.ws/box/?sec=ar&boxid=913451&boxtag=APTpYR&_v=1063&p=4
Requested by: Host: static.cbox.ws
URL: https://static.cbox.ws/jsc/jsc_10_1629383500.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 94.130.39.102 Heilbronn, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mx3.cbox.ws
Software: nginx /
Resource Hash: 25b7d32b4cd12e5e7ca6bdc381d94544f0112c142f8ca7853a32046868473c0a

Request headers

Accept: */*
Referer: https://www5.cbox.ws/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 17:17:14 GMT
content-encoding: gzip
server: nginx
cache-control: no-store, no-cache
p3p: CP="NOI DSP COR NID CURa OUR NOR"
x-cache: MISS
content-type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

253 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gobarberrj.com/	1970-01-20 18:54:19	Name: _ga Value: GA1.2.1114746622.1646587029
.gobarberrj.com/	1970-01-20 01:24:33	Name: _gid Value: GA1.2.52780216.1646587029
.gobarberrj.com/	1970-01-20 01:23:07	Name: _gat_gtag_UA_113153126_2 Value: 1
.cbox.ws/	1970-01-20 01:23:08	Name: __cf_bm Value: c40477d9e3322bd07316f1814fe0ab9712ca97e3-1646587029-0-AUbgRAT8aNzDEvOVvHi5UgZS3USOz6siRTrQsFiMxlg/R+bmxLvylM72EQaLLOrAnA2TZ58ClBmTQ2WW9mUrzZk=
www.users.gobarberrj.com/	1970-01-20 10:08:43	Name: bidswitch_last_time Value: 1646587030470
.uprimp.com/	1970-01-20 01:23:49	Name: used_ad2667667 Value: 2
www.users.gobarberrj.com/	1969-12-31 23:59:59	Name: myJavascriptVart Value: Date.parse(endtime) - Date.parse(new Date())
www.users.gobarberrj.com/	1969-12-31 23:59:59	Name: myJavascriptVarseconds Value: var seconds
www.users.gobarberrj.com/	1969-12-31 23:59:59	Name: myJavascriptVarminutes Value: 50
www.users.gobarberrj.com/	1969-12-31 23:59:59	Name: myJavascriptVarhours Value: var hours
www.users.gobarberrj.com/	1969-12-31 23:59:59	Name: myJavascriptVardays Value: var days
www.users.gobarberrj.com/	1970-01-20 10:08:43	Name: rekmob_props_549740 Value: %7B%22date%22%3A1646586882748%2C%22rekJs%22%3A%7B%22rekmob_ad_unit_type%22%3A0%2C%22rekmob_native_type%22%3Anull%2C%22rekmob_ad_width%22%3A320%2C%22rekmob_fixed_cpm%22%3A0%2C%22rekmob_network_ids%22%3A%22anx_placement_id%3D16103825%3Bcrt_id%3D1%22%2C%22rekmob_ad_unit%22%3A%22b6ad3026cbf440849e950ded4e8124b2%22%2C%22rekmob_app_type%22%3A0%2C%22rekmob_ad_height%22%3A50%2C%22region_id%22%3A549740%7D%2C%22countryCode%22%3A%22DE%22%2C%22cookieTime%22%3A1646587030818%7D
.uprimp.com/	1970-01-20 01:23:49	Name: used_ad2558403 Value: 1
.uprimp.com/	1970-01-20 01:23:49	Name: total_impressions Value: 3
.uprimp.com/	1970-01-20 02:06:19	Name: cpa_673873 Value: 120x600_454289452_0
.bidswitch.net/	1970-01-20 10:08:43	Name: tuuid Value: 9d79b45c-0244-4847-8e61-11a097415db3
.bidswitch.net/	1970-01-20 10:08:43	Name: c Value: 1646587030
www.users.gobarberrj.com/	1970-01-20 01:24:33	Name: rekmob_last_seen_b6ad3026cbf440849e950ded4e8124b2 Value: 1646587031068
.adnxs.com/	1970-01-20 03:32:43	Name: uuid2 Value: 7013630141775087107
.bidswitch.net/	1970-01-20 10:08:43	Name: tuuid_lu Value: 1646587031
.gobarberrj.com/	1970-01-20 10:44:43	Name: __gads Value: ID=c076db115c899e24-227529d955cd0071:T=1646587031:RT=1646587031:S=ALNI_MYI8i70VZRSGjS8fHwpgbsKRseTBg
.criteo.com/	1970-01-20 10:44:43	Name: uid Value: 53abdbca-4946-42e5-af8c-55e5c08a5685
.adform.net/	1970-01-20 02:07:45	Name: C Value: 1
.eyeota.net/	1970-01-20 01:23:07	Name: SERVERID Value: 23309~DM
.creative-serving.com/	1970-01-20 10:44:43	Name: tuuid Value: fcf4968c-6344-4ce0-8964-9272cdc25a3b
.creative-serving.com/	1970-01-20 10:44:43	Name: c Value: 1646587031
.creative-serving.com/	1970-01-20 10:44:43	Name: tuuid_lu Value: 1646587031
.adform.net/	1970-01-20 02:49:31	Name: uid Value: 7905369500523989728
.doubleclick.net/	1970-01-20 10:44:43	Name: IDE Value: AHWqTUk2K8X1Y1ssZ0iYg1Z9mJyFFyh7z-5XTqtevAEX3KiSwqQy7L7XOFkWLFK52Ic
.gobarberrj.com/	1970-01-20 10:44:43	Name: cto_bundle Value: Nx39H19uMElsck9TY2lnWlJjWWFRWEVwYWV1SWI1allyODNYeTJnd25Ocm1qQ24lMkZqV1dHaXBjMVo2RURvNmllR0h0VDhFVFBSUjRCS3czTzhHVGI1TjFoeSUyRlZYcjVKOHVWVkduJTJGRXJYYlh1bGc1allhbTNDczlLQUdqQWpsMkR5NlU2YW1NUjR6cEFkNDdjUCUyQk1xVnNrcVc5USUzRCUzRA
.cpx.to/	1970-01-20 10:08:43	Name: cpSess Value: 1661518bebc7210c
.pubmatic.com/	1970-01-20 03:32:43	Name: KTPCACOOKIE Value: true
.adsrvr.org/	1970-01-20 10:08:43	Name: TDID Value: 513d0668-f9e3-4234-9588-26c0f3544214
.pubmatic.com/	1970-01-20 03:32:43	Name: KADUSERCOOKIE Value: FF3F21FC-F624-43DF-84F0-44EF7FAE1938
.cpx.to/	1970-01-20 10:08:43	Name: dsp_app_nexus Value: 7013630141775087107#1646587031893
.smartadserver.com/	1970-01-20 10:53:21	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 10:53:21	Name: pbw Value: %24b%3d16990%3b%24o%3d11100
.gobarberrj.com/	1970-01-20 05:45:55	Name: crisp-client%2Fsession%2F74787e13-c96a-4918-9a3e-b987c6a1a800 Value: session_8c4949a6-d333-4359-be98-bf92ef97fe20
.adsrvr.org/	1970-01-20 10:08:43	Name: TDCPM Value: CAEYBSABKAIyCwiOruSg_Oe_OhAFOAE.
.cpx.to/	1970-01-20 10:08:43	Name: dsp_dbm Value: CAESEJ8ke00pRqnsJRQ4jsxKm-k#1646587031960
.smartadserver.com/	1970-01-20 10:53:21	Name: pid Value: 7625772467939437875
.cpx.to/	1970-01-20 10:08:43	Name: dsp_pubmatic Value: FF3F21FC-F624-43DF-84F0-44EF7FAE1938#1646587032026
.cpx.to/	1970-01-20 10:08:43	Name: dsp_TTD Value: 513d0668-f9e3-4234-9588-26c0f3544214#1646587032028

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.users.gobarberrj.com/ytcmenu_files/css3menu1/style.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.users.gobarberrj.com/ytcmenu_files/css3menu2/style.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.users.gobarberrj.com/css/animated2.css Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://alternativeadvert.com/show.js(Line 26) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alternativeadvert.com/show.php?z=0&w=0&p=0&vwidth=0&vheight=0&window_w=1600&window_h=1200&pl=20490&ad_type=11&charset=0&top_space=0&shape=4&c_border=336699&c_background=ffffff&page_background=ffffff&c_text1=000000&c_text2=0000ff&c_text3=0000ff&c_text4=0000ff&c_text5=0&c_text6=0&c_text7=0&c_text8=0&c_text9=0&c_text10=0&j=1&code=1646587029860, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://alternativeadvert.com/show.js(Line 26) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alternativeadvert.com/show.php?z=0&w=0&p=0&vwidth=0&vheight=0&window_w=1600&window_h=1200&pl=20490&ad_type=11&charset=0&top_space=0&shape=4&c_border=336699&c_background=ffffff&page_background=ffffff&c_text1=000000&c_text2=0000ff&c_text3=0000ff&c_text4=0000ff&c_text5=0&c_text6=0&c_text7=0&c_text8=0&c_text9=0&c_text10=0&j=1&code=1646587029860, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adhitzads.com/1113988 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1113988&p=554324784&l=https%3A//www.users.gobarberrj.com/&c=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adhitzads.com/1113988 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1113988&p=554324784&l=https%3A//www.users.gobarberrj.com/&c=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://p3.adhitzads.com/?z=1113988&p=554324784&l=https%3A//www.users.gobarberrj.com/&c=1 Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://adhitzads.com/1113990 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1113990&p=554324784&l=https%3A//www.users.gobarberrj.com/&c=2, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adhitzads.com/1113990 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1113990&p=554324784&l=https%3A//www.users.gobarberrj.com/&c=2, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://p3.adhitzads.com/?z=1113990&p=554324784&l=https%3A//www.users.gobarberrj.com/&c=2 Message: Failed to load resource: the server responded with a status of 400 ()
javascript	warning	URL: https://alternativeadvert.com/show.js(Line 26) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alternativeadvert.com/show.php?z=0&w=0&p=0&vwidth=0&vheight=0&window_w=1600&window_h=1200&pl=20489&ad_type=11&charset=0&top_space=0&shape=4&c_border=336699&c_background=ffffff&page_background=ffffff&c_text1=000000&c_text2=0000ff&c_text3=0000ff&c_text4=0000ff&c_text5=0&c_text6=0&c_text7=0&c_text8=0&c_text9=0&c_text10=0&j=1&code=1646587030681, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://alternativeadvert.com/show.js(Line 26) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alternativeadvert.com/show.php?z=0&w=0&p=0&vwidth=0&vheight=0&window_w=1600&window_h=1200&pl=20489&ad_type=11&charset=0&top_space=0&shape=4&c_border=336699&c_background=ffffff&page_background=ffffff&c_text1=000000&c_text2=0000ff&c_text3=0000ff&c_text4=0000ff&c_text5=0&c_text6=0&c_text7=0&c_text8=0&c_text9=0&c_text10=0&j=1&code=1646587030681, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adhitzads.com/1113988 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1113988&p=554324784&l=https%3A//www.users.gobarberrj.com/&c=3, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adhitzads.com/1113988 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://p3.adhitzads.com/?z=1113988&p=554324784&l=https%3A//www.users.gobarberrj.com/&c=3, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://p3.adhitzads.com/?z=1113988&p=554324784&l=https%3A//www.users.gobarberrj.com/&c=3 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6369761270420377&output=html&h=280&slotname=4795453260&adk=919501952&adf=388061927&pi=t.ma~as.4795453260&w=521&fwrn=4&fwrnh=100&lmt=1646587030&rafmt=1&psa=0&format=521x280&url=https%3A%2F%2Fwww.users.gobarberrj.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646587030500&bpp=7&bdt=1964&idt=351&shv=r20220302&mjsv=m202203020101&ptt=9&saldr=aa&abxe=1&correlator=7190239215996&frm=20&pv=2&ga_vid=1114746622.1646587029&ga_sid=1646587031&ga_hid=261795229&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=540&ady=2217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31065370%2C31065447%2C44756896%2C44758229%2C31064018&oid=2&pvsid=1932998923098326&pem=20&tmod=1204429948&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cn&abl=XS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=CEA8rkVIn9&p=https%3A//www.users.gobarberrj.com&dtd=364 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
adhitzads.com
adimg.rekmob.com
ads.creative-serving.com
ads.rekmob.com
adserver.reklamstore.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
alternativeadvert.com
bank.reklamstore.com
bidder.criteo.com
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
client.crisp.chat
cm.g.doubleclick.net
connect.facebook.net
dmp.adform.net
fonts.googleapis.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image2.pubmatic.com
imasdk.googleapis.com
iq.reklamselfie.com
match.adsrvr.org
mug.criteo.com
p.cpx.to
p3.adhitzads.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.yabidos.com
pool.grid-data.bidswitch.net
pre.glotgrx.com
prebid-eu.creativecdn.com
ps.eyeota.net
radioearn.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
res.cloudinary.com
s.cpx.to
scontent-arn2-1.xx.fbcdn.net
scontent-arn2-2.xx.fbcdn.net
secure.adnxs.com
static.cbox.ws
static.criteo.net
static.xx.fbcdn.net
sync.smartadserver.com
token.rubiconproject.com
tpc.googlesyndication.com
uprimp.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.users.gobarberrj.com
www5.cbox.ws
x.bidswitch.net
xe9o.xyz
ylx-i.advertica-cdn2.com
104.16.200.58
13.226.145.27
13.226.145.42
13.226.145.94
138.68.105.0
142.250.186.34
142.250.186.98
146.185.142.91
167.86.126.136
172.64.170.11
178.250.0.157
178.250.0.165
18.189.5.176
18.195.185.23
185.184.8.65
185.64.190.80
185.66.200.127
185.66.200.220
185.66.201.58
185.86.139.113
188.114.96.7
188.114.97.7
216.137.180.16
2600:9000:2182:400:1c:4bbb:9180:93a1
2606:4700::6810:125e
2606:4700::6810:79c3
2606:4700::6812:1d5b
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2004
2a00:1450:4001:831::2008
2a02:2638:1::13
2a02:2638::3
2a03:2880:f00a:11c:face:b00c:0:3
2a03:2880:f00a:e:face:b00c:0:3
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42::393
3.120.18.167
3.125.70.222
35.211.178.172
37.157.6.245
37.252.172.45
37.252.173.22
46.101.136.217
52.210.129.48
52.223.40.198
63.33.136.74
68.168.213.90
69.173.144.139
78.46.33.196
94.130.39.102
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0152d89b40aa4de3331d48ae81013d94aa1f8eac3b389af112ac0fbc7d1ea799
02e2a28bb51de6f8cac38f355fb0679c63cf88812decef73c7688b9413475221
0322112f46e6deb92272ce7dd23ff07d23e4c7a2d47c1be2df12c6cbac2d6d55
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
063838df65b17918813bc3edf38d6cbf0111f98f2d639fac8350c398137b50dd
08adc3978f87c754fde8143b94b68a832d37ac78dcbc3a6cda1264eb950850f4
08b70188ae1d4087176f63ab63c9461d44aa318bf5a7b94ee70bc733dd80a231
08f422c67963f951376370501ab341593499940cf808bf12b5c2015c6b2bae11
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d0ac9911a560fee79bbafa54a46ca817f7d852f059846c05c27ffd18409084d
0e9a271186c09aaa5c7d7fd34398822b17d6dd3d9828a2c4ced07dc44a6d6d09
0f0f00205ee1a871f59d3897682a0de74fe6abc57b8e1ddf68e95f008a0dfe25
0fbdca850a55be20ef466b693461ee39b40a48c253e862ce1a77e4da753e94d5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13c49ce264224a16b8e2b5daad1b593e25479cc6724b5f7e312d532e898b239f
15ae5a2ef95ab21937ed9b72eb3f2e33bb5ef1eb7f47f642472cbd5a39361d3a
17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1
19e49ca2b8bf85f2fbc28b709fa56567bc12e907323475e9596209da4efb0c1c
1bad79e624c692809dacfa82e89e91e1f2fb6387902bad4e12d6ebf7cc963301
1cdb6311b1838e949bfd34e7501c32c840cbff73ca521081d1944e1dfc44b9b3
1f4923be0c1dc15fabb379df3786a298eff02be08132b8effe90ab5d9b8ecdf6
21f559552f6a67789c352b5530ef626f304c3434b7622f8e7e1100db3a59375f
239829f28f9ffb048658f827830851206f86a2aa5686ded7f3c453077a5b4aac
24b2ffba61cf17f85a28dcd58be33190a15364461312d4868f1aa6c2047d5ce7
25b7d32b4cd12e5e7ca6bdc381d94544f0112c142f8ca7853a32046868473c0a
29848afba3502a3d8f022bbe810fc5f4e78febe0a47ecc7b6c7ef56357a5bfbd
2b393bb3b10ebc669e26880f42307f502cc8a84ed0e0b873c4155de8b8639cbf
2cbbbf367f4ecc498a504b1a555698218687c0d2493046977b4a9f3f4a4c2003
2e3bde453441d9f45ecd50d01b2c733966873025911722e720fcdd577d6e4479
2fc03d9aedde903d02af6f056e5f650769979b27d899007f8f6e2519178ea9b7
2fdddfa7ce636a3b2624106d4d6d2e14c8267e8473b944882d13d915cf08843e
31e8040e46b1ea2b581a3249fd9e498441b89b5ce1bee0fdeed122fdf1ae90e4
33b26f836da9ae0ae209f875ce2882f6c36e09c4f01daa28e2cbf73621fa9e06
3839486b95bb3fa8cac7109e7f73fd3a139c843dac068c8e14a055e63ed2965f
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cbb1b08e059af451816e51deb37d4c5d0c1e1e571a2a52d3bba52c08bb6f1c5
3de1cf66362a1b046fd966b3e0e6afaac2f4c91be08c818dd994032aeecdc709
3fdb8daf38909cc108f3e5dff02c2816a8558743f77723bfaab3f2b7ecd05b47
431e6d166d9e0ec87e8211a635d07f2be01a8677e826f5c896ef51f6085a7232
44faa2582dc22dda313509a2a3a39de738688d9d106843590fcada1f0054570d
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
4ae91dd76ffe339d4668fe648aea2624d7d348c5164d296ccd5edd32d655711e
4b3457bd10b00e8b14e48020610da447149028c997c42d3b2c192ec55ae0b65f
4c40362b282b85dcbc5d03af07a9ccef72720302ba2461e2f6855a59e3419ae0
4cb72b47129fa2fb1fb59f8fc9f24be4d39abe98cb5f188bab7a78e78b3d5ccf
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f
5061a1cda7e5649b099158261260ff069dcc9dc0f2454d018a82974068acd733
510e28e7a3373dadc6be252b20f490a6586b3b4b158a76eca3c16a7af6166e71
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5550312bb8d6a298ba228642e403dacc8ca7c6d43a5ed00ada1e1659e7de707e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5992d721f6122553c15bb47fd4da430a21a7a21225670f41ee4bbb8d71e138ae
5a2e10d20d0cd41c41f2773a050bee4f19b11a25d8a270d721a8299180b46c8e
5a31b7f81e62c786475de1427532f84c85c30b71b83e0c88feba6ce68ffeb85c
5e4071c4201e9dc9352d8d45e034808dc45e8351d305bd9a0871d5c4f19eeaa3
5e71d08f626e0c80269671eb376ca9d6741dd81ca6caa5451063f0f2bc9b5c82
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f67413ce9bb699abbcb39fdc806ddd52112e0930182005f054ad4435e5c2a49
5f9268401c963483b9d7fb2ec51b9de1328518ced42dd8759b71121513082063
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e1d7ecba08e0392278c075cc5599e121e29c903a7723bc5442bd28b9e36877
655a093aca97709cf22755eed2a846475b505ac8bfabe31d2e4455b8bbf09f55
6661e9217fda53c900048a1bfe58c148a7b1c3e1fe3442044bbb8cb16b85d71b
6857bb5ee02c2c90dff470889c6bbd60cb4b5f5f3c619d54bf986a5094a20774
686752d8559239701a6a29c7ce0174f8b0de9a1242c1db8766be70a3687ba153
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c801b5acaa0dcffb9520f320a42f915fdd5d1d6331845e215edb0c578dd5a2f
6d8e0f235d94eb4657900e9afb0ab706aaf3ee761df56da4fc96254b4d42443a
6f9be47c5dbd1d3fc9da57efaa61bdfbeeee81a3ff0610d40e7c478e6a9585b8
7561e680878d5b0ead8704c157156c65b315bae88ba04b914aee6535f4de00c1
75928cd5063a9cea272c1c4e73ed650a878ac3bd2393e2864ce2f1be7bb124b5
7813f21ffc8ab5a9c4808a33cae9e6234b4ab3b14245a8900bdd62879642077c
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
790febcf2123f481b536e9443d1843fb4fca516886c4df9ebbaa45c6c2e1f393
79a877efe8b734108e34f43876590d9c6887c6dd740edfd218ef8ef9cce87b65
7a9fecc84498aa7b7e10256a4a35357ea00ed5740a3caf7392316a763b75b23a
7b90a4dc0654616860f5424f3ff522f33a749a21d2c4cc785232678885a71cb3
7c01f3573230c0d3f96ed8633d8babd9eb2b4d13eba9df56b5e37be047f3e736
7d28c834939cec1f5eb479cb4ca319a5a9fe87d092c8399056964db5787afdac
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7f1e765c576edcad537d701ea0c43acb1142355180a69c626b2ab9fadfa5e33b
817c7bfa636487e7881a3981354309e81e662fbaec22497e24e25e8797f43488
86a4828ddf8912b9c0fbbec0c2b2f35b07e3bffb81de9005f4d95eeed10f8dec
88d2d5f0458727a32febe975878c16f43536a2099b37b8f82e2e03a220f42e5b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d3c3490d56fffa040252f235800b4eab6ee832b574171a55bd6527fdfc6b8ce
8f76960c70c1d837143b074c2e794b570bcc4a16ebc06a1090d61e5055add611
8f999a27deb3d25139105d73518c01d1b8709c3cf36af275580160e5b0390625
90609b534e01cdfdc36da743da94cc2a5a90e40d477834b922b4d48be2915491
92e83fdf1ed8bb4a50fb72331cb20f536a1159ce55d523ebfca3441ce8e30294
94313ef2c6f3c5bb43d9ca39d64dad1a7aecb6bc0b15cb68d712f92bd14e4f04
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
957c4cd622090c3c567717c5dd1e5f69c03cb9b7dff00a569672287333d99a26
95e69938c2784591c8057f4094a979a152856ae64abeceae9a55ef75c15ca7ce
9874d4c8010a0e32cb8f9eed0e642b2cfdc6e41508fe6a11fadef5da10c89f7e
996dc3adcba0e172a95a466d755af8cd30b6c955b7f041bdac60f4959c693c46
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
9f49609d94cf82f3d089ddd83d5895d4048236deee85dc7cfc9853735f36a0f9
9fe08002d7d36471c82209ce1e38a398c743a3b490e8d199a63307f60f2b57a3
a036f72be2af61fa73108715a5b67b29e3a501685488dc67d83154bfd08403b6
a0a95495b25accfa800815aff27c5eb65957c039295a02486f9263a5a8b39c58
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ff3300d6a39fd7337641c07429777baa8d5f3f777c357e3cfbe20fdfd0ab68
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e52df77bb37e84b79807e3fee987e1f006753f66ee67cef414c6a2fe8430d9
a709ef8bb2814356477b46c375d350dbe8b522795fe41453cae8e953d40cf17d
a8aa5799a4c5515fa568424bc2fca34b8d1d5e863201d5f702c5858320b9e870
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa9f36c1c509957a9956868fbcbe65b5728c3b8668e2a626728da6aff78b9b59
ac67e8e93aa3409acc004511392ae5168a0f44a67729fa4d380697e73c2f6745
ada48455948f31f08a79c72f8e28d0b697f8be9ccde2aecde979b7b5c62bc286
add17215869d1f241665b96c938e603f3229591f32d31476c3b50c309c054f4a
b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2344c121da58dc1992caebcdeaeeb136f7d288cc12ffcb3bc597e487a587343
b24c7b4cf1071852c9c17938be9ca02f4e52d0be9f18839aa8e9a6f11183e195
b4433b579c93f32b5128f54d5d7d949c20668b3140fb4884f37ffbf72e2622a5
b68f081f406ff506acb336dd2373449ff799d38325dd615662843985df003725
b6bf35f686eba718e56f8d347cc33d9bdc6a018ca152398ae1d23e1d8cb588e8
b8b810cdb0faf8b810fcf74d9775d894b8248ea1033cb790d2612270699922b6
b93fe652eab9cbf4c17956c890f3f38366fd822e8844e936748f9dac55d38e6b
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bcf18a2ea356761f236ddfc75a09cb76de557b099649609105497e31c8470365
be4c96d81131c0b1b440d2b7cb4c86f78088b9db1ee63738cfaf2826cb78558d
be97083c08c332143d83235b12e2f4b2b0261d15f4ae409ce11c73920ab313ef
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf6269237b73159a2ebdd0b997f408016aa1da003a2e8a52c231fc408aace0ed
c0b786773b8199074400ae53a7d18d0af81359e240a51e69c9e97482e7281b76
c3f3aa15cdba8d145b4c66d3c1946eb82e0eb3f05ee43dc15658b82269a399ed
c45cb48b60ad770f952454ba4f309d354f8820c203151a014dd21e50c13b1907
c8c08689413542637990368e0a13b61ee5e3aeaa6635c2d5ef0f30be7acd073c
caede6025d19ea335df15131532dcfdcad654dee373086a625dabdd3cf308143
cd1d224412a462721acd1220b9e8cfd125d832ccf0fb57318b690dcbc842ed72
cd563f93983d5d448d7757bc63eff246ee86c209eeda0dffbf154bb324115599
ce060c4b31136228f92c39acd9a2b4e090d0cdb950d0f68c641cc4f2477decfa
cebc0b7e3c9904af6f553ef5e9f2a86b29091ade9aa57001ff90febb82a7b95b
d0cf2d66eac71dca1b844d85e94caece64301a0f8238a493b46e3d0b10243a5c
d674d75d8c3d870a5b8c11f2a434ff3c90732eba5a1f80aecff8d8eed44666c1
d6af6f8200da0892c42a36664106a02cd4e0c54c6a945ea8bae8585b65c34a66
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
db7264295600ec6b22e9e08c3373da63aaeb39f8fdca61cc378fb065e3a12cf0
df02aa33acd40ff99ac77551154f9fe7fd5a13dc1f782aac62ffb1a6a0f7f09c
e074e72bb8e703571421a434098f50e7562e8571822b35d35ac30c8b882e80be
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6038d90041624ed0727ac4ed46c5285e5f7e1074e91c5c5822e4e01bc1c019d
e7f556737034e1f62f52cae62a87cfb2b8b4ce81cafc6ac89cf5a094c8c38d23
eca9652bd84e574c9c47f5e7054e0b7f4af970d31111fa85a88068f4c53f222c
ecc9e412f022ead9dfa65a83b28d013994a27cd7dd77b257848370abf98f6cfa
f1192339145616e49146fd47487f27e4e9a5b264868a11c9a724ad75cdeb5e48
f204d83207c67903162f9e891a12307f766b9812fee2e3fd7c73771a4985de14
f3e6e0f2d06883cbfc58a30167b02d51697b65c29d07d75c8560b77765a555e8
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
f6d7b9fc7e566ede0dda55fa06b882d2a38dc1a58946658ffca9cc8cf8eddf2a
f745615864637dec109b8df3fb6707fef8c2f1e6eed5b8bcd4535f2a055d9819
f7492476dfa60f0146889b13e37c67fd1a70e42e6ddb017c0c08e25148fd8985
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7ea557c5ed871b8bbf621829ce5b9447ef55d0f4729b860806feb63de7369bb
fa8b4bd660415bf2479bee62717e7d89086d5c596cbaef5767a876e9eceb4684
fc2a3a7c2b6137f14c3b182ce0f6552b50c47b6a08a7bbf18e75ae4d2f25c534

www.users.gobarberrj.com Open in urlscan Pro 68.168.213.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

218 Requests

95 %HTTPS

37 %IPv6

43 Domains

60 Subdomains

52 IPs

11 Countries

10699 kBTransfer

17296 kBSize

43 Cookies

77 Outgoing links

Redirected requests

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.users.gobarberrj.com Open in urlscan Pro
68.168.213.90 Public Scan

Screenshot
Live screenshot

Full Image

218
Requests

95 %
HTTPS

37 %
IPv6

43
Domains

60
Subdomains

52
IPs

11
Countries

10699 kB
Transfer

17296 kB
Size

43
Cookies

218 HTTP transactions
7 data transactions