showbizchika.net Open in urlscan Pro
202.55.90.215 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://showbizchika.net/
Submission: On November 17 via manual (November 17th 2022, 6:57:58 am UTC) from QA — Scanned from DE

Summary HTTP 147 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 20 domains to perform 147 HTTP transactions. The main IP is 202.55.90.215, located in Singapore, Singapore and belongs to VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG. The main domain is showbizchika.net.

This is the only time showbizchika.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	202.55.90.215 202.55.90.215	18106 (VIEWQWEST...) (VIEWQWEST-SG-AP Viewqwest Pte Ltd)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 4	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
14	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 10	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	95.101.201.49 95.101.201.49	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2016	15169 (GOOGLE) (GOOGLE)
9	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:218... 2600:9000:2182:aa00:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
7	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
147	37

17 202.55.90.215 (Singapore, Singapore)

ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG)
PTR: fnet215-f90-access.vqbn.com

showbizchika.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.232.7 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3043.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.201.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-201-49.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2182:aa00:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	gstatic.com fonts.gstatic.com csi.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com	370 KB
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	273 KB
17	showbizchika.net showbizchika.net	263 KB
14	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 6735 router.infolinks.com — Cisco Umbrella Rank: 2500 rt3043.infolinks.com — Cisco Umbrella Rank: 68385	321 KB
12	criteo.net static.criteo.net — Cisco Umbrella Rank: 623 pix.eu.criteo.net — Cisco Umbrella Rank: 7562 csm.eu.criteo.net — Cisco Umbrella Rank: 7724	85 KB
11	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 309 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	96 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 94	799 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 jnn-pa.googleapis.com — Cisco Umbrella Rank: 261 imasdk.googleapis.com — Cisco Umbrella Rank: 413	159 KB
7	teads.tv 1 redirects a.teads.tv — Cisco Umbrella Rank: 1371 t.teads.tv — Cisco Umbrella Rank: 2533	132 KB
6	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 5174 data.ad-score.com — Cisco Umbrella Rank: 4510	141 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13545 ads.eu.criteo.com — Cisco Umbrella Rank: 7609 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9333	42 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	16 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	95 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 2963	70 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 201	5 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 115	23 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	2 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8709	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	699 B
147	20

	Domain	Requested by
17	showbizchika.net	showbizchika.net
10	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	pagead2.googlesyndication.com	showbizchika.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
9	csi.gstatic.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
9	www.youtube.com	showbizchika.net www.youtube.com
8	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
7	static.criteo.net	ads.eu.criteo.com
6	rt3043.infolinks.com	resources.infolinks.com
5	resources.infolinks.com	showbizchika.net resources.infolinks.com
4	jnn-pa.googleapis.com	www.youtube.com
4	a.teads.tv	1 redirects showbizchika.net a.teads.tv
3	pix.eu.criteo.net	ads.eu.criteo.com
3	data.ad-score.com	js.ad-score.com
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	js.ad-score.com	resources.infolinks.com js.ad-score.com
3	t.teads.tv	showbizchika.net
3	router.infolinks.com	resources.infolinks.com
3	fonts.googleapis.com	showbizchika.net cdnjs.cloudflare.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.gstatic.com	www.youtube.com googleads.g.doubleclick.net
2	www.google.com	www.youtube.com tpc.googlesyndication.com
2	www.google-analytics.com	showbizchika.net www.google-analytics.com
2	netdna.bootstrapcdn.com	showbizchika.net netdna.bootstrapcdn.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	imasdk.googleapis.com	resources.infolinks.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
147	40

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.bnshosting.net

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
showbizchika.net Sectigo RSA Domain Validation Secure Server CA	`2022-08-15` - `2023-08-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
teads.tv R3	`2022-10-27` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2022-09-02` - `2023-10-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh

This page contains 13 frames:

Primary Page: http://showbizchika.net/
Frame ID: 829483318CA9690DA7BE3E85518B5CB2
Requests: 75 HTTP requests in this frame

Frame: https://www.youtube.com/embed/xi_CnDxw4iQ
Frame ID: 63AAAB85113A969F43332F30BFD965BF
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 7B8E67A3DDFB9BF43ECEBD9C5E6D54AB
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=2398344&wsid=1&pdom=showbizchika.net&purl=http%3A%2F%2Fshowbizchika.net%2F
Frame ID: C8C4822B346F33757056136283DB0AD2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=4111123456&adf=1975995762&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270943&bpp=3&bdt=1715&idt=527&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=3345126572123&rume=1&frm=20&pv=2&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QRKi484Qha&p=http%3A//showbizchika.net&dtd=551
Frame ID: AEA0A1B08F01C92078F2CDF5BCA70C13
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=3545763283&adf=3206054074&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270947&bpp=2&bdt=1720&idt=556&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3345126572123&rume=1&frm=20&pv=1&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=30&ady=2910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=G5o1V31scb&p=http%3A//showbizchika.net&dtd=559
Frame ID: CF493FF1898684D0A7791CAFE730A084
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&adk=1812271804&adf=3025194257&lmt=1668647150&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fshowbizchika.net%2F&ea=0&pra=7&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=1&asro=0&dt=1668668270963&bpp=1&bdt=1735&idt=548&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&nras=1&correlator=3345126572123&rume=1&frm=20&pv=1&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&dtd=557
Frame ID: 2B693F9703476DD057C79CB3B4C08384
Requests: 1 HTTP requests in this frame

Frame: https://js.ad-score.com/x.html?pid=1000102
Frame ID: D1BEDA1F05C2658A34E23B694AA70007
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2508E241E168B7BD6622235611CB939B
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3XbbwALXEoK3tdGAAFYaKTdXEhQXCCzl-lUwg&u=%7Ck96kCLj%2BM1F%2BpmDteXyhUFIFtGHI0Ew6Tz6GwQCbSAo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9GkAX-PzNtKqb1F5Noyt2T7O004vioGILIyfA0LclOS-v379YahF7iFUFXgI1i0uEs4zcGskDy1vLfe3nAuRsV3IzRFAb8-0rg1xEUirjs6hqrFVi4wWPr1JLLdfGZ2GXKpUQvjNbtLHMNRQUitB8XcTWhczO86QeS7KNOGbVKZpB9mJNQPuXaCt5VUHv1K0RsPXUq5EIbt5hNiM6N_5ulLq4AW3eaJNuj-4CIi0YvTmIbuMgL2IrXD1hbp530M0tB_TtsPNHRlh_8zNtAWC1TZn1I0YQg6zSJb4EGRyPFvmDp9ArBVoKq6_vpDnCTh15CULnbYfs8QjAoslINRyqqdfOXie158Sp79WKmQg8cKeX_WURZYyrU5wSkn4HP1n9FYpcOH1gnBKN9fzHX9MtNLe3wZmiMC0ayJuLGZn-MkPk0N3sgun5LjGMUOhzn7oNMuJRF0s9g15ZY2H5VSSbsrgoheWx_EcNOuSaeblWGzGStI-Dupm0AvUNTwBl4RxHVOtbFVQJYeENx-kGF8G4idG-kacUAvpQYwOrH9dDj7gqf5g19I6DwcsIjjf1Mn16&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCur8lb9t1Y8q4Lcau-wbosIWwA8me0rFcvY6X93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItNDY3MTQyNTA5Mjk3NDk0NcgBCakCnFrE5nBpsT6oAwGqBLUBT9BYqGyxNaMP8Io-zoZ8jsrbLVLy5vozwCOpyM9qk38wiBfe3-ZV1N2iP4VshoQ_60XQjZ0T9SUsTTrMxASzOca9NPYShpgbEZqEfFGvvZ6EaZkblnE4lbQ6xriGbYmhjATPY1c87K1B_LGXmLfDrqobsDbnzHK1UK9GExVChQ240T_YBPb9XXgpV_sBCrb0bUAwC3CzyzI2-4zlIAN5ueBIPHDvpzyCGEe03Kr7_A1k3KvBKYAGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0NYS6-l1jL6g0tlZPjd-WNrTtmXw%26client%3Dca-pub-4671425092974945%26adurl%3D
Frame ID: 45834491730B3A51DF231D58B8566DF5
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 5D51CE4DC17D6736C053AD3A177B2AF5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 29E58819957F4129E70877D5FFF6332E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 90FC3226A9BCE9BC301611959EF1CFD5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ShowBiz Chika - Chikahan Tayo to the Max

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

147
Requests

83 %
HTTPS

83 %
IPv6

20
Domains

40
Subdomains

37
IPs

4
Countries

2915 kB
Transfer

8388 kB
Size

12
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/showbizchika/

Search URL Search Domain Scan URL

URL: https://twitter.com/showbizchikaph

Search URL Search Domain Scan URL

URL: https://www.instagram.com/showbizchika/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/showbizavenue
Title: <img src="https://showbizchika.net/wp-content/uploads/2019/04/fb_banner300x600.jpg" border="1">

Search URL Search Domain Scan URL

URL: http://www.bnshosting.net/
Title: Philippine Data Center

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=6.0.2 HTTP 307
https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=6.0.2

Request Chain 7

http://a.teads.tv/page/105783/tag HTTP 301
https://a.teads.tv/page/105783/tag

Request Chain 9

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 17

http://showbizchika.net/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.12.min.js HTTP 307
https://showbizchika.net/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.12.min.js

Request Chain 57

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

147 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
showbizchika.net/ 120 KB
15 KB 1506ms
493ms Document
text/html 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to

Full URL

http://showbizchika.net/

Protocol

HTTP/1.1

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 / PHP/7.2.21

Resource Hash

b4c52764fe1968ad3af33f1340b9ce06a56c94135c7303a0ad7abb3c5d797084

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0
Connection: Upgrade, close
Content-Encoding: gzip
Content-Length: 14924
Content-Type: text/html; charset=UTF-8
Date: Thu, 17 Nov 2022 06:58:56 GMT
Expires: Thu, 17 Nov 2022 06:58:56 GMT
Last-Modified: Thu, 17 Nov 2022 01:05:50 GMT
Server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
Strict-Transport-Security: max-age=63072000; includeSubdomains
Upgrade: h2c
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: DENY, SAMEORIGIN
X-Powered-By: PHP/7.2.21

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 315ms
107ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%7COpen%20Sans%3A300%2C400%2C600%2C700%2C800%7COswald%3A400%2C700%7COpen%2BSans%3A300%2C400%2C600%2C700%2C800%26amp%3Bsubset%3Dlatin%2Clatin-ext&subset=

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

681648c2a7396ae7a3f95ce899c1a30eb85e42eabb15173032130824c49ada20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 17 Nov 2022 06:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 06:57:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Nov 2022 06:57:49 GMT

GET
H2 200 007bf26a1dfb1ad580a3310952591a56.css
showbizchika.net/wp-content/cache/min/1/ 174 KB
23 KB 1035ms
507ms Stylesheet
text/css 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to

Full URL

https://showbizchika.net/wp-content/cache/min/1/007bf26a1dfb1ad580a3310952591a56.css

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

ea498a23d10f87fa605af0d9a122c42aab33fc7f03dd5f56217c7456baffd85b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Wed, 16 Nov 2022 23:58:49 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 22954
expires: Fri, 17 Nov 2023 06:58:57 GMT

GET
H2

200

font-awesome.css
netdna.bootstrapcdn.com/font-awesome/4.4.0/css/
Redirect Chain

http://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=6.0.2
https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=6.0.2

32 KB
7 KB

304ms
106ms

Stylesheet
text/css

2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=6.0.2

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 864
age: 6780064
cdn-cachedat: 03/12/2022 12:07:49
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"8e12157da5fc90094ae4113ba110456b"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 3b0b013d6791f147bae3b4c976dc558b
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 76b6930c8c029b4c-FRA
cdn-requestpullsuccess: True

Redirect headers

Location: https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=6.0.2
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 jquery.min-3.6.0.js Show response
showbizchika.net/wp-content/cache/busting/1/wp-includes/js/jquery/ 87 KB
31 KB 792ms
264ms Script
application/javascript 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to

Full URL

https://showbizchika.net/wp-content/cache/busting/1/wp-includes/js/jquery/jquery.min-3.6.0.js

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Wed, 16 Nov 2022 23:58:49 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 30836
expires: Fri, 17 Nov 2023 06:58:57 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 45 KB
2 KB 210ms
109ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Playfair+Display:100,200,300,400,400italic,500,600,700,700italic,800,900|PT+Serif:100,200,300,400,400italic,500,600,700,700italic,800,900|Open+Sans:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

949a101cdacea4f25db890a1bd4228a47a5d150005af3f08a32bf692d5b5482d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 17 Nov 2022 06:57:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Thu, 17 Nov 2022 06:57:49 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Thu, 17 Nov 2022 06:57:49 GMT

GET
H2 200 showbzchika-logo10.png
showbizchika.net/wp-content/uploads/2019/10/ 5 KB
5 KB 248ms
248ms Image
image/png 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showbizchika.net/wp-content/uploads/2019/10/showbzchika-logo10.png

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

04e747f7eb987f28a233330069638541366cac8bf674462132de0cf643f812b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Thu, 31 Oct 2019 04:50:08 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5392
expires: Sat, 17 Dec 2022 06:58:58 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 203ms
103ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

724a4a1a44226986c31b15aaf24bc91e8270ca9ba2359f52ca7b35701dbc2cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 17 Nov 2022 06:57:50 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 51700
X-XSS-Protection: 0
Server: cafe
ETag: 15557726869095607516
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Thu, 17 Nov 2022 06:57:50 GMT

GET
H2

200

tag Show response
a.teads.tv/page/105783/
Redirect Chain

http://a.teads.tv/page/105783/tag
https://a.teads.tv/page/105783/tag

783 B
825 B

346ms
120ms

Script
application/javascript

2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/105783/tag
Requested by: Host: showbizchika.net
URL: http://showbizchika.net/
Protocol: H2
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 431efabf2be233e277688ff15fc42f8d17e84e4adb4b2b8e825163ae861e3481

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:51 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 483
expires: Thu, 17 Nov 2022 07:57:51 GMT

Redirect headers

Location: https://a.teads.tv/page/105783/tag
Date: Thu, 17 Nov 2022 06:57:50 GMT
Cache-Control: private, must-revalidate, max-age=3600
Connection: keep-alive
Content-Length: 0
Expires: Thu, 17 Nov 2022 07:57:50 GMT

GET
H2 200 4dde7bb0832dadc79d9c4ad7bd40b3e6.js Show response
showbizchika.net/wp-content/cache/min/1/ 112 KB
39 KB 268ms
267ms Script
application/javascript 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to

Full URL

https://showbizchika.net/wp-content/cache/min/1/4dde7bb0832dadc79d9c4ad7bd40b3e6.js

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

5a816478858f52d2c4139335982d752ccb54b655d97e2d86285cb267a7959feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Wed, 16 Nov 2022 23:58:48 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 39215
expires: Fri, 17 Nov 2023 06:58:58 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

258ms
84ms

Script
text/javascript

2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 17 Nov 2022 05:29:16 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5314
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 17 Nov 2022 07:29:16 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
45 KB 168ms
83ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Playfair+Display:100,200,300,400,500,600,700,800,900|Montserrat:100,200,300,400,500,600,700,800,900|Playfair+Display:100,200,300,400,400italic,500,600,700,700italic,800,900|PT+Serif:100,200,300,400,400italic,500,600,700,700italic,800,900|Open+Sans:100,200,300,400,500,600,700,800,900&subset=latin,latin-ext,cyrillic,cyrillic-ext,greek-ext,greek,vietnamese

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://showbizchika.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 05:09:39 GMT
X-Content-Type-Options: nosniff
Age: 524891
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 44856
X-XSS-Protection: 0
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 11 Nov 2023 05:09:39 GMT

GET
H3 200 fontawesome-webfont.woff2
netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
64 KB 170ms
88ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: netdna.bootstrapcdn.com
URL: https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=6.0.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://netdna.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.css?ver=6.0.2
Origin: http://showbizchika.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 17482
cdn-cachedat: 06/09/2022 10:24:04
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64464
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 10488c0ab6d9b98460450271405d2e17
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 76b69313c8f3bbb0-FRA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 35 KB
36 KB 167ms
84ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/playfairdisplay/v30/nuFkD-vYSZviVYUb_rj3ij__anPXDTnogkk7.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b574669ac419e9857b34bd603555cc632152f8122f6b154d049e13cc0a167b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://showbizchika.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 00:04:31 GMT
X-Content-Type-Options: nosniff
Age: 370399
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 36104
X-XSS-Protection: 0
Last-Modified: Mon, 18 Jul 2022 19:13:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Mon, 13 Nov 2023 00:04:31 GMT

GET
H/1.1 200
OK JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
31 KB 168ms
84ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://showbizchika.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 17 Nov 2022 02:28:54 GMT
X-Content-Type-Options: nosniff
Age: 16136
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 30928
X-XSS-Protection: 0
Last-Modified: Mon, 11 Jul 2022 18:57:39 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 17 Nov 2023 02:28:54 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v17/ 32 KB
33 KB 179ms
83ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://showbizchika.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Tue, 15 Nov 2022 19:14:23 GMT
X-Content-Type-Options: nosniff
Age: 128607
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 32900
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 15:44:11 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 15 Nov 2023 19:14:23 GMT

GET
H2 200 xi_CnDxw4iQ Show response
www.youtube.com/embed/ Frame 63AA 68 KB
28 KB 324ms
129ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/xi_CnDxw4iQ

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b663e43ed96015bf4f54dd2c961a178006e45666c468b82e1d23d642ee707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://showbizchika.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 06:57:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

lazyload-10.12.min.js Show response
showbizchika.net/wp-content/plugins/wp-rocket/inc/front/js/
Redirect Chain

http://showbizchika.net/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.12.min.js
https://showbizchika.net/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.12.min.js

4 KB
2 KB

247ms
247ms

Script
application/javascript

202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to

Full URL

https://showbizchika.net/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.12.min.js

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

fef59d7a136506fbe8e3c50c622f0fb28d777ca210773b575e638d0617a001ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Wed, 14 Aug 2019 10:54:35 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 1684
expires: Fri, 17 Nov 2023 06:58:58 GMT

Redirect headers

Location: https://showbizchika.net/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.12.min.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/ 35 KB
36 KB 175ms
83ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://showbizchika.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Fri, 11 Nov 2022 02:10:32 GMT
X-Content-Type-Options: nosniff
Age: 535638
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 35764
X-XSS-Protection: 0
Last-Modified: Mon, 18 Jul 2022 19:06:36 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 11 Nov 2023 02:10:32 GMT

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1833.005-3.025/ 183 KB
57 KB 267ms
105ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Requested by: Host: showbizchika.net
URL: http://showbizchika.net/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d45e21586b9ad438cdb6823da9573e343ebb6f9093c513b201a62292d86aef1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:51 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 12:49:16 GMT
server: cloudflare
age: 3119
etag: W/"2dace-5ed3151439457"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 76b69315ebde9ba1-FRA
expires: Sat, 17 Dec 2022 06:05:52 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 911ddf821ac39f09e17d63faa249e5cd58c6a8dd3ec0340326ee31841c6154b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 alexg-07161901-300x199.jpg
showbizchika.net/wp-content/uploads/2019/07/ 12 KB
12 KB 247ms
244ms Image
image/jpeg 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showbizchika.net/wp-content/uploads/2019/07/alexg-07161901-300x199.jpg

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

d61f3b46035709bf27a3cfe1fe3bee6b26a80529e6bedd459a2a26fdbee939aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Tue, 16 Jul 2019 01:19:02 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 11801
expires: Sat, 17 Dec 2022 06:58:58 GMT

GET
H2 200 sarahmateo-120920201-150x90.jpg
showbizchika.net/wp-content/uploads/2020/12/ 5 KB
5 KB 249ms
246ms Image
image/jpeg 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showbizchika.net/wp-content/uploads/2020/12/sarahmateo-120920201-150x90.jpg

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

40a5de46da7f23a91c6a82012b39841ac57c14183e262d65e8eb78b96057c274

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Wed, 09 Dec 2020 00:49:06 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4682
expires: Sat, 17 Dec 2022 06:58:58 GMT

GET
H2 200 5vicki-1-150x90.jpg
showbizchika.net/wp-content/uploads/2022/11/ 5 KB
5 KB 499ms
496ms Image
image/jpeg 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showbizchika.net/wp-content/uploads/2022/11/5vicki-1-150x90.jpg

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

9b7e945da5f2dc8b7f0d7100903376ec8dab5e5397b2f4652102492bea9bdce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Thu, 17 Nov 2022 00:05:55 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 4625
expires: Sat, 17 Dec 2022 06:58:58 GMT

GET
H2 200 sharonc-91420201.jpg
showbizchika.net/wp-content/uploads/2020/09/ 23 KB
23 KB 260ms
257ms Image
image/jpeg 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showbizchika.net/wp-content/uploads/2020/09/sharonc-91420201.jpg

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

783f0a522dc1fd877518c4b06510653dff0983629679dc3987b1c64e366d51c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Mon, 14 Sep 2020 06:50:44 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 23323
expires: Sat, 17 Dec 2022 06:58:58 GMT

GET
H2 200 5vhong-1-450x270.jpg
showbizchika.net/wp-content/uploads/2022/11/ 10 KB
11 KB 260ms
258ms Image
image/jpeg 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showbizchika.net/wp-content/uploads/2022/11/5vhong-1-450x270.jpg

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

55b5a1f4cf32c4be83da25e509795858df3600dd6f4916f8213c4a4cd57f3152

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Wed, 16 Nov 2022 01:02:05 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 10671
expires: Sat, 17 Dec 2022 06:58:58 GMT

GET
H2 200 5danny-1-450x270.jpg
showbizchika.net/wp-content/uploads/2022/10/ 13 KB
13 KB 493ms
491ms Image
image/jpeg 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showbizchika.net/wp-content/uploads/2022/10/5danny-1-450x270.jpg

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

73c6cd3b73ec029e88fae48d3a0a336bb58cf5ca1e49f4a669b626db8ab45142

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Mon, 31 Oct 2022 11:43:46 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 13580
expires: Sat, 17 Dec 2022 06:58:58 GMT

GET
H2 200 1daniel-4-450x270.jpg
showbizchika.net/wp-content/uploads/2022/04/ 22 KB
22 KB 494ms
492ms Image
image/jpeg 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showbizchika.net/wp-content/uploads/2022/04/1daniel-4-450x270.jpg

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

0100957725f44de259616aabbd3a4fd491c0c6023e629a9b8028e097d5adda27

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 09:24:26 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 22354
expires: Sat, 17 Dec 2022 06:58:58 GMT

GET
H2 200 sharonc-91420201-450x270.jpg
showbizchika.net/wp-content/uploads/2020/09/ 18 KB
18 KB 496ms
494ms Image
image/jpeg 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showbizchika.net/wp-content/uploads/2020/09/sharonc-91420201-450x270.jpg

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

e420f1103f1826b2099901c8067387729b571bb4aa6844b5ba6ba3e51080d5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Mon, 14 Sep 2020 06:50:44 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 18037
expires: Sat, 17 Dec 2022 06:58:58 GMT

GET
H2 200 0sharon-11-450x270.jpg
showbizchika.net/wp-content/uploads/2021/12/ 17 KB
17 KB 497ms
495ms Image
image/jpeg 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showbizchika.net/wp-content/uploads/2021/12/0sharon-11-450x270.jpg

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

973a751cada226b377324165340546f2fabb6293208b6de74042b879a86bcbb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Mon, 13 Dec 2021 09:12:46 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 16928
expires: Sat, 17 Dec 2022 06:58:58 GMT

GET
H2 200 2heart-7-450x270.jpg
showbizchika.net/wp-content/uploads/2022/07/ 19 KB
20 KB 497ms
496ms Image
image/jpeg 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showbizchika.net/wp-content/uploads/2022/07/2heart-7-450x270.jpg

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

4de1e222674a6f52395d73181b461d66adcaa209064ff8743d477f65d2e4a546

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Mon, 01 Aug 2022 03:25:16 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 19814
expires: Sat, 17 Dec 2022 06:58:58 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 241ms
82ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=306311285&t=pageview&_s=1&dl=http%3A%2F%2Fshowbizchika.net%2F&ul=en-us&de=UTF-8&dt=ShowBiz%20Chika%20-%20Chikahan%20Tayo%20to%20the%20Max&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1077782692&gjid=2058947153&cid=620008452.1668668271&tid=UA-53152391-4&_gid=202818029.1668668271&_r=1&_slc=1&z=523220809

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://showbizchika.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 06:57:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://showbizchika.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/6870f412/ Frame 63AA 359 KB
49 KB 247ms
82ms Stylesheet
text/css 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6870f412/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xi_CnDxw4iQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a81c441e488822e3b9386082cb57e92ac5b857757b485b9afbc87e0aad2d9415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/xi_CnDxw4iQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 15:52:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54341
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49763
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Nov 2023 15:52:10 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
117 KB 286ms
121ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4671425092974945&plah=showbizchika.net&bust=31070969

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ad0df861a468c3a72d09813d7866c08da72b110ccde24a5675fd1b455e7925d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119179
x-xss-protection: 0
server: cafe
etag: 7769157215618867123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 06:57:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 7B8E 10 KB
5 KB 281ms
88ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://showbizchika.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Nov 2022 12:15:33 GMT
etag: 10353107486223812946
expires: Wed, 30 Nov 2022 12:15:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 63AA 15 KB
16 KB 244ms
79ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xi_CnDxw4iQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 19:21:27 GMT
x-content-type-options: nosniff
age: 128184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Nov 2023 19:21:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 63AA 15 KB
15 KB 263ms
99ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xi_CnDxw4iQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 129483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Nov 2023 18:59:48 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/6870f412/www-embed-player.vflset/ Frame 63AA 310 KB
96 KB 279ms
170ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6870f412/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xi_CnDxw4iQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

025da3189553cc8c7431fee69149291ee5154cdbc0b260192a405f9a761eaf04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/xi_CnDxw4iQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 15:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98466
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Nov 2023 15:52:49 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/ Frame 63AA 2 MB
578 KB 312ms
203ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xi_CnDxw4iQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143044b70e8dea408c020786c55869f28b9f0bc89df6a935518d5003769197fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/xi_CnDxw4iQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 15:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 592176
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Nov 2023 15:53:37 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/6870f412/fetch-polyfill.vflset/ Frame 63AA 9 KB
3 KB 189ms
81ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6870f412/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xi_CnDxw4iQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/xi_CnDxw4iQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 15:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Nov 2023 15:52:49 GMT

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 595 KB
130 KB 72ms
72ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: http://a.teads.tv/page/105783/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e90e40eba272ee27752da135dd5c8af57a49490090a72e09e26b5c92cf1c233d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:51 GMT
content-encoding: br
last-modified: Wed, 16 Nov 2022 10:56:04 GMT
x-amz-request-id: 799X3PG98HY81TKW
etag: "bd5f95cd269ff9b53124b4b5513b059c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 8
accept-ranges: bytes
content-length: 132763
x-amz-id-2: +yUJpR5VNmUEuyu9C03TBQlR3qewKU3ac2YjYnXziV+kWVo6XNOq3lWOpDkot9t9YoNxeASuwhE=
expires: Thu, 17 Nov 2022 07:27:51 GMT

GET
H2 200 aljur-2-150x90.jpg
showbizchika.net/wp-content/uploads/2021/07/ 5 KB
5 KB 243ms
243ms Image
image/jpeg 202.55.90.215
VIEWQWEST-SG-AP V...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://showbizchika.net/wp-content/uploads/2021/07/aljur-2-150x90.jpg

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

202.55.90.215 Singapore, Singapore, ASN18106 (VIEWQWEST-SG-AP Viewqwest Pte Ltd, SG),

Reverse DNS

fnet215-f90-access.vqbn.com

Software

Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21 /

Resource Hash

d3b0a6ae9c25775f326e82ccfeeefaab20f2aa83d95e69abc121081dc05b338f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:58:59 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
last-modified: Fri, 09 Jul 2021 00:32:09 GMT
server: Apache/2.4.39 (codeit) OpenSSL/1.1.1c PHP/7.2.21
x-frame-options: DENY, SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 5297
expires: Sat, 17 Dec 2022 06:58:59 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame C8C4 0
33 B 188ms
186ms Document
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=2398344&wsid=1&pdom=showbizchika.net&purl=http%3A%2F%2Fshowbizchika.net%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://showbizchika.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 76b69318e8d29ba1-FRA
content-length: 0
date: Thu, 17 Nov 2022 06:57:51 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
43 B 199ms
190ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=2398344&wsid=1&pdom=showbizchika.net&purl=http%3A%2F%2Fshowbizchika.net%2F
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:51 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76b693176e899ba1-FRA
content-length: 0

GET
H/1.1 200
OK gsd Show response
router.infolinks.com/ 321 B
801 B 322ms
219ms Script
text/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://router.infolinks.com/gsd?evt=afterGSD&pid=2398344&wsid=1&pdom=showbizchika.net&purl=http%3A%2F%2Fshowbizchika.net%2F&jsv=1833.005-3.025&_cb=16686682711920
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5330b2c5676a6fb4a98545b093d99b93e68be01c5017430dc45ea2fe4cb8a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Nov 2022 06:57:51 GMT
Via: 1.1 google
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
P3P: CP="NON DSP NID OUR COR"
Content-Type: text/javascript;charset=UTF-8
Cache-Control: max-age=0
Connection: keep-alive
CF-RAY: 76b69318088f9948-FRA
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 385ms
116ms Image
image/gif 95.101.201.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=61ac1143-b09d-47da-bf25-f9cc6f832b25&pageId=105783&pid=114579&debug_metadata=NLcrUMosyG&fv=1101&ts=1668668271441&f=1&referer=http%3A%2F%2Fshowbizchika.net%2F
Requested by: Host: showbizchika.net
URL: http://showbizchika.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.201.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-201-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:51 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 379ms
109ms Image
image/gif 95.101.201.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=61ac1143-b09d-47da-bf25-f9cc6f832b25&pageId=105783&pid=114579&slot=corner&fv=1101&ts=1668668271446&f=1&referer=http%3A%2F%2Fshowbizchika.net%2F
Requested by: Host: showbizchika.net
URL: http://showbizchika.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.201.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-201-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 17 Nov 2022 06:57:51 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/105783/ 540 B
716 B 255ms
254ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/105783/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=http%3A%2F%2Fshowbizchika.net%2F&page=%7B%22id%22%3A105783%2C%22placements%22%3A%5B%7B%22id%22%3A114579%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A523%2C%22height%22%3A294%7D%2C%22slotType%22%3A%22corner%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=61ac1143-b09d-47da-bf25-f9cc6f832b25&formatVersion=1101&env=js-web&netBw=10&ttfb=493
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eaeebd0b6bb582b921d4c26ffc32d9b717dd99945e11326118b936a448fd8fa5

Request headers

Accept: application/json; charset=UTF-8
Referer: http://showbizchika.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 06:57:51 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://showbizchika.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 367
expires: Thu, 17 Nov 2022 06:57:51 GMT

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ 55 KB
21 KB 243ms
80ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4671425092974945&plah=showbizchika.net&bust=31070969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

945b3fb4d4f9036f7fcc9ff1d3f7c38c911ed4048446e49556a55dd957c982b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 11:29:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21300
x-xss-protection: 0
server: cafe
etag: 10372875706270616980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Nov 2022 11:29:13 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
699 B 255ms
87ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=showbizchika.net&callback=_gfp_s_&client=ca-pub-4671425092974945&gpid_exp=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9a37b19225ebcc58c8c06f677cd2903c54bac5e2fa8f8662190e94cfdf7e320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 259ms
87ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=showbizchika.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 295ms
97ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=showbizchika.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AEA0 25 KB
10 KB 850ms
689ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=4111123456&adf=1975995762&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270943&bpp=3&bdt=1715&idt=527&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=3345126572123&rume=1&frm=20&pv=2&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QRKi484Qha&p=http%3A//showbizchika.net&dtd=551

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbb1852594704d9cb209b1a6634de429e6acdf0deee06d8c3faaa5efb0d3c39e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://showbizchika.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10585
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 06:57:52 GMT
expires: Thu, 17 Nov 2022 06:57:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CF49 109 KB
34 KB 728ms
578ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=3545763283&adf=3206054074&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270947&bpp=2&bdt=1720&idt=556&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3345126572123&rume=1&frm=20&pv=1&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=30&ady=2910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=G5o1V31scb&p=http%3A//showbizchika.net&dtd=559

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31d5b2d682d842732d2fa5d0a4306e16f31d47aa9e2e1ca7c8ae868a1434d016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://showbizchika.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 35050
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 06:57:52 GMT
expires: Thu, 17 Nov 2022 06:57:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 238ms
118ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fshowbizchika.net%2F&tn=DIV&id=fly-wrap&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: showbizchika.net
URL: http://showbizchika.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 06:57:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2B69 0
19 B 224ms
89ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&adk=1812271804&adf=3025194257&lmt=1668647150&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fshowbizchika.net%2F&ea=0&pra=7&wgl=1&easpi=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=1000&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&aspe=1&asro=0&dt=1668668270963&bpp=1&bdt=1735&idt=548&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&nras=1&correlator=3345126572123&rume=1&frm=20&pv=1&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=5&uci=a!5&fsb=1&dtd=557

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://showbizchika.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 06:57:51 GMT
expires: Thu, 17 Nov 2022 06:57:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK doq.htm Show response
rt3043.infolinks.com/action/ 2 KB
2 KB 359ms
270ms XHR
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rt3043.infolinks.com/action/doq.htm?pcode=utf-8&r=16686682715631
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 805d48dddc6595ee4faea31d4d4cb16a90336b5d4470dcc3cc1ec553dc6b5c67

Request headers

Referer: http://showbizchika.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 17 Nov 2022 06:57:51 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Transfer-Encoding: chunked
P3P: CP="NON DSP NID OUR COR"
Connection: keep-alive
X-Application-Context: application:prod
Pragma: no-cache
Server: cloudflare
Vary: Origin
Content-Type: text/html;charset=UTF-8
Access-Control-Allow-Origin: http://showbizchika.net
Content-Language: de-DE
Cache-Control: no-cache,no-store
Access-Control-Allow-Credentials: true
CF-RAY: 76b6931a3f4f91f0-FRA
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 63AA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

93ms
91ms

XHR
application/json

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xi_CnDxw4iQ

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1615f7e93c723044f06e90adc4a966ef4cdccf482dbbe92a9fdb69515af878f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 17 Nov 2022 06:57:51 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 63AA 29 B
587 B 256ms
77ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:54:12 GMT
x-content-type-options: nosniff
age: 219
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 17 Nov 2022 07:09:12 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 263ms
84ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 17 Nov 2022 06:57:51 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 63AA 66 KB
30 KB 280ms
98ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d4f364d7ce389afc4642aef35fa71cd75b52be7337ce1d38f4566d8509a8675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 17 Nov 2022 06:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30926
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/ Frame 63AA 119 KB
36 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

897f979133e001c87fcaca3ae00aa8410a991c85df6cc489b51d032fbbb36ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/xi_CnDxw4iQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 15:54:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37233
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Nov 2023 15:54:22 GMT

GET
H2 200 _mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js Show response
www.google.com/js/th/ Frame 63AA 36 KB
15 KB 259ms
78ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe65bfd909ac7e21df1d0ceec09263795de5beb2504bb6c286a62a64b89edbd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 22:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 376286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14302
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Nov 2023 22:26:25 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/ Frame 63AA 26 KB
8 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24191d39422869585aa969dd369a12a9340eaa7ec3b86006aee19cca4968bf27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/xi_CnDxw4iQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 15:53:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8296
x-xss-protection: 0
last-modified: Wed, 16 Nov 2022 01:15:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 16 Nov 2023 15:53:40 GMT

GET
DATA 200
OK truncated
/ Frame 63AA 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu8jpgOiffHe9kOx69ALqZtfyBjNQOku3AyVzz5l=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 63AA 2 KB
2 KB 253ms
80ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu8jpgOiffHe9kOx69ALqZtfyBjNQOku3AyVzz5l=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xi_CnDxw4iQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0d476c7a95dbdd8f5e0bb838a8ae88f5eb0e9573d80a2f482deeb46e65b458b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 05:50:42 GMT
x-content-type-options: nosniff
age: 4029
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2109
x-xss-protection: 0
server: fife
etag: "vc"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 31 Oct 2022 21:08:19 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/xi_CnDxw4iQ/ Frame 63AA 23 KB
23 KB 255ms
89ms Image
image/webp 2a00:1450:4001:808::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/xi_CnDxw4iQ/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/xi_CnDxw4iQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e1c8c5920bb68483b89b1a35c5046b1fb64b36c013b972ab53e6083cfb32ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:51 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23188
x-xss-protection: 0
server: sffe
etag: "1615356573"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 17 Nov 2022 08:57:51 GMT

GET
H2 200 track
t.teads.tv/ 23 B
143 B 120ms
116ms Image
image/gif 95.101.201.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adCall&pid=114579&pageId=105783&auctid=61ac1143-b09d-47da-bf25-f9cc6f832b25&vid=00000000-0000-0000-0000-000000000001&env=js-web&bsg=uncat&bsias=uncat&rpm_reason=12&p=UMXDxVwCLv2rsewH22ODZE0G&cts=1668668271684&cs=190333727924773263405&fv=1101&ts=1668668271756&referer=http%3A%2F%2Fshowbizchika.net%2F
Requested by: Host: showbizchika.net
URL: http://showbizchika.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.201.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-201-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Thu, 17 Nov 2022 06:57:51 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

POST
H2 204 csi
csi.gstatic.com/ 0
327 B 251ms
83ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~lakq06uq&c=1566860561536691&e=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsY1RwgPioECAESAAoNGOMeIFUqBggGEgIQAQ
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 06:57:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 63AA 4 KB
3 KB 277ms
90ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Nov 2022 06:57:52 GMT

GET
H2 200 in_search.js Show response
resources.infolinks.com/js/1833.005-3.025/ 223 KB
89 KB 91ms
90ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1833.005-3.025/in_search.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 858364408782a9612aca179e63cfcda6c8c64bbbebc65ec7a1dba1823d7084cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:52 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 12:49:16 GMT
server: cloudflare
age: 2860
etag: W/"37df7-5ed315143a7e0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 76b6931bffbb9ba1-FRA
expires: Sat, 17 Dec 2022 06:10:11 GMT

GET
H2 200 bubble.js Show response
resources.infolinks.com/js/1833.005-3.025/ 156 KB
47 KB 131ms
130ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1833.005-3.025/bubble.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 383218cb294a8a07fefa67740d966d1bef0e356d01e9fc63f4b2dc136c31f863

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:52 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 12:49:16 GMT
server: cloudflare
age: 2737
etag: W/"27068-5ed315143a3f8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 76b6931bffbd9ba1-FRA
expires: Sat, 17 Dec 2022 06:12:15 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 370 KB
124 KB 193ms
88ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 17 Nov 2022 06:57:52 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="ads-doubleclick-instream-static"
Vary: Accept-Encoding
Report-To: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 126568
X-XSS-Protection: 0
Expires: Thu, 17 Nov 2022 06:57:52 GMT

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ 415 KB
133 KB 269ms
80ms Script
application/javascript 2600:9000:2182:aa00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=2398344_1&l2=4&l3=Windows&l4=Chrome&l5=showbizchika.net&ref=http://showbizchika.net/&pub_domain=showbizchika.net&utid=a7119ef4-f4a0-46ea-b9c0-d155db28f0fa&uid=cuid_d8decdcf-d6e8-4b3f-825f-ef02b491e89d&uip=37.58.58.249&cb=7567341442016417022
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:aa00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 88db9b874d854061d6435712019210a3245af1d25e1525644b6c592bf54e503d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 16:43:52 GMT
Content-Encoding: br
Via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-C1
Age: 51240
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 16:43:52 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: S7NesdfZAtCy4RZkQzXMlD9LgOYNjGIvZS3oiGYke44QZ20y3ZciGg==
Expires: Thu, 17 Nov 2022 16:43:52 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 63AA 0
10 B 81ms
79ms Image
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?DdMxjQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/xi_CnDxw4iQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/xi_CnDxw4iQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:52 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 253ms
87ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=2~lakq06uu&c=1566860561536691&e=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsYqCEgQioECAgSAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 06:57:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 intag_incontent.js Show response
resources.infolinks.com/js/1833.005-3.025/ 199 KB
38 KB 98ms
98ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1833.005-3.025/intag_incontent.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8794fd6664c984c074ea7c0581e0b453ad7001bbf66e57628b4ab870861563e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:52 GMT
via: 1.1 google
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 11 Nov 2022 12:49:16 GMT
server: cloudflare
age: 14398
etag: W/"31c49-5ed315143a010"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 76b6931d2a459ba1-FRA
expires: Sat, 17 Dec 2022 02:57:54 GMT

GET
H/1.1 200
OK getads.htm Show response
rt3043.infolinks.com/action/ 136 B
589 B 431ms
358ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rt3043.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22video%22%2C%22scs%22%3A%22Xl1ZtwZ9li%22%7D%5D&rid=a7119ef4-f4a0-46ea-b9c0-d155db28f0fa&jsv=1833.005-3.025&sr=1600X1200&rts=1668668272124&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=107.0.5304.110&dv=p&ce=t&purl=http%3A%2F%2Fshowbizchika.net%2F&tzo=-0000&c=c&strg=true&rsd=uqrlM3y59h6wsvLiF287auW3j9ltDBd8v8BpFfvTINycot-LocmHNp8j8SxB6bu1ASZ4Vphj9jAbVhNd_Y9XcGCvSRQG2quZ690jVsd3quh2oMr0XsDAozSzjvusY7OiLT3-B56yUfFBxmh1UlgaA-5mbPVUQBSf&rsk=84&rcs=Z4ONlciWsnIAmz9_pTq55Q&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b7fb79c5fae422c4f0d11fdc9dc0a0e5d651d5eae479a1251fff08d844309ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Nov 2022 06:57:52 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
P3P: CP="NON DSP NID OUR COR"
Content-Language: de-DE
Cache-Control: no-cache,no-store
Connection: keep-alive
CF-RAY: 76b6931daf46694b-FRA
X-Application-Context: application:prod
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dcl.htm Show response
rt3043.infolinks.com/action/ 0
347 B 498ms
421ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rt3043.infolinks.com/action/dcl.htm?rid=a7119ef4-f4a0-46ea-b9c0-d155db28f0fa&jsv=1833.005-3.025&capara=%7B%22failedAlgos%22%3A%22aapalgo%22%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Nov 2022 06:57:52 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache,no-store
Connection: keep-alive
CF-RAY: 76b6931e5d079019-FRA
Content-Length: 0
X-Application-Context: application:prod
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dcl.htm Show response
rt3043.infolinks.com/action/ 0
347 B 354ms
275ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rt3043.infolinks.com/action/dcl.htm?rid=a7119ef4-f4a0-46ea-b9c0-d155db28f0fa&jsv=1833.005-3.025&capara=%7B%22failedAlgos%22%3A%22palgo%22%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Nov 2022 06:57:52 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache,no-store
Connection: keep-alive
CF-RAY: 76b6931e6ba79bee-FRA
Content-Length: 0
X-Application-Context: application:prod
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK getads.htm Show response
rt3043.infolinks.com/action/ 0
348 B 496ms
418ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rt3043.infolinks.com/action/getads.htm?hks=%5B%5D&rid=a7119ef4-f4a0-46ea-b9c0-d155db28f0fa&jsv=1833.005-3.025&sr=1600X1200&rts=1668668272233&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=107.0.5304.110&dv=p&ce=t&purl=http%3A%2F%2Fshowbizchika.net%2F&tzo=-0000&c=c&strg=true&rsd=uqrlM3y59h6wsvLiF287auW3j9ltDBd8v8BpFfvTINycot-LocmHNp8j8SxB6bu1ASZ4Vphj9jAbVhNd_Y9XcGCvSRQG2quZ690jVsd3quh2oMr0XsDAozSzjvusY7OiLT3-B56yUfFBxmh1UlgaA-5mbPVUQBSf&rsk=84&rcs=Z4ONlciWsnIAmz9_pTq55Q&hbnr=false
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Nov 2022 06:57:52 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Content-Type: text/plain;charset=UTF-8
Cache-Control: no-cache,no-store
Connection: keep-alive
CF-RAY: 76b6931e686fbb9d-FRA
Content-Length: 0
X-Application-Context: application:prod
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dcl.htm Show response
rt3043.infolinks.com/action/ 0
347 B 330ms
252ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://rt3043.infolinks.com/action/dcl.htm?rid=a7119ef4-f4a0-46ea-b9c0-d155db28f0fa&jsv=1833.005-3.025&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A0%7D
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 17 Nov 2022 06:57:52 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Content-Type: text/html;charset=UTF-8
Cache-Control: no-cache,no-store
Connection: keep-alive
CF-RAY: 76b6931e6e819ba0-FRA
Content-Length: 0
X-Application-Context: application:prod
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CF49 2 KB
818 B 344ms
165ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=3545763283&adf=3206054074&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270947&bpp=2&bdt=1720&idt=556&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3345126572123&rume=1&frm=20&pv=1&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=30&ady=2910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=G5o1V31scb&p=http%3A//showbizchika.net&dtd=559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44649
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Nov 2022 18:33:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CF49 0
0 132ms
131ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTQBxb9t1Y6TmLdjI1fAP4vW6gA3wrZ-rbd3i_7DfEIy309rkNxABIKrS3SRglcKmgrAHoAGFh6XUA8gBCakCXZglRb5lsT6oAwHIA8sEqgTAAU_QwKKcEgFIYWoFI2pKWT-Pcftub_TLQyZHTwGQfF9ZMIdpjq-Ehcjh6xZqXEk0Acp-8S2x6Nswq7SwCos9V_kwdDs5Iza95FYfk_PkLRM52JaQgxVlVQZSSZ6Xmjo5Kzm3Mun1rcPnBX2gPihdCg6q9mfNqwhkUdACMKSI-Qhkdsu4gvuT4Y_cxPaQghG0cl7Q_93XR5HqVsxgzBN6kr6jlISc0mbaghIFmG6ej3msFriL58RzU8cF6N8gB88KIcAEzqC1o5kEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-P42iuoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQ-d0G0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItNDY3MTQyNTA5Mjk3NDk0NRgA&sigh=Mp1xvN4IDaI&uach_m=[UACH]&cid=CAQSGwDq26N9jni3a-j4UTPXrXDr5P9xGjb3onT94RgBIBM&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=3545763283&adf=3206054074&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270947&bpp=2&bdt=1720&idt=556&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3345126572123&rume=1&frm=20&pv=1&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=30&ady=2910&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=G5o1V31scb&p=http%3A//showbizchika.net&dtd=559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 17 Nov 2022 06:57:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 17 Nov 2022 06:57:52 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame CF49 28 KB
28 KB 268ms
80ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ1EtRRioY83k4SkDTwV76R4gHLewGeEIrlOxc363fUJRzBiIQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

126de3106c6ee84219e5d8b8025f5b20386ecf46fdf0275520b93c9637fef39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 05:44:41 GMT
x-content-type-options: nosniff
age: 177191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28349
x-xss-protection: 0
last-modified: Mon, 23 May 2022 07:13:12 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 15 Nov 2023 05:44:41 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame CF49 9 KB
9 KB 277ms
79ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQB7ziWvUVyZipJUJ-ECm2Y1rRUzR0qMP5lysnrO0iNbZ_px1I&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b924cd156099adc7b656af6a1dda17264ef9cca4f1ffce7d8d7ed81831302c29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 07:23:34 GMT
x-content-type-options: nosniff
age: 430458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8783
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 06:07:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 Nov 2023 07:23:34 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame CF49 23 KB
23 KB 115ms
85ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRvxlk2VeW7QBcKoakQ6RPn__cqaLTfehnbQV1AqulOhSTM_5cx&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c762ba3b7d4f81d9b89e3132bf6c12a9c059506c3dba641bb047da0807c2a5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 09:06:23 GMT
x-content-type-options: nosniff
age: 510689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23405
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 07:07:12 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 11 Nov 2023 09:06:23 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame CF49 21 KB
21 KB 268ms
80ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQcUby9_6-fEGRIu4Qa82NeEOgfjWIOYBRty5HgvBhssPt4hscj&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79b3162cf37244605b9709b652f9e2d9e650aa2b649647a9ae78f34e8870f7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 07:23:33 GMT
x-content-type-options: nosniff
age: 430459
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21344
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 03:10:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 Nov 2023 07:23:33 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame CF49 14 KB
14 KB 371ms
183ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTXlpwUn6nbZOeXeCpOH3zd4HLXiwe4YNCoEdsyUtQm18hGX-uKQ-WNUBw2nA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a6560be8270ee813a9dae35e8ec89505eef2eac6090ac3d44e7f4ef84a0ee11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:48:06 GMT
x-content-type-options: nosniff
age: 518986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14343
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 07:20:25 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 11 Nov 2023 06:48:06 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame CF49 16 KB
16 KB 344ms
157ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQH_P_RsYjfEnkoiyYduV9EE5Yclhz4cSLtAlX0EQUaXgQlfe0&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33dedc48366280a9df8e6c15fa086a66b0285b0219957f6602b14c37a1e35e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 03:46:00 GMT
x-content-type-options: nosniff
age: 443512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16433
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 13:13:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 12 Nov 2023 03:46:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame CF49 23 KB
10 KB 244ms
79ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44649
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Nov 2022 18:33:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CF49 3 KB
1 KB 330ms
166ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 02:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15091
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Dec 2022 02:46:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CF49 18 KB
7 KB 267ms
104ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44649
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Nov 2022 18:33:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CF49 154 KB
48 KB 103ms
94ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Nov 2022 06:57:52 GMT

GET
H3 200 f7733d2b54a65c984752ab0a98c7def9.js Show response
www.gstatic.com/mysidia/ Frame CF49 34 KB
14 KB 250ms
79ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 18:33:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Fri, 11 Nov 2022 21:18:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 Feb 2023 18:33:43 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 63AA 90 B
134 B 92ms
91ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15801fc6e9d2c7b0e3b174dfc855cad7746a62d7a054cb28fb46bd2793ce2ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 17 Nov 2022 06:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 91ms
91ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Thu, 17 Nov 2022 06:57:52 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AEA0 7 KB
3 KB 214ms
169ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/error_handler.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=4111123456&adf=1975995762&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270943&bpp=3&bdt=1715&idt=527&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=3345126572123&rume=1&frm=20&pv=2&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QRKi484Qha&p=http%3A//showbizchika.net&dtd=551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 20:20:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3136
x-xss-protection: 0
server: cafe
etag: 5752131211420753933
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Nov 2022 20:20:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AEA0 3 KB
1 KB 212ms
167ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=4111123456&adf=1975995762&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270943&bpp=3&bdt=1715&idt=527&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=3345126572123&rume=1&frm=20&pv=2&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QRKi484Qha&p=http%3A//showbizchika.net&dtd=551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 02:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15091
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Dec 2022 02:46:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame AEA0 18 KB
7 KB 136ms
92ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=4111123456&adf=1975995762&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270943&bpp=3&bdt=1715&idt=527&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=3345126572123&rume=1&frm=20&pv=2&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QRKi484Qha&p=http%3A//showbizchika.net&dtd=551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 16 Nov 2022 18:33:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44649
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Nov 2022 18:33:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AEA0 154 KB
47 KB 138ms
136ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=4111123456&adf=1975995762&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270943&bpp=3&bdt=1715&idt=527&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=3345126572123&rume=1&frm=20&pv=2&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QRKi484Qha&p=http%3A//showbizchika.net&dtd=551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Nov 2022 06:57:52 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 87ms
86ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=3~lakq071x&c=1566860561536691&e=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsY7SMgSCoECAgSAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 06:57:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 50 B
718 B 874ms
228ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=gEzcbwEIdvfQBqkHdkURTbQCRmCAjXAE-FE7fPshldVrkKDwZ3HLCGkvB-E0zHNMtmbFLhNA==&pm_ct=07b67c12f512711760f25c92&pm_pl=1668668272474&pm_td=7&pid=1000102&en=1.1&callback=__pm_glbl_5ujuE6VymVDlLuvdOEGE9fOS._gc1&tt=if&v=eb1e9e5
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=2398344_1&l2=4&l3=Windows&l4=Chrome&l5=showbizchika.net&ref=http://showbizchika.net/&pub_domain=showbizchika.net&utid=a7119ef4-f4a0-46ea-b9c0-d155db28f0fa&uid=cuid_d8decdcf-d6e8-4b3f-825f-ef02b491e89d&uip=37.58.58.249&cb=7567341442016417022
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: fdd0b377bce32e76d8a996461093b5c271ba2d98186c58568be5929f58548238

Request headers

Referer: http://showbizchika.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 17 Nov 2022 06:57:53 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: http://showbizchika.net
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 50

GET
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame D1BE 13 KB
6 KB 84ms
83ms Document
text/html 2600:9000:2182:aa00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?pid=1000102
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=2398344_1&l2=4&l3=Windows&l4=Chrome&l5=showbizchika.net&ref=http://showbizchika.net/&pub_domain=showbizchika.net&utid=a7119ef4-f4a0-46ea-b9c0-d155db28f0fa&uid=cuid_d8decdcf-d6e8-4b3f-825f-ef02b491e89d&uip=37.58.58.249&cb=7567341442016417022
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:aa00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fca8e0709e23d0a094faaaf0e8dc76f3357680551cba8f279ec6f3c1a83bba87

Request headers

Referer: http://showbizchika.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 51237
Cache-Control: public, max-age=86400
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 16 Nov 2022 16:43:55 GMT
Last-Modified: Tue, 15 Nov 2022 19:46:03 GMT
Transfer-Encoding: chunked
Via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: koSudjf8HYii791zKiiahyBiZsKSo5QTq8cI4SN85Kfd1ya4ApKSXw==
X-Amz-Cf-Pop: DUS51-C1
X-Cache: Hit from cloudfront

GET
DATA 200
OK truncated
/ Frame 2508 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 5dc87e4c-2355-4162-8f61-147159bd80f2
http://showbizchika.net/ 11 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://showbizchika.net/5dc87e4c-2355-4162-8f61-147159bd80f2
Requested by: Host: showbizchika.net
URL: http://showbizchika.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd98074068592c4a05849ef16d87f38de6945ee1f2df7253d46bca33a2a49e44

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 11584
Content-Type: text/javascript

GET
BLOB 200
OK 88c2017a-93bb-40a8-9d4a-7ab2168edfa3
http://showbizchika.net/ 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://showbizchika.net/88c2017a-93bb-40a8-9d4a-7ab2168edfa3
Requested by: Host: showbizchika.net
URL: http://showbizchika.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 81ms
81ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=4~lakq07bd&c=1566860561536691&e=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C31061691%2C31061693&ctx=1&met.6=6.1_CgwYyCQg7wEqBAgIEgA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 06:57:52 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK vidice.js Show response
resources.infolinks.com/js/vidice/2.0/ 333 KB
86 KB 164ms
95ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1833.005-3.025/ice.js
Protocol: HTTP/1.1
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Thu, 17 Nov 2022 06:57:52 GMT
Via: 1.1 google
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Tue, 25 Jan 2022 09:20:02 GMT
Server: cloudflare
Age: 10292
ETag: W/"5344d-5d6649709d511"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
CF-RAY: 76b6932169d89253-FRA
Expires: Sat, 17 Dec 2022 04:06:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AEA0 0
0 112ms
111ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRjwvb9t1Y8q4Lcau-wbosIWwA8me0rFcvY6X93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItNDY3MTQyNTA5Mjk3NDk0NcgBCakCnFrE5nBpsT6oAwGqBLIBT9BYqGyxNaMP8Io-zoZ8jsrbLVLy5vozwCOpyM9qk38wiBfe3-ZV1N2iP4VshoQ_60XQjZ0T9SUsTTrMxASzOca9NPYShpgbEZqEfFGvvZ6EaZkblnE4lbQ6xriGbYmhjATPY1c87K1B_LGXmLfDrqobsDbnzHK1UK9GExVChQ240T_YBPb9XXgpV_tDCJdm6s-sGM8v35HmxiodKRdzD-pmJPJbbwEk6viq8LJ-Vol3Y4AGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NjcxNDI1MDkyOTc0OTQ1GAA&sigh=4qrPj-51XNM&uach_m=[UACH]&cid=CAQSGwDq26N9wUeF5s1E7Q8lxTBVx4cDXjfWlXk-jxgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=4111123456&adf=1975995762&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270943&bpp=3&bdt=1715&idt=527&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=3345126572123&rume=1&frm=20&pv=2&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QRKi484Qha&p=http%3A//showbizchika.net&dtd=551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=4111123456&adf=1975995762&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270943&bpp=3&bdt=1715&idt=527&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=3345126572123&rume=1&frm=20&pv=2&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QRKi484Qha&p=http%3A//showbizchika.net&dtd=551
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 17 Nov 2022 06:57:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame AEA0 0
0 290ms
143ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kMWCFMz6RLAJmAKdg2ICAgAAANYcUyakkvT5EG_bdWOJwFjYvOoUKt_U4wASAAA&wp=Y3XbbwALXEoK3tdGAAFYaKTdXEhQXCCzl-lUwg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=4111123456&adf=1975995762&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270943&bpp=3&bdt=1715&idt=527&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=3345126572123&rume=1&frm=20&pv=2&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QRKi484Qha&p=http%3A//showbizchika.net&dtd=551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 57074791
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4583 114 KB
41 KB 277ms
120ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3XbbwALXEoK3tdGAAFYaKTdXEhQXCCzl-lUwg&u=%7Ck96kCLj%2BM1F%2BpmDteXyhUFIFtGHI0Ew6Tz6GwQCbSAo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9GkAX-PzNtKqb1F5Noyt2T7O004vioGILIyfA0LclOS-v379YahF7iFUFXgI1i0uEs4zcGskDy1vLfe3nAuRsV3IzRFAb8-0rg1xEUirjs6hqrFVi4wWPr1JLLdfGZ2GXKpUQvjNbtLHMNRQUitB8XcTWhczO86QeS7KNOGbVKZpB9mJNQPuXaCt5VUHv1K0RsPXUq5EIbt5hNiM6N_5ulLq4AW3eaJNuj-4CIi0YvTmIbuMgL2IrXD1hbp530M0tB_TtsPNHRlh_8zNtAWC1TZn1I0YQg6zSJb4EGRyPFvmDp9ArBVoKq6_vpDnCTh15CULnbYfs8QjAoslINRyqqdfOXie158Sp79WKmQg8cKeX_WURZYyrU5wSkn4HP1n9FYpcOH1gnBKN9fzHX9MtNLe3wZmiMC0ayJuLGZn-MkPk0N3sgun5LjGMUOhzn7oNMuJRF0s9g15ZY2H5VSSbsrgoheWx_EcNOuSaeblWGzGStI-Dupm0AvUNTwBl4RxHVOtbFVQJYeENx-kGF8G4idG-kacUAvpQYwOrH9dDj7gqf5g19I6DwcsIjjf1Mn16&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCur8lb9t1Y8q4Lcau-wbosIWwA8me0rFcvY6X93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItNDY3MTQyNTA5Mjk3NDk0NcgBCakCnFrE5nBpsT6oAwGqBLUBT9BYqGyxNaMP8Io-zoZ8jsrbLVLy5vozwCOpyM9qk38wiBfe3-ZV1N2iP4VshoQ_60XQjZ0T9SUsTTrMxASzOca9NPYShpgbEZqEfFGvvZ6EaZkblnE4lbQ6xriGbYmhjATPY1c87K1B_LGXmLfDrqobsDbnzHK1UK9GExVChQ240T_YBPb9XXgpV_sBCrb0bUAwC3CzyzI2-4zlIAN5ueBIPHDvpzyCGEe03Kr7_A1k3KvBKYAGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0NYS6-l1jL6g0tlZPjd-WNrTtmXw%26client%3Dca-pub-4671425092974945%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=4111123456&adf=1975995762&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270943&bpp=3&bdt=1715&idt=527&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=3345126572123&rume=1&frm=20&pv=2&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QRKi484Qha&p=http%3A//showbizchika.net&dtd=551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

55090033ff1e49cc8286923f89aff1d05b066707efa3caa3bdbc8b3e4e492739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 06:57:52 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=LOyU_4F5n-fMCjQIH8u7dHy4GcWM0I2R5TwgQ1Aqf4K3bkqEn_SvwoocgdqYH9GUvhL2wmHqiuoISq_ugH3qIR3aImEl6xCi5SlTTtB24Hno-hyikfg8Dhmww9i820N-GuzGMhDpF0az1sqtLdFI7Qwafq3AfEWOo71FTect0G8g_mjuz8B5LFHjB-OXzz9eqdJIIGb27kCYM2xW8kC0f3ygrcSbeRyhzkuOCZ7vJIXOntDOxlEmg06d87qSAFeOOI7w3g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 51427145
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame AEA0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cdf1c3feb481d3a22177b6413465d206d5ac5e6422264f4e6befc2c731da5f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CF49 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bddd259b43b4db434f585af9e585d3d8ade79ac110181696e883c27c33f35cd6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK c3787c04-fbe1-45d3-a66f-423b30dd784b
http://showbizchika.net/ 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://showbizchika.net/c3787c04-fbe1-45d3-a66f-423b30dd784b
Requested by: Host: showbizchika.net
URL: http://showbizchika.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

HEAD
H/1.1 200
OK x.html Show response
js.ad-score.com/ Frame D1BE 0
565 B 65ms
65ms XHR
text/html 2600:9000:2182:aa00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/x.html?pid=1000102
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/x.html?pid=1000102
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:aa00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.ad-score.com/x.html?pid=1000102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Wed, 16 Nov 2022 16:43:55 GMT
Content-Encoding: gzip
Via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
Last-Modified: Tue, 15 Nov 2022 19:46:03 GMT
X-Amz-Cf-Pop: DUS51-C1
Age: 51238
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Id: czUCkICS6G35uMsA5odAqijJ1J_AfTdCNFzdNHC0HJsYVYmyA086uA==

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 5D51 36 KB
16 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 17:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135564
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 17:18:29 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame CF49 62 KB
23 KB 222ms
77ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5a26e546724b7e80d5f586ea747aa43861f804ead9b6a5d3a2d42601c52275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:38:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1140
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23357
x-xss-protection: 0
server: cafe
etag: 901223051904315509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 07:38:53 GMT

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4583 2 KB
1 KB 242ms
76ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3XbbwALXEoK3tdGAAFYaKTdXEhQXCCzl-lUwg&u=%7Ck96kCLj%2BM1F%2BpmDteXyhUFIFtGHI0Ew6Tz6GwQCbSAo%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9GkAX-PzNtKqb1F5Noyt2T7O004vioGILIyfA0LclOS-v379YahF7iFUFXgI1i0uEs4zcGskDy1vLfe3nAuRsV3IzRFAb8-0rg1xEUirjs6hqrFVi4wWPr1JLLdfGZ2GXKpUQvjNbtLHMNRQUitB8XcTWhczO86QeS7KNOGbVKZpB9mJNQPuXaCt5VUHv1K0RsPXUq5EIbt5hNiM6N_5ulLq4AW3eaJNuj-4CIi0YvTmIbuMgL2IrXD1hbp530M0tB_TtsPNHRlh_8zNtAWC1TZn1I0YQg6zSJb4EGRyPFvmDp9ArBVoKq6_vpDnCTh15CULnbYfs8QjAoslINRyqqdfOXie158Sp79WKmQg8cKeX_WURZYyrU5wSkn4HP1n9FYpcOH1gnBKN9fzHX9MtNLe3wZmiMC0ayJuLGZn-MkPk0N3sgun5LjGMUOhzn7oNMuJRF0s9g15ZY2H5VSSbsrgoheWx_EcNOuSaeblWGzGStI-Dupm0AvUNTwBl4RxHVOtbFVQJYeENx-kGF8G4idG-kacUAvpQYwOrH9dDj7gqf5g19I6DwcsIjjf1Mn16&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCur8lb9t1Y8q4Lcau-wbosIWwA8me0rFcvY6X93DAjbcBEAEgAGCVwqaCsAeCARdjYS1wdWItNDY3MTQyNTA5Mjk3NDk0NcgBCakCnFrE5nBpsT6oAwGqBLUBT9BYqGyxNaMP8Io-zoZ8jsrbLVLy5vozwCOpyM9qk38wiBfe3-ZV1N2iP4VshoQ_60XQjZ0T9SUsTTrMxASzOca9NPYShpgbEZqEfFGvvZ6EaZkblnE4lbQ6xriGbYmhjATPY1c87K1B_LGXmLfDrqobsDbnzHK1UK9GExVChQ240T_YBPb9XXgpV_sBCrb0bUAwC3CzyzI2-4zlIAN5ueBIPHDvpzyCGEe03Kr7_A1k3KvBKYAGq5-pzdqi4vUnoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0NYS6-l1jL6g0tlZPjd-WNrTtmXw%26client%3Dca-pub-4671425092974945%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Nov 2023 06:57:53 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4583 2 KB
1 KB 241ms
76ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Nov 2023 06:57:53 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4583 308 B
636 B 306ms
146ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 12 Nov 2023 06:57:53 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4583 293 B
622 B 234ms
74ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 12 Nov 2023 06:57:53 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 4583 43 B
348 B 244ms
76ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=XwAynLtN-RQUOohkDdd_K8QTT35GY-rg-E4CgtDJ0eaxHT26Ke4HuIfjmveHMsnoAil5_Mb8OTi5dnRMTol5XRd7x0O01JLjS7JPSR0yuiDz6R7plVaGOr9qDBwjAPYsQw5BSXuZJzLLpvmYZ_jzpgKuuNlyBhxpVWkIImQrToY6W1xi14vkfNPn0mkGknMhXmjGfJN8biRsS9kcvp2sej6Y_3MQr0b9pUgY9qz4nO8Fr0GjnfJH4qY2ifolwJ6xQENlZcytk4YWbkGEVKWuTboeE4t6PHwP_9nhcjW85ce9vgzNejO4W-YWy6MRoHl2H7XSq0GqGvG12B1vg6wWxa_XsNr7yx2QDyiV5RSCwyq2_UAANbrOK8WKOEuOa_BvxWATsy82jBPpLoFRRYBvakr9K9DGfnvMz0Fy9H3eiNk0Foqa

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 06:57:52 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3214452
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 78ms
78ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=5~lakq07j4&c=1566860561536691&e=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C31061691%2C31061693&ctx=1&met.6=6.1_CgsYiCsgNioECAgSAA
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 06:57:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4583 12 KB
5 KB 229ms
72ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1213472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPl9lsX5KJX9fOmUTc9Wiw%2B%2BAvlcOR%2F7Y1HrMefFEP1IenoWGw3dkMpFWIa%2BnUU2XmxGOxq012mcfWN4ZMdAu7nJenyt8dqXvy%2FMURjNtokvbJyS4ciT%2FjGCFGMoGIG9S0hBqJYdetWivdupI4YjM0Rp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 76b693257ceabb3b-FRA
expires: Tue, 07 Nov 2023 06:57:53 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
271 B 383ms
382ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=gEzcbwEIdvfQBqkHdkURTbQCRmCAjXAE-FE7fPshldVrkKDwZ3HLCGkvB-E0zHNMtmbFLhNA==&pm_ct=07b67c12f512711760f25c92&pm_pl=1668668272474&pm_td=886&pid=1000102&en=1.1&callback=__pm_glbl_5ujuE6VymVDlLuvdOEGE9fOS._gc2&tt=if&v=eb1e9e5
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=2398344_1&l2=4&l3=Windows&l4=Chrome&l5=showbizchika.net&ref=http://showbizchika.net/&pub_domain=showbizchika.net&utid=a7119ef4-f4a0-46ea-b9c0-d155db28f0fa&uid=cuid_d8decdcf-d6e8-4b3f-825f-ef02b491e89d&uip=37.58.58.249&cb=7567341442016417022
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: http://showbizchika.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://showbizchika.net
Date: Thu, 17 Nov 2022 06:57:53 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4583 12 KB
6 KB 232ms
145ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Nov 2023 06:57:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4583 11 KB
11 KB 232ms
73ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=915&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F771%2F160923%2F58605b2e514c432f98cd3a75f9acc6b6_logo_n_horizontal.png&v=3&w=196&s=tgFlbgdEqPfFUVvnGnqSAGlj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

a690dfaf60d7dac70959d80eb53b4b2234adb0479977f6802b1085d972611e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:52 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29284505
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11279
expires: Sun, 22 Oct 2023 05:32:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4583 45 KB
45 KB 298ms
140ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=915&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F915%2F220128%2Faa93c0a2dd2a44a8b5fc835af859f902_img_horizontal_1.jpg&v=3&w=1200&s=2gCjA-3x2w5d8DaFBM8znR19

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c027881b5e260639cb9cca444778b0acf14d10228389ae27b5f39432908b1065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30004414
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46186
expires: Mon, 30 Oct 2023 13:31:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4583 15 KB
16 KB 327ms
169ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=915&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F41%2F41971891XF_14_F.JPG&v=3&w=800&s=jbzePkl6BU5mX1tZEhfW2GdG&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

3c19dc08b1216c725804e31dea2b04741aa54e0526b63568a42bb7c5cc876796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:53 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15634
expires: Sun, 12 Nov 2023 06:57:53 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4583 0
128 B 232ms
72ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=LOyU_4F5n-fMCjQIH8u7dHy4GcWM0I2R5TwgQ1Aqf4K3bkqEn_SvwoocgdqYH9GUvhL2wmHqiuoISq_ugH3qIR3aImEl6xCi5SlTTtB24Hno-hyikfg8Dhmww9i820N-GuzGMhDpF0az1sqtLdFI7Qwafq3AfEWOo71FTect0G8g_mjuz8B5LFHjB-OXzz9eqdJIIGb27kCYM2xW8kC0f3ygrcSbeRyhzkuOCZ7vJIXOntDOxlEmg06d87qSAFeOOI7w3g&sds=2&rev=83599&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Nov 2022 06:57:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4583 2 KB
1 KB 147ms
77ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Nov 2023 06:57:53 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4583 2 KB
1 KB 78ms
78ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 12 Nov 2023 06:57:53 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame CF49 0
17 B 77ms
76ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~lakq0838&chm=1&ctx=2&gqid=b9t1Y-PoLPnEmLAP3-OEyA8&qqid=COTZ19zRtPsCFVhkFQgd4roO0A&met.4=fb.ki~lb.13z~ol.172~bdt.-1rc~bpp.-fi~idt.-4~dtd.-1~dt.-fk&met.3=733.145~742.144_1~748.14s~555.16r~739.16r~556.16s_2~738.170~749.170_2~735.17x_1~113.1gh_4~112.1gg_6&met.1=1.lakq06mr~6.1~7.1~8.1~9.1~10.1~12.48~13.k9~14.la~15.kc~16.16s~17.16s~18.16u~19.16u~20.16u~21.173&met.7=CAUQCBgBMP4FOI4MaJcBcNkFeJaUAoAB6pECiAGz6gawAQG4AQM~CBwQChgBIOwFKOwFMMUIONkCaJ8HcMQIeI4IgAHiBYgBkQywAQG4AQM~CCEQBBgBIPAFKPAFMPQGOIQBaPAFcPQGeKwCsAEBuAED~CBsQAhgBIPYFKPYFMN8IOOoC~CBsQAhgBIPYFKPYFMJUIOJ8C~CBsQAhgBIPYFKPYFMIAHOIoB~CBsQAhgBIPYFKPYFMNEIONoC~CBsQAhgBIPYFKPYFMIQJOI4D~CBsQAhgBIPYFKPYFMOsIOPQC~CAkQChgBIPoFKPoFMPcHOP0BUPoFWJ4HYL8GaJ8HcO4HeIBMgAHUSYgB-roBsAEBuAED~CB4QChgBIPsFKPsFMMYIOMsCaJ8HcMUIeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIPsFKPsFMMQIOMkCaJ8HcIcIeM48gAGiOogB-IwBsAEBuAED~CCoQChgBIJ8GKJ8GMPwHON0B~CBsQChgBIJ8GKJ8GMMoIOKsC~CCgQChgBILEMKLEMMNoOOKkCQLIMSLIMULIMWMINYPYMaMINcI8OeOm4AYABvbYBiAHn7gOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 06:57:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4583 3 KB
549 B 213ms
74ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 17 Nov 2022 06:57:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 06:06:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 17 Nov 2022 06:57:53 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 4583 30 KB
30 KB 189ms
61ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 01:41:22 GMT
x-content-type-options: nosniff
age: 537391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 01:41:22 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 209ms
71ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46c92989f734d2f68bac8e6d407c74b44c1e8c2ae046fd5f04948fccb7fc8a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11005
x-xss-protection: 0

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame AEA0 62 KB
23 KB 172ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=4111123456&adf=1975995762&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270943&bpp=3&bdt=1715&idt=527&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=3345126572123&rume=1&frm=20&pv=2&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QRKi484Qha&p=http%3A//showbizchika.net&dtd=551

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5a26e546724b7e80d5f586ea747aa43861f804ead9b6a5d3a2d42601c52275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:38:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1141
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23357
x-xss-protection: 0
server: cafe
etag: 901223051904315509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 17 Nov 2022 07:38:53 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ 1 B
271 B 176ms
176ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=gEzcbwEIdvfQBqkHdkURTbQCRmCAjXAE-FE7fPshldVrkKDwZ3HLCGkvB-E0zHNMtmbFLhNA==&pm_ct=07b67c12f512711760f25c92&pm_pl=1668668272474&pm_td=1559&pid=1000102&en=1.1&callback=__pm_glbl_5ujuE6VymVDlLuvdOEGE9fOS._gc3&tt=if&v=eb1e9e5
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000102&tt=if&tid=infolinks-p&l1=2398344_1&l2=4&l3=Windows&l4=Chrome&l5=showbizchika.net&ref=http://showbizchika.net/&pub_domain=showbizchika.net&utid=a7119ef4-f4a0-46ea-b9c0-d155db28f0fa&uid=cuid_d8decdcf-d6e8-4b3f-825f-ef02b491e89d&uip=37.58.58.249&cb=7567341442016417022
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: http://showbizchika.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: http://showbizchika.net
Date: Thu, 17 Nov 2022 06:57:54 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AEA0 42 B
64 B 200ms
91ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEER9yx5R0OCUCpW1hsYRaBv-1La_ho91Qq2xu0V8D4ehxa7oUNhnh6dEZDfpVJdu_X84P7lFRnRZTfNJNNSmwhLE&sig=Cg0ArKJSzAl8nq-D-57nEAE&id=lidar2&mcvt=1001&p=0,0,280,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4111123456&rs=2&la=1&cr=0&vs=4&r=v&rst=1668668271496&rpt=1507&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 06:57:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 63AA 28 B
54 B 71ms
70ms XHR
application/json 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/6870f412/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time: 1668668274141
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/xi_CnDxw4iQ
X-YouTube-Client-Version: 1.20221115.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtWeEtsVXQ3T2tZVSjuttebBg%3D%3D
X-YouTube-Ad-Signals: dt=1668668271459&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 17 Nov 2022 06:57:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 17 Nov 2022 06:57:54 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame AEA0 0
17 B 64ms
63ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~lakq08q0&chm=1&ctx=2&gqid=b9t1Y7ToLP6NmLAP7cGZ4AM&qqid=CIqs19zRtPsCFUbX3godaFgBNg&met.4=fb.15a~lb.15f~ol.1x9~bdt.-1r0~bpp.-fa~idt.-q~dtd.-2~dt.-fd&met.3=733.15h~742.15h~748.15t~749.15u~736.16q~739.17k~735.188_1~738.1x8~734.1yj_1~734.1yk_2~735.1yw_1~113.23k_1~112.23j_1&met.1=1.lakq06mg~6.0~7.0~8.0~9.0~10.0~12.4j~13.nn~14.o1~15.on~16.17k~17.17k~18.17k~19.1x8~20.1x8~21.1x9~22.16v~23.16v&met.7=CAUQCBgBMOAGOL0TaKMBcNMGeIVVgAHZUogBpMcBsAEBuAED~CBwQChgBIP0GKP0GMNcIONoBaKoHcNMIeOwagAHAGIgBxjewAQG4AQM~CB4QChgBIP0GKP0GMNMIONYBaKsHcNEIeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIP0GKP0GMJIIOJUBaKsHcIYIeM48gAGiOogB-IwBsAEBuAED~CCoQChgBIP0GKP0GMNYIONkB~CCEQBBgBINALKNALMMEMOHFo0QtwwAx4rAKwAQG4AQM~CBsQBCDQCzioAg~CBsQBSDSCziAAw~CCgQChgBINUTKNUTMJ0VOMgBUNUTWMkUYNUTaMkUcIEVeOm4AYABvbYBiAHn7gOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 06:57:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame AEA0 0
17 B 66ms
66ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=2~lakq08q2&chm=1&ctx=2&gqid=b9t1Y7ToLP6NmLAP7cGZ4AM&qqid=CIqs19zRtPsCFUbX3godaFgBNg&met.6=6.1_CgwYhwcg7wEqBAgIEgAKCxjGDSA2KgQICBIA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 06:57:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 192ms
69ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 17 Nov 2022 06:57:54 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4583 0
127 B 61ms
60ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 17 Nov 2022 06:57:53 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 29E5 13 KB
5 KB 60ms
59ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://showbizchika.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 02:46:21 GMT
expires: Fri, 17 Nov 2023 02:46:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 90FC 783 B
536 B 190ms
69ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8da3e5ad5df803216c68ee592089fb1d3274bee8441c26e70d3b75e818a1191e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-garBpB63jlcqmBVM9Kd6QQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://showbizchika.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-garBpB63jlcqmBVM9Kd6QQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 17 Nov 2022 06:57:54 GMT
expires: Thu, 17 Nov 2022 06:57:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 29E5 36 KB
16 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 17:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 17:18:29 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 29E5 0
10 B 61ms
61ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8-z8vQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 06:57:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 90FC 0
0 95ms
95ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1566860561536691&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 65ms
65ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=6~lakq080i&c=1566860561536691&e=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C31061691%2C31061693&ctx=1&met.3=247.2hm~248.2hn~164.2ho_1~165.2hk_4~247.2hq~248.2hq~164.2hq~165.2ho_2~164.2hr~165.2hr_1~164.2hs~165.2hs_1~166.2h7_y~1001.2i5__1~164.2i6~165.2i5_1~166.2i7_2~166.2ic_2~166.2ie_2~1032.2w7~326.2wa_1~832.2wc~868.2wc~216.2w7_7~215.2w7_8~843.2w6_8~779.2wf~889.2wr~639.2x0~1032.2x5~326.2x5~832.2x5~868.2x5~216.2x5_1~215.2x5_1~779.2x5~889.2x7~639.2xa~1032.2xc~216.2xc~215.2xc~639.2xc~1032.2xc~216.2xc~215.2xc~639.2xc~1032.2xc~326.2xd~832.2xd~868.2xd~216.2xc_1~215.2xc_1~779.2xd~889.2xl~639.2xn~112.357_2~629.359_1~246.35a_2~246.3ce_1~246.3lt_1~246.3tl_1~168.43y~168.43y~168.43y~168.43y~168.43y~168.43y_1~168.43y_1~168.43z~168.44c~168.44c~168.44c~168.44c~168.44d~168.44d~168.44d~168.44d~246.4az_1~113.4v2_1&met.7=CBsQCMABqZqcwAU~CBIQBxgBIOcLKOcLMKMOOLwCQOcLSOgLUOgLWLcNYMwMaLcNcKIOeLkJgAGNB4gBloIBqgF5Cg5Pc3dhbGQ6NDAwLDcwMAodT3BlbiBTYW5zOjMwMCw0MDAsNjAwLDcwMCw4MDAKDk9zd2FsZDo0MDAsNzAwCjhPcGVuK1NhbnM6MzAwLDQwMCw2MDAsNzAwLDgwMCZhbXA7c3Vic2V0PWxhdGluLGxhdGluLWV4dLABAbgBA8AB1se7yAo~CBsQByDnCzjCAsABiu7Emwo~CBsQByDnCzj-CcAB3q3q1ww~CBsQCiDnCziLCMAB0OOEoQo~CBIQAhgBIOcLKOcLMLoNONMBQOgLSOgLUOgLWMwMaMwMcLoNeI0PgAHhDIgB0-oCqgGhAgo0UGxheWZhaXIrRGlzcGxheToxMDAsMjAwLDMwMCw0MDAsNTAwLDYwMCw3MDAsODAwLDkwMAouTW9udHNlcnJhdDoxMDAsMjAwLDMwMCw0MDAsNTAwLDYwMCw3MDAsODAwLDkwMApIUGxheWZhaXIrRGlzcGxheToxMDAsMjAwLDMwMCw0MDAsNDAwaXRhbGljLDUwMCw2MDAsNzAwLDcwMGl0YWxpYyw4MDAsOTAwCkBQVCtTZXJpZjoxMDAsMjAwLDMwMCw0MDAsNDAwaXRhbGljLDUwMCw2MDAsNzAwLDcwMGl0YWxpYyw4MDAsOTAwCi1PcGVuK1NhbnM6MTAwLDIwMCwzMDAsNDAwLDUwMCw2MDAsNzAwLDgwMCw5MDCwAQG4AQPAAfWs0uQF~CBsQBiDnCziGCsABj_7KrAU~CAEQChgBIPcLKPcLMO0YOPcMQOYVSOwVUOwVWMoWaMoWcLEXeKCWA4AB9JMDiAHC9QiwAQG4AQPAAfbmnq4H~CBsQCiDpDTicCsABurrCwww~CBsQCiDpDTiUDMAB5NrsvAo~CBsQCiD2FTjQAsABpe7CqAg~CBsQBSCqFjiVA8ABkdvuvAg~CBsQCiCqFjj5AcABiNzkjAk~CBsQCiCNGDjbAsAB0azGhQo~CBsQBiDRGDj5AcAB-aCr2gU~CBsQBiDSGDj7AcABho3Mkw4~CBsQBiDSGDj0A8AButHV3wg~CBsQBiDSGDiGAsABqq2AgAY~CBsQBiDSGDjuA8AB2fOtmgw~CBsQBiDSGDjyA8AB46b2NA~CBsQBiDSGDjzA8ABm7zW0wo~CBsQBiDSGDj0A8ABlMHx7ww~CBsQBiDSGDj5A8ABzvjE3AM~CBsQBiDSGDj5A8ABhve-pAg~CBsQDSD4GDj0AcABgJHyhwg~CAMQChgBIJkZKJkZMP4cOOUDQJsZSJsZUJsZWL8aYOgZaL8acLkbeLelB4ABi6MHiAGRkBawAQG4AQPAAcyKteYO~CAwQBRgBIKwZKKwZMMcbOJsCQK8ZSK8ZUK8ZWO8aYIcaaO8acMcbeL4jgAGSIYgBrEywAQG4AQPAAYKnu90N~CBsQCiD-GTjNAsABsKzR6Ac~CBsQBiDYGjj1AcAB9ozpggo~CBsQBSCOGziyA8AB64Ls9gc~CBsQCiCRGzjIAcABnaqrtgU~CBsQCiCSGzjFAsABsdOn_gg~CBsQDSCTHTiBAsABybugugo~CBwQChgBIKsdKKsdMMYfOJsCaNAecKEfeOCoAYABtKYBiAGGtwOwAQG4AQPAAaPhim0~CBsQChgBILMdKLMdMLQfOIECQLQdSLYdULYdWNweYIUeaNwecLMfeKoEgAH-AYgBjwOwAQG4AQPAAeSq4PAC~CC8QBxgBILcdKLcdMLwfOIUCQLkdSLodULodWOQeYIweaOQecLsfeJADgAFkiAFrsAEBuAEDwAHttbKwCg~CC8QBxgBILgdKLgdMOAfOKgCQLkdSMIdUMIdWP4eYJweaP4ecN8feJADgAFkiAFrsAEBuAEDwAGb_4nHBw~CBwQBhgBINgdKNgdMMgfOPABUNgdWNAeYNgdaNAecMYfeKwCsAEBuAEDwAGUhOK1Dg~CAUQBRgBINsdKNsdML8fOOMBaOQecL0feKwCsAEBuAEDwAGQx7LwCA~CBsQBiCSHTj9AsAB3cX72w4~CBsQBiCSHTiEA8AB3cX72w4~CBsQBiDIHzh-wAHdxfvbDg~CBsQDSCFHjjqAsAB2YzThwg~CBsQARgBIPAfKPAfMO4hOP4BwAGkoPylBw~CBsQCiDzIDi5AcAB38bI_Qw~CBsQCiD0IDi4AcAB5_rvyQ4~CBsQCiCxIjhlwAGyuNr9AQ~CAUQBRgBIM0dKM0dMMsjOP4FaOQecKYjeJaUAoAB6pECiAGz6gawAQG4AQPAAZDHsvAI~CBsQARgBIO8hKO8hMO0jOP8BwAGkoPylBw~CAUQBRgBIMIdKMIdMKIkOOAGaOQecJUkeIVVgAHZUogBpMcBsAEBuAEDwAGQx7LwCA~CBsQCiD4IDjHA8ABxKvLvAk~CDYQChgBIPQgKPQgMOkkOPUDwAHfhqzkCg~CBsQCiCiIzjqAsABzo3V7QY~CBsQCiCjIzjMAsABzo3V7QY~CBsQARgBIMIkKMIkMJklOFfAAaSg_KUH~CBsQCiC2IjiwA8ABroe42Qo~CBsQCiChIzjyA8ABzo3V7QY~CBsQCiCjIzjxA8ABroe42Qo~CBsQARgBINkmKNkmMKwnOFLAAaSg_KUH~CBsQBSC2JThiwAH-5rS6Bw~CBsQCiCWJzj-AcAB0-fuSg~~CBsQARgBIMsrKMsrMJosOE_AAaSg_KUH~~CBsQCDiSMcABqZqcwAU~~CCcQDRgBIJExKJExMPQyOOMBUJIxWJwyYJIxaJwycOMyeKlYgAH9VYgB8XGwAQG4AQPAAfPyy64L~CCcQChgBIPYyKPYyMLs0OMUBwAHiwZvaBQ~CCcQBRgBIME0KME0MP80OD7AAZmVn6AL~CBsQBRgBIMU0KMU0MIU2OMABwAHPxtriAQ&met.1=1.lakq03pj~6.0~7.kx~8.kx~9.kx~10.s5~12.s5~13.15v~14.1d3~15.15x~16.27e~17.2dq~18.2dq~19.4u6~20.4u6~21.4up~22.26x~23.26x
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/rum_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Nov 2022 06:57:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 96ms
95ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1566860561536691&bg=!tbaltvLNAAbvMpMzzzI7ACkAdvg8WlOsepmx60zUg4W3eIag-u7zPVHGRPLnym0640fI03FNxS6y7gIAAABYUgAAAARoAQcKAMOJdcrZsGUkSVAUf31zNDie3-SHH8YK100hcaRHqs_XJcj1_aecxJmRj8LFd0sj5QSbqyXqcV0NIX8Zs37CuayGuerYrrYoxCRXjWH69G4qwfoDPk0Sv_gqW8YeNIXkc1wulfsLnHtKqr70OoI_82k8yTOHH1kIJdSutxAj8TAMkrkXVcbGQDvE7BNDXeM3JIM04i0wLgCZ6YqBntR4hNpEO1l5oztP-eK52CMdv-pIYa9xxWY6ktrTwH_dZUPJ-6dEWueZAqEAixNexN182_wNy9gJT3noXTCWoNrZisrOPwddClvRygkLgbV2x7He_Kfa7TXmObEXveraahXxFBI9UknFfk_nAQqLwLoKRSLD91S4lG4PklS3Trg2TFKiKccw9QAz7gXSqsOUYP4PJ_-Jb6qHCdRvbVWM7bu8FwEBfzrYe4YoDVKNFOdmioc7foXAgfd3Vq7RHuI7Kl_QcpTo73aDrlAFZu0Hf3pDssiepxrLh2WYUeDhrn8zrN0YtcQiWN1ZT996MzXgWMsbYZPdtpz0wf4xe7XkkyeUEik7RA8oOJw6aoPJlHCGTUuBfD_1yt6d9U3yWg727Tg8a3GGpx5H9VjjtoedKJjX6HgDKZ8UR0K2fL15IvqQtel-VYYDasWaSd9oUOtJPSUeRwN91jYhpS3judAJPhI3J14IUHlz6FJFu2d3dkrFKsA1Bh6g4oCnvEa7GmixpKhBSY_ZmHeWQjm8sDq2Fe66TWl2xgKe6Lb4NNRrDKBy8RmMy94ZhMvZAES7LkPEt1808BxmAnGjgNfi3ia_4_Yo3vu3hGplRQcnJukjwWNLHPCL6JmisJet9snzo1EgQhafge-QIIrc0C2dBvmKNk6wdVjjxEZwHp27qAtsT4jDlReyfPavJB5I0C5WBESitYadxcx9AFtkGG7iId9jB0UWLzpga-YpJcc7MmwXkOsJKEkmtXoul_Yj5H6CMfIz7J6_tCWKYwlTCK3SD11Z0TVUQ049502QOD0nEohHA0MQ2Q5tdrYWFgZ-NQ-k12ESu9ePgiNQhhgbIm_CgndNfRbnqZSwn9jQmApqNTp_qnNPr6mVOLv-PEw1nID6e7CwWSFzgvpqzvgRPJiwghkY11UzQSGog1SN9yw30c8kx5I23BkJ8tF-GTVpRzLy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://showbizchika.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 05icscVa6IU
.youtube.com/	1970-01-20 11:50:20	Name: VISITOR_INFO1_LIVE Value: VxKlUt7OkYU
.showbizchika.net/	1970-01-20 17:07:08	Name: _ga Value: GA1.2.620008452.1668668271
.showbizchika.net/	1970-01-20 07:32:34	Name: _gid Value: GA1.2.202818029.1668668271
.showbizchika.net/	1970-01-20 07:31:08	Name: _gat Value: 1
showbizchika.net/	1969-12-31 23:59:59	Name: logglytrackingsession Value: a7d5e498-6553-45da-8f10-e7b5c3575c5a
.showbizchika.net/	1970-01-20 16:52:44	Name: __gads Value: ID=b48e1041ab799af6-22276a6139cf0042:T=1668668271:RT=1668668271:S=ALNI_MYegqm9QOXKLek5v2fgl6vG5PV55A
.showbizchika.net/	1970-01-20 16:52:44	Name: __gpi Value: UID=00000b82843cb9e7:T=1668668271:RT=1668668271:S=ALNI_MbxCOMOci_Ny0947ml9Fc925dNArA
js.ad-score.com/	1970-01-20 17:07:08	Name: token Value: dplcHbSJYSkLY-nj4l-iWJdImogwGCjO
.doubleclick.net/	1970-01-20 16:52:44	Name: IDE Value: AHWqTUnqH3GTFdlEbxJRUGDTouYO82NQ7uNze4a-NtmeDOW_84X6RaS8TEhkRi5JlFw
showbizchika.net/	1970-01-20 07:32:34	Name: pmtimesig Value: [[1668668272483,0]]
data.ad-score.com/	1970-01-20 17:07:08	Name: token Value: khBwgpKKkzzeq-p4p7-oitxdmnNaCqGU

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4671425092974945&output=html&h=280&slotname=7204640916&adk=4111123456&adf=1975995762&pi=t.ma~as.7204640916&w=1200&fwrn=4&fwrnh=100&lmt=1668647150&rafmt=1&format=1200x280&url=http%3A%2F%2Fshowbizchika.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1668668270943&bpp=3&bdt=1715&idt=527&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=3345126572123&rume=1&frm=20&pv=2&ga_vid=620008452.1668668271&ga_sid=1668668271&ga_hid=306311285&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=170&ady=800&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31070763%2C31070969%2C44779077%2C31061691%2C31061693&oid=2&pvsid=1566860561536691&tmod=1324918781&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&fsb=1&xpc=QRKi484Qha&p=http%3A//showbizchika.net&dtd=551 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.teads.tv
ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
csi.gstatic.com
csm.eu.criteo.net
data.ad-score.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
imasdk.googleapis.com
jnn-pa.googleapis.com
js.ad-score.com
netdna.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
resources.infolinks.com
router.infolinks.com
rt3043.infolinks.com
rtb.fr.eu.criteo.com
securepubads.g.doubleclick.net
showbizchika.net
static.criteo.net
static.doubleclick.net
t.teads.tv
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
130.211.115.4
172.66.41.9
178.250.2.148
2.18.232.7
2001:4860:4802:32::3
2001:4860:4802:38::178
202.55.90.215
2600:9000:2182:aa00:a:deb0:3380:93a1
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:806::2006
2a00:1450:4001:808::2002
2a00:1450:4001:808::2016
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a02:2638:1::17
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::2
2a02:2638::3
95.101.201.49
0100957725f44de259616aabbd3a4fd491c0c6023e629a9b8028e097d5adda27
025da3189553cc8c7431fee69149291ee5154cdbc0b260192a405f9a761eaf04
04e747f7eb987f28a233330069638541366cac8bf674462132de0cf643f812b9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0d476c7a95dbdd8f5e0bb838a8ae88f5eb0e9573d80a2f482deeb46e65b458b3
126de3106c6ee84219e5d8b8025f5b20386ecf46fdf0275520b93c9637fef39d
143044b70e8dea408c020786c55869f28b9f0bc89df6a935518d5003769197fd
15801fc6e9d2c7b0e3b174dfc855cad7746a62d7a054cb28fb46bd2793ce2ff4
1e1c8c5920bb68483b89b1a35c5046b1fb64b36c013b972ab53e6083cfb32ea0
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
24191d39422869585aa969dd369a12a9340eaa7ec3b86006aee19cca4968bf27
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
2d4f364d7ce389afc4642aef35fa71cd75b52be7337ce1d38f4566d8509a8675
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d5b2d682d842732d2fa5d0a4306e16f31d47aa9e2e1ca7c8ae868a1434d016
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33dedc48366280a9df8e6c15fa086a66b0285b0219957f6602b14c37a1e35e13
383218cb294a8a07fefa67740d966d1bef0e356d01e9fc63f4b2dc136c31f863
3c19dc08b1216c725804e31dea2b04741aa54e0526b63568a42bb7c5cc876796
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3cdf1c3feb481d3a22177b6413465d206d5ac5e6422264f4e6befc2c731da5f0
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40a5de46da7f23a91c6a82012b39841ac57c14183e262d65e8eb78b96057c274
431efabf2be233e277688ff15fc42f8d17e84e4adb4b2b8e825163ae861e3481
46c92989f734d2f68bac8e6d407c74b44c1e8c2ae046fd5f04948fccb7fc8a57
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b7fb79c5fae422c4f0d11fdc9dc0a0e5d651d5eae479a1251fff08d844309ee
4de1e222674a6f52395d73181b461d66adcaa209064ff8743d477f65d2e4a546
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55090033ff1e49cc8286923f89aff1d05b066707efa3caa3bdbc8b3e4e492739
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b5a1f4cf32c4be83da25e509795858df3600dd6f4916f8213c4a4cd57f3152
5a816478858f52d2c4139335982d752ccb54b655d97e2d86285cb267a7959feb
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ad0df861a468c3a72d09813d7866c08da72b110ccde24a5675fd1b455e7925d
5e5a26e546724b7e80d5f586ea747aa43861f804ead9b6a5d3a2d42601c52275
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
681648c2a7396ae7a3f95ce899c1a30eb85e42eabb15173032130824c49ada20
6a6560be8270ee813a9dae35e8ec89505eef2eac6090ac3d44e7f4ef84a0ee11
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
724a4a1a44226986c31b15aaf24bc91e8270ca9ba2359f52ca7b35701dbc2cea
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73c6cd3b73ec029e88fae48d3a0a336bb58cf5ca1e49f4a669b626db8ab45142
783f0a522dc1fd877518c4b06510653dff0983629679dc3987b1c64e366d51c9
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
79b3162cf37244605b9709b652f9e2d9e650aa2b649647a9ae78f34e8870f7bd
805d48dddc6595ee4faea31d4d4cb16a90336b5d4470dcc3cc1ec553dc6b5c67
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
858364408782a9612aca179e63cfcda6c8c64bbbebc65ec7a1dba1823d7084cd
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
88db9b874d854061d6435712019210a3245af1d25e1525644b6c592bf54e503d
897f979133e001c87fcaca3ae00aa8410a991c85df6cc489b51d032fbbb36ed5
8c762ba3b7d4f81d9b89e3132bf6c12a9c059506c3dba641bb047da0807c2a5d
8da3e5ad5df803216c68ee592089fb1d3274bee8441c26e70d3b75e818a1191e
8e17416059f9e1ada9694ae457d869c6c2941d9da66c9e9ac5d725ab45b50d81
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
911ddf821ac39f09e17d63faa249e5cd58c6a8dd3ec0340326ee31841c6154b8
945b3fb4d4f9036f7fcc9ff1d3f7c38c911ed4048446e49556a55dd957c982b1
949a101cdacea4f25db890a1bd4228a47a5d150005af3f08a32bf692d5b5482d
973a751cada226b377324165340546f2fabb6293208b6de74042b879a86bcbb6
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9b7e945da5f2dc8b7f0d7100903376ec8dab5e5397b2f4652102492bea9bdce4
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a690dfaf60d7dac70959d80eb53b4b2234adb0479977f6802b1085d972611e66
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a81c441e488822e3b9386082cb57e92ac5b857757b485b9afbc87e0aad2d9415
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4c52764fe1968ad3af33f1340b9ce06a56c94135c7303a0ad7abb3c5d797084
b574669ac419e9857b34bd603555cc632152f8122f6b154d049e13cc0a167b35
b8794fd6664c984c074ea7c0581e0b453ad7001bbf66e57628b4ab870861563e
b924cd156099adc7b656af6a1dda17264ef9cca4f1ffce7d8d7ed81831302c29
b9a37b19225ebcc58c8c06f677cd2903c54bac5e2fa8f8662190e94cfdf7e320
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bddd259b43b4db434f585af9e585d3d8ade79ac110181696e883c27c33f35cd6
bf5b663e43ed96015bf4f54dd2c961a178006e45666c468b82e1d23d642ee707
c027881b5e260639cb9cca444778b0acf14d10228389ae27b5f39432908b1065
cbb1852594704d9cb209b1a6634de429e6acdf0deee06d8c3faaa5efb0d3c39e
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d1615f7e93c723044f06e90adc4a966ef4cdccf482dbbe92a9fdb69515af878f
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d355afb9705c3f8651f6a1f813b4670b758d59a17783830f534e7a8839c5b666
d3b0a6ae9c25775f326e82ccfeeefaab20f2aa83d95e69abc121081dc05b338f
d45e21586b9ad438cdb6823da9573e343ebb6f9093c513b201a62292d86aef1e
d61f3b46035709bf27a3cfe1fe3bee6b26a80529e6bedd459a2a26fdbee939aa
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e420f1103f1826b2099901c8067387729b571bb4aa6844b5ba6ba3e51080d5d3
e90e40eba272ee27752da135dd5c8af57a49490090a72e09e26b5c92cf1c233d
ea498a23d10f87fa605af0d9a122c42aab33fc7f03dd5f56217c7456baffd85b
eaeebd0b6bb582b921d4c26ffc32d9b717dd99945e11326118b936a448fd8fa5
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26ccd4e8b025d912f8fc717147c83f61888ade088fb1b2c62f67537e6e4cb46
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5330b2c5676a6fb4a98545b093d99b93e68be01c5017430dc45ea2fe4cb8a83
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fca8e0709e23d0a094faaaf0e8dc76f3357680551cba8f279ec6f3c1a83bba87
fd98074068592c4a05849ef16d87f38de6945ee1f2df7253d46bca33a2a49e44
fdd0b377bce32e76d8a996461093b5c271ba2d98186c58568be5929f58548238
fe65bfd909ac7e21df1d0ceec09263795de5beb2504bb6c286a62a64b89edbd4
fef59d7a136506fbe8e3c50c622f0fb28d777ca210773b575e638d0617a001ae

showbizchika.net Open in urlscan Pro 202.55.90.215 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

147 Requests

83 %HTTPS

83 %IPv6

20 Domains

40 Subdomains

37 IPs

4 Countries

2915 kBTransfer

8388 kBSize

12 Cookies

5 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

showbizchika.net Open in urlscan Pro
202.55.90.215 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

83 %
HTTPS

83 %
IPv6

20
Domains

40
Subdomains

37
IPs

4
Countries

2915 kB
Transfer

8388 kB
Size

12
Cookies

147 HTTP transactions
8 data transactions