ifunny.co Open in urlscan Pro
38.134.113.246 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ifunny.co/video/BtVIBMWT8?s=cl
Submission: On October 08 via manual (October 8th 2021, 8:04:01 pm UTC) from SE — Scanned from DE

Summary HTTP 113 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 31 IPs in 8 countries across 24 domains to perform 113 HTTP transactions. The main IP is 38.134.113.246, located in United States and belongs to XL-103-397341, US. The main domain is ifunny.co.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 23rd 2021. Valid for: a year.

This is the only time ifunny.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	38.134.113.246 38.134.113.246	397341 (XL-103-39...) (XL-103-397341)
7	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
19	18.66.91.125 18.66.91.125	16509 (AMAZON-02) (AMAZON-02)
11	52.222.239.126 52.222.239.126	16509 (AMAZON-02) (AMAZON-02)
1	104.16.86.20 104.16.86.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.16.136 172.217.16.136	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
3	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
3	63.34.174.201 63.34.174.201	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
2	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
1	172.217.18.99 172.217.18.99	15169 (GOOGLE) (GOOGLE)
1	74.125.71.154 74.125.71.154	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	142.250.186.33 142.250.186.33	15169 (GOOGLE) (GOOGLE)
5	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
5	142.250.185.65 142.250.185.65	15169 (GOOGLE) (GOOGLE)
1	34.95.89.54 34.95.89.54	15169 (GOOGLE) (GOOGLE)
12	104.26.11.209 104.26.11.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 7	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	63.215.202.137 63.215.202.137	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
3 3	18.185.143.19 18.185.143.19	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.178.101 35.210.178.101	19527 (GOOGLE-2) (GOOGLE-2)
1 1	52.50.110.98 52.50.110.98	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
1 1	13.32.29.62 13.32.29.62	16509 (AMAZON-02) (AMAZON-02)
1	104.26.7.27 104.26.7.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.26.10.209 104.26.10.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
113	31

15 38.134.113.246 (United States)

ASN397341 (XL-103-397341, US)

ifunny.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geoip.ifunny.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 18.66.91.125 (United States)

ASN16509 (AMAZON-02, US)

static.ifunny.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.ifunny.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.222.239.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-239-126.fra56.r.cloudfront.net

imageproxy.ifunny.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.34.174.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-174-201.eu-west-1.compute.amazonaws.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.99 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f99.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.71.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net

d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.65 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.89.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.89.95.34.bc.googleusercontent.com

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.26.11.209 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.215.202.137 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams01-usadmm.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.190 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.185.143.19 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-143-19.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 101.178.210.35.bc.googleusercontent.com

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.110.98 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-110-98.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.245 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.29.62 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-62.fra56.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.7.27 (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.10.209 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	ifunny.co ifunny.co static.ifunny.co img.ifunny.co imageproxy.ifunny.co geoip.ifunny.co	813 KB
18	doubleclick.net 3 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	161 KB
14	ad4m.at as.ad4m.at ad4m.at assets.ad4m.at	257 KB
12	googlesyndication.com d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	56 KB
4	smaato.net 1 redirects prebid.ad.smaato.net s.ad.smaato.net	1 KB
3	awin1.com 1 redirects www.awin1.com	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	google.com www.google.com adservice.google.com	2 KB
3	adnxs.com ib.adnxs.com	2 KB
2	adform.net 2 redirects c1.adform.net	1 KB
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	857 B
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
2	google.de www.google.de adservice.google.de	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	youtube.com www.youtube.com	47 KB
2	googletagmanager.com www.googletagmanager.com	77 KB
1	congstar.de banner.congstar.de	518 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	972 B
1	simpli.fi 1 redirects um.simpli.fi	709 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	googletagservices.com www.googletagservices.com	38 KB
1	googleadservices.com www.googleadservices.com	15 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
113	24

	Domain	Requested by
16	static.ifunny.co	ifunny.co static.ifunny.co
13	ifunny.co	ifunny.co static.ifunny.co
11	imageproxy.ifunny.co	ifunny.co
7	cm.g.doubleclick.net	1 redirects d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
7	securepubads.g.doubleclick.net	ifunny.co securepubads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com tpc.googlesyndication.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com tpc.googlesyndication.com
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com as.ad4m.at ad4m.at
3	www.awin1.com	1 redirects as.ad4m.at
3	x.bidswitch.net	3 redirects
3	prebid.ad.smaato.net	static.ifunny.co
3	ib.adnxs.com	static.ifunny.co
3	img.ifunny.co	ifunny.co
2	ad.doubleclick.net	2 redirects
2	c1.adform.net	2 redirects
2	a.volvelle.tech	2 redirects
2	d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.com	ifunny.co tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.youtube.com	static.ifunny.co www.youtube.com
2	geoip.ifunny.co	static.ifunny.co
2	www.googletagmanager.com	ifunny.co www.googletagmanager.com
1	banner.congstar.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	s.ad.smaato.net	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
1	r.turn.com	d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	www.googletagservices.com	d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
1	prod-rtb.ad4mat.net	ifunny.co
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.google.de	ifunny.co
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.jsdelivr.net	ifunny.co
113	41

This site contains links to these domains. Also see Links.

Domain
app.appsflyer.com
www.amazon.com
www.pinterest.com

Subject Issuer	Validity	Valid
*.ifunny.co Go Daddy Secure Certificate Authority - G2	`2021-08-23` - `2022-09-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
smaato.net Sectigo ECC Organization Validation Secure Server CA	`2020-07-28` - `2022-10-04`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://ifunny.co/video/BtVIBMWT8?s=cl
Frame ID: 419B1616FC64024AE892569227E777CD
Requests: 74 HTTP requests in this frame

Frame: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D16B0121519779ADC139120F3D5903A7
Requests: 1 HTTP requests in this frame

Frame: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 58A1ACF21B8497FC76778876A6E69D74
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g5bhep56zhzx7xz2ybe8shqmw0rmfz11j338vmf9jecf2vm0292e6rkxvpf9sf5jt2a8gbq9nwgyk9p84tz4wn6qxb9g8n9tfk4gyk0xm454dr3w58dhsktqdq7ydqj8h50hdaqrs7yctnmdv23zyevg7cc7dy44mn91ddqecdfjxgcjjr4mngzpapkrkcz79kr6pjwy3tcnxrsee5y546e4zkr98nw470kqxmwnxf30mgp9q8dt24k2gg21qx20h98rsqsw0y7jst71gxj5c4383yshyh2fxpreth6rmvh4tznynnfhkk88m0k8qjd7hj6y9aaznje2wmtj975yerkm0apvhx5e7f7wekkg836fpjjsss3gf89rn69vr4tzgpp2tr647xyqwj8p2wsr06v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%26client%3Dca-pub-5475785420405214%26adurl%3D
Frame ID: 14944FEDC659638FAA243631576C10CC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2ED275F38CD088ADB7AD1767905DB93B
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8CDD25747CD5A2DBFA307C63E4A3B055
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=CX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWY&g=bb6a9a04458b0e97130553a9a5240704%2F10317237492547098759&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633723437076&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf6cbq5ka4t4d446q5s262esymxy5tv78ejgfg3vq08hqfs11jgxpd0sa82zf69nnqw9b4w2j802cjfbgaweycgdfr4tf67932v7nj553g0y6msa8h2gt22rxkj28m2besagdb9fz1da64cnmq1ha63hnscn3969w0qdfcn8a3dfj4w9xkdwbznwkkt49kcza71xb75h5bae92vg85cb1z8ecq9gr5dbfptnsd39s71h7g0cskstwnj8evgczq8762dh9wrfzvsj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%252526client%25253Dca-pub-5475785420405214%252526adurl%25253D&y=1&z=0
Frame ID: 11F1426028B772509A0B5B3794E8B6C4
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7825458ADDA26BB3775879E221802391
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 141D93A955B50B7D5AC90D7F311BCDD7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Video memes BtVIBMWT8 by nrdrummer89: 111 comments - )

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

113
Requests

100 %
HTTPS

0 %
IPv6

24
Domains

41
Subdomains

31
IPs

8
Countries

1497 kB
Transfer

2949 kB
Size

27
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://app.appsflyer.com/id429610587?pid=ifunny_co&c=sidebar_daily_appstore
Title: App Store

Search URL Search Domain Scan URL

URL: https://app.appsflyer.com/mobi.ifunny?pid=ifunny_co&c=sidebar_daily_googleplay
Title: Google Play

Search URL Search Domain Scan URL

URL: http://www.amazon.com/Okrujnost-iFunny/dp/B00DY76ZC8
Title: Amazon

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fvideo%2FBtVIBMWT8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F32191e43309fef38360a8880c00eb829f9026a01d3dad4598071ff5ee9c2af86_3.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2FlZZtXTbw8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2Fb4af7777f2ddd3bcaf1e7ef5b9e1a0253c6cd9623889bb2604d947ec08a53c65_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2Fago-xbox-xbox-thanks-for-helping-make-xbox-live-safer-b9qfqM3v8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F4cd6c5bb1d372b4c8db3367f11623b4c5cbd39d14a7f7d936ddba4f4203c6b3b_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2Fi-m-so-sick-of-shawn-using-siri-to-search-i1UA9Qzy8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F232301990ea46f688e37d15d3c5a76cc683e7c07088f3c2e44e65eae311fbe15_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2Fyour-upstairs-neighbor-starter-pack-i-h4WqiIiy8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F89253c91b678cd93c46088cfbb93a6efac09e897dfaec39ce814422b957f501b_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2Fpsychologicalholup-subscribe-157-comments-sAscmgHw8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2Fe1ffa0e7720d628b0c647cfd78909f118dcfd21ba73ba92b28dc4085ff7f0f9b_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2Ff3Q1Sc2w8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F8768ed49618b2ce73b9c023c61081601abc273371f6492ae4f500dde9541af03_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2Fhumans-bears-when-when-they-they-get-fat-get-fat-rMsIrhnw8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2Ff82f12fe418f93449ed47f079f87f5c4be2069fef9e03f14cf230c7683412495_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2Fheare-humans-skir-monsters-make-and-toilet-covers-out-of-2FUx7ZHv8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F78f2935c2f67694605644f171a92dcb0b9e1323c95d0287de390dc94d51bdc44_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fvideo%2Fwhen-a-call-to-restore-power-ata-retirement-home-so-bYd2RX5y8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F33236663e3e4e4b12919c0ec8ddee5d34904f12170d1f6eb4d495f95b722e91b_3.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fvideo%2Fpov-you-just-started-the-best-flash-game-in-history-XjKvGvdy8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2Faf7647d0a9574cb1f48cbfd4f6a273783b695e5769ffbe5a9b52f0ba66867e7e_3.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2Fcheers-to-not-understanding-memes-about-a-netflix-show-i-evRNzChy8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F4e2062a312ceb5e68f5e77e293f32cfeddafa0e2e8bc17f75d2ddc756bfdac86_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fvideo%2Fcf-tiktok-veteranhomeinsnectar-as-a-woodworkei-appreciate-the-details-Nka3POwu8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F0ca2fe2dd487117a978cabf0c58aa98314adf4461cbd7ab92cd158d1df1ae2bd_3.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2F15-poundies-so-how-much-umsfifteentpounds-ne-some-of-witch-YTFteRmw8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F15a378e15a9dd2d27c0412a3bb1486c8af526694d73032843d8f3bc22ce2039d_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2Fm2GHpgxx8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F628bcf6a2e6c1fb4aa24bf43132fe97413ca20db843932299c4d5630eafb94ef_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2Fwizard-comics-now-remember-use-the-green-sword-to-kill-28PCvHay8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2Fec7ff037a8c55e762d6b5938dc00a53ef7d142eec81dd34133535abbf5d86930_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2Fmy-metamorphosis-aaahhhhhh-or-or-begins-the-form-god-please-ixIvU75x8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F3125ffc5bdb2e029ffaaba68e3a2f96e039997f6ef478c8416df095d27267518_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2Fare-you-from-himalayas-why-would-you-say-that-no-roh33Hiu8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F4a45e5be663066c3347c48a860123defe0e8195f25703da40cc1180a18574c49_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2FggQQj7by8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F1354c6fc3b281b03b52bb97a05c3628e05d5d9d3e1e926f20eb216d81d7cae0f_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2Fthat-s-a-bit-of-a-r-a-a-my-VcvcQLJv8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F6f5d77c4ce2b28c2cfbd132f3d6369bab9444a2703a8b3dbed3e88352273d5a4_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fifunny.co%2Fpicture%2FhZ0uS33v8&media=https%3A%2F%2Fimageproxy.ifunny.co%2Fcrop%3Ax-20%2Cresize%3A320x%2Ccrop%3Ax800%2Cquality%3A90%2Fimages%2F6cc509b4f024af467a95c0c0fc348fd3a4cf1497bad60349d4e7d7e1e3eb7c26_1.webp&description=Found+on+iFunny
Title: Pinterest

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENGLmHuN2Tkww8uFAIBYmyw&google_cver=1&google_push=AYg5qPItYnRRMTJ5hI_yj5mtMlQeQ_tL8JjoGTZQE7JT9rh91GYf5sUe8fXy1D4jCj9DQvTRkP4rQdzX-M7kj5GxtOj6zjDCZQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzAzMjUzMzE0NDk1NTkzMTU3Mw== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEDX5NKu0TYc_R8cTTG9zNUw&google_cver=1

Request Chain 84

https://um.simpli.fi/gp_match?google_gid=CAESEO8-xh0FbWw57pYHltHdERI&google_cver=1&google_push=AYg5qPKw5fasTla6fBiTrl37FsmbvDnrsgEDIsVTbJmRtQvlYRH0IVWaBR07rtlSPxXEBXVbe0NLwTw7-ps5WDMjTZOP09PN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3C029A37C05E41C4883021AED2F3CABA&google_push=AYg5qPKw5fasTla6fBiTrl37FsmbvDnrsgEDIsVTbJmRtQvlYRH0IVWaBR07rtlSPxXEBXVbe0NLwTw7-ps5WDMjTZOP09PN

Request Chain 85

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELfW-ocVL3HkvsNTa9crDmk&google_cver=1&google_push=AYg5qPIlzw9EmNVojapSER5IEOCxxvqDCrcwRckupV4tsTYKDdI5CZa-kxsOokBbfBmeTgg5iP-aZr1ObpGcDKct1dqt0Zx_7w HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELfW-ocVL3HkvsNTa9crDmk&google_cver=1&google_push=AYg5qPIlzw9EmNVojapSER5IEOCxxvqDCrcwRckupV4tsTYKDdI5CZa-kxsOokBbfBmeTgg5iP-aZr1ObpGcDKct1dqt0Zx_7w HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=73636452-4f2b-4344-a217-ce0951c9ada4 HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=73636452-4f2b-4344-a217-ce0951c9ada4 HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=c9d906aa-df7a-4728-8732-29b2c946bc72&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIlzw9EmNVojapSER5IEOCxxvqDCrcwRckupV4tsTYKDdI5CZa-kxsOokBbfBmeTgg5iP-aZr1ObpGcDKct1dqt0Zx_7w&google_hm=c2NkUk8rQ0SiF84JUcmtpA==

Request Chain 86

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELtEC0a9cfRByuT2zUB41wI&google_cver=1&google_push=AYg5qPL-IjQbFFhGuFaoVDHycPbGhHvk-NWcQlLZRhBAitFp8-hFkeQOTvKj58CHD_8Lc-4CkTiclGTKUVzs330cGIUiXF3-Ew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL-IjQbFFhGuFaoVDHycPbGhHvk-NWcQlLZRhBAitFp8-hFkeQOTvKj58CHD_8Lc-4CkTiclGTKUVzs330cGIUiXF3-Ew&google_hm=MjM5NDQ2NjQyODg4NjY3NzYyNw%3D%3D

Request Chain 87

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFQqUphvyJUzOqb1asj4nZg&google_cver=1&google_push=AYg5qPJ-VT9ub00GI00cPXHUqfx07yikjmE32HY_SIPtJ4b487OtSb-m3gX9L7oAfNaRE-FVrG9tZY1Te3HlLhe0uh59bSP53g HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFQqUphvyJUzOqb1asj4nZg&google_cver=1&google_push=AYg5qPJ-VT9ub00GI00cPXHUqfx07yikjmE32HY_SIPtJ4b487OtSb-m3gX9L7oAfNaRE-FVrG9tZY1Te3HlLhe0uh59bSP53g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjE3MDg3MTY5OTA2OTM0NTYwOA&google_push=AYg5qPJ-VT9ub00GI00cPXHUqfx07yikjmE32HY_SIPtJ4b487OtSb-m3gX9L7oAfNaRE-FVrG9tZY1Te3HlLhe0uh59bSP53g

Request Chain 88

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOGMhZ6vMhXucPj_XpM6Rbg&google_cver=1&google_push=AYg5qPKNIA9OTBxDUVZW0E0zeJM2Z9Fb2R24xe5cp5OCDXqPOE67HZHIDDlM1z_lliBy7Ao-CYZVNixP2pClHft4gmwMnWASqg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKNIA9OTBxDUVZW0E0zeJM2Z9Fb2R24xe5cp5OCDXqPOE67HZHIDDlM1z_lliBy7Ao-CYZVNixP2pClHft4gmwMnWASqg

Request Chain 107

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidCX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWYasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKeZiYnOu_MCFe_quwgdc1sNnw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidCX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWYasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidCX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWYasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633723437_dee512a0-2872-11ec-bef8-692d023ad792

113 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request BtVIBMWT8 Show response
ifunny.co/video/ 166 KB
27 KB 766ms
540ms Document
text/html 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to

Full URL

https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.134.113.246 , United States, ASN397341 (XL-103-397341, US),

Reverse DNS

Software

nginx /

Resource Hash

adeaa3930fabc8ad10e1cd81885c63c03c1d4a2279c594f7a5cf4af26b0f6d41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:method: GET
:authority: ifunny.co
:scheme: https
:path: /video/BtVIBMWT8?s=cl
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Fri, 08 Oct 2021 20:03:54 GMT
content-type: text/html
vary: Accept-Encoding
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
app-version: website_ifunny-release_web_05.10.2021-73
access-control-allow-origin: https://ifunny.co
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: x-requested-with, x-csrf-token
access-control-expose-headers: x-requested-with, x-csrf-token
surrogate-control: no-store
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
pragma: no-cache
expires: 0
set-cookie: x-csrf-token=09f5bd1eb58aa551af9e2bf51ab88783; Path=/; Secure; SameSite=Lax CID=d5c294d5c3e954901e4e7e45d985de20ad84f294fbefcf154840604f3880b5ae.b3080ddb3364be01; Max-Age=31536000; Path=/; Expires=Sat, 08 Oct 2022 20:03:54 GMT; HttpOnly; Secure; SameSite=Lax sound=off; Max-Age=31536000; Path=/; Expires=Sat, 08 Oct 2022 20:03:54 GMT; SameSite=Lax
content-encoding: gzip

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 45ms
23ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

e87eeb7bc51ac0ceae4535f8f12a673612afab79bef97ada62bc9e0a91ac5c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1010 / 198 of 1000 / last-modified: 1633716368"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26830
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Oct 2021 20:03:54 GMT

GET
H2 200 prebid.js Show response
static.ifunny.co/dist/ifunny/assets/ 219 KB
68 KB 85ms
12ms Script
application/javascript 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/prebid.js
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 751cdce6dd3a080789741ce6f5b49695042cc2cfff6c0a22548b1097b3e30aad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 04:20:01 GMT
content-encoding: gzip
last-modified: Thu, 02 Sep 2021 16:31:28 GMT
server: AmazonS3
age: 488849
etag: W/"116c4fd0012bd62e01b1e67742015042"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: EwM8owtH9KenDF8eA1AKNqpKDGZZkYhw-X7mIW_PY8iYbRHaBtdL-w==

GET
H2 200 32191e43309fef38360a8880c00eb829f9026a01d3dad4598071ff5ee9c2af86_3.webp
img.ifunny.co/images/ 14 KB
14 KB 99ms
91ms Image
image/webp 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ifunny.co/images/32191e43309fef38360a8880c00eb829f9026a01d3dad4598071ff5ee9c2af86_3.webp
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 803042df438b4611562d9e6968a58bb415555b43ff15cddadd5824ce207516a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
last-modified: Tue, 13 Apr 2021 17:10:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: "470a65c1b4bbfc03f16bdfa4a24a4d4d"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 13912
x-amz-cf-id: JAsHyDEyeSW8DrL0OqmX3te-nlKKPgu-jiplou2-2TVFgMPcfNv6GQ==

GET
H2 200 40.8d7f1465.css
static.ifunny.co/dist/ifunny/assets/ 34 KB
8 KB 79ms
7ms Stylesheet
text/css 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/40.8d7f1465.css
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec77ec2332755bcbbb6980e9f03f5da8ae666ca1c5ebfcbdd5de883c5110778f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 12:46:21 GMT
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 12:45:47 GMT
server: AmazonS3
age: 890255
etag: W/"fa150b336fb4ff7c89422602bc2a78a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: Jodw5VuBPrJvioh7L4PvVk9IBw3-5vUn0VfFzig8DYAMYaWHckeMEA==

GET
H2 200 28.5962ecec.css
static.ifunny.co/dist/ifunny/assets/ 4 KB
2 KB 79ms
7ms Stylesheet
text/css 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/28.5962ecec.css
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b63ae50261fb6210436a4ab247e2bfb63b07ea3ed0ca133208a0eb289e8b0b30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 12:46:21 GMT
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 12:45:47 GMT
server: AmazonS3
age: 890255
etag: W/"654d10f9c3291b54e49a3935bbcd9b82"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 2NjXM4Mky78EjAHAfG0mv58dBHTJ8zmZ7LcQCKlf2MfnwNz7kVfZHg==

GET
H2 200 1.50c5abce.css
static.ifunny.co/dist/ifunny/assets/ 6 KB
2 KB 79ms
8ms Stylesheet
text/css 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/1.50c5abce.css
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fcb27863737dc031bf195f0d0984f2e10ff5bab72f43238364b01e518474221a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:38:13 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 11:37:39 GMT
server: AmazonS3
age: 1412743
etag: W/"7f5aeee1c54e006fd0cbb04419c68847"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: Vg-tIXcnKxbkyw0mnr_8IOr8mJEbN_dTUL3fOadO6Tr1A-sPRcFI5Q==

GET
H2 200 41.c740fff8.css
static.ifunny.co/dist/ifunny/assets/ 12 KB
3 KB 79ms
8ms Stylesheet
text/css 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/41.c740fff8.css
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 543d88bdd1d3e028a135efa42716ba9dbfffaa704900af4996b0127bbad711fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:38:13 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 11:37:41 GMT
server: AmazonS3
age: 1412743
etag: W/"ad9e9191f8f1244fdf641c10fd6e7898"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 3820v7ocdflp5vPkajj7KLw6EDJDySKwpfafvd-iTow5PeWIriV7iw==

GET
H2 200 favicon.svg
ifunny.co/ 639 B
802 B 112ms
106ms Image
image/svg+xml 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ifunny.co/favicon.svg
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software: nginx /
Resource Hash: f658215fcd2b09b07a9aba5e6bfae200a9b74d4bf9a74a5725358f0e83516734

Request headers

:path: /favicon.svg
pragma: no-cache
cookie: x-csrf-token=09f5bd1eb58aa551af9e2bf51ab88783; CID=d5c294d5c3e954901e4e7e45d985de20ad84f294fbefcf154840604f3880b5ae.b3080ddb3364be01; sound=off
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: ifunny.co
referer: https://ifunny.co/video/BtVIBMWT8?s=cl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ifunny.co/video/BtVIBMWT8?s=cl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:55 GMT
last-modified: Wed, 06 Oct 2021 09:08:30 GMT
server: nginx
etag: W/"27f-17c54dc82b0"
content-type: image/svg+xml
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 639

GET
H2 200 d392a59805eaa65ce3aa9908f78cf44daeb0c7ac_0.webp
imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/ 3 KB
3 KB 304ms
256ms Image
image/webp 52.222.239.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/d392a59805eaa65ce3aa9908f78cf44daeb0c7ac_0.webp
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-126.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: d754073533290c6a7296bac534acf16df3fe695301542dc9994bb6281556a338

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:55 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Wed, 21 Oct 2020 20:30:22 GMT
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "abab603c47a749e7cf3058eea0c81b94"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 3134
x-amz-cf-id: ynR5WGri4Rgal8TkwYV7tHmIymOFvSeRHjMqU-YjTNGCCy1sr7B6tg==

GET
H2 200 c68214b6116227818ae6524ca82e844134086aae_0.webp
imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/ 3 KB
3 KB 57ms
9ms Image
image/webp 52.222.239.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/c68214b6116227818ae6524ca82e844134086aae_0.webp
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-126.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5c98c0dc715b5aaa5efafacaf4465cb10a481fe212faebbf92d4f4afd5301d00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 19:49:22 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Tue, 07 Sep 2021 03:04:35 GMT
server: nginx
age: 1037673
etag: "5b817612fac152e84464b6ca5d4324ae"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
content-length: 2584
x-amz-cf-id: aW_ZHW4fcCjTUGASHCZV2rEXpuFUuTmFG0RXOMy6KbfupktVnngSQw==

GET
H2 200 417be29254a836a8546cd655db5d727b5ffc52e9_0.webp
imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/ 4 KB
4 KB 56ms
8ms Image
image/webp 52.222.239.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/417be29254a836a8546cd655db5d727b5ffc52e9_0.webp
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-126.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 7735473c74192317bc1ec19e17e206f8676d0fa7ea6a0e517300dbfcd99e33cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 14:35:38 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 13:21:50 GMT
server: nginx
age: 1574897
etag: "7387739ad65f117393cac881a94e8659"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
content-length: 3890
x-amz-cf-id: m0Pc1SdOAhHE1BKWJHrJ7JP_3ZE1xi9maqqM3hlZA6HoGjtMDHTGKw==

GET
H2 200 23f440d2f752b4b61acb316b714f8aff4efb542e_0.webp
imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/ 3 KB
3 KB 57ms
9ms Image
image/webp 52.222.239.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/23f440d2f752b4b61acb316b714f8aff4efb542e_0.webp
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-126.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 614d3a03223262ffb8ca6686e4070b707fb86031e69f4d59ab1ebe3634de19c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 07:02:30 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Thu, 20 Aug 2020 19:47:08 GMT
server: nginx
age: 1342885
etag: "6ef1df37f6045aa14b3faeb8d0aae75e"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
content-length: 2858
x-amz-cf-id: j3Piyvtt3oVgG7TzHasOJFR0sWCgBVkwXqF-aa2S2vwEVpLNXQvq5g==

GET
H2 200 921268bf8458841335b9e3990a2dc6b406382276_0.webp
imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/ 4 KB
4 KB 515ms
467ms Image
image/webp 52.222.239.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/921268bf8458841335b9e3990a2dc6b406382276_0.webp
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-126.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 2c8fca23c29e1101d29300036cd1f3eeb60212bc95115c45e0f247a31a8c3f97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:55 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Wed, 17 Mar 2021 11:16:09 GMT
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "300138ad54515ddf04947fcf7a3fd1c2"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 4270
x-amz-cf-id: tSUS6Bo9yzAxLvzHJlwRae-EUUz2zak3QSLKtb1hgu3Q30LqANxVJA==

GET
H2 200 4c6a19a86d96f04286694a08068e733a3cf1f5cf_0.webp
imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/ 3 KB
3 KB 359ms
311ms Image
image/webp 52.222.239.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/4c6a19a86d96f04286694a08068e733a3cf1f5cf_0.webp
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-126.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: d4e8b167006cc320147bf048a7f093f994783b56849c8b3bcdb40adc6017be10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:55 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Fri, 26 Oct 2018 19:58:35 GMT
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "5a58fa00baabd6f62210f7a170443023"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 2638
x-amz-cf-id: BxxqpiP7kQIRt_N8tQ9lU--p4-1wJPQXwrgToJczQPn1Uv0v7fwHfA==

GET
H2 200 cd5d2a152c82a13e92479d731fe0c9857df927d4_0.webp
imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/ 2 KB
3 KB 307ms
301ms Image
image/webp 52.222.239.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/cd5d2a152c82a13e92479d731fe0c9857df927d4_0.webp
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-126.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 219b4d2bda692ffbf76a0073a83b18f89230768b0a1ab3dcd5eb741f4ffaf1fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:55 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 05:03:16 GMT
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "7cb0a1e67dd53a435b4b27cdbf4318fc"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 2368
x-amz-cf-id: YxsERSdgNpfQH47VgV3ACxbddUaWdNBKeSsSX50WzIbcb-04kawvpQ==

GET
H2 200 b82467ceada0435688e75bc32389fad2085fe4da_0.jpg
imageproxy.ifunny.co/crop:square,resize:100x,quality:90x75/user_photos/ 4 KB
4 KB 240ms
234ms Image
image/jpeg 52.222.239.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageproxy.ifunny.co/crop:square,resize:100x,quality:90x75/user_photos/b82467ceada0435688e75bc32389fad2085fe4da_0.jpg
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-126.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 39b2875be14c84e8bc7d2f2a6ab3a19acca216967561ec0dbaf46b4803da3ba4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:55 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Mon, 27 May 2013 14:25:51 GMT
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "11b4d2f545fb2c9a8f7a5428ca0a7c92"
x-cache: Miss from cloudfront
content-type: image/jpeg
content-length: 3714
x-amz-cf-id: 9v5EcfUw1ci7JDeIP6Cdo4pvdBvO71YajS1CFdYikHBIbpHz3dkl7A==

GET
H2 200 011a9a0e4920560e13ee10d62d590c12761e6cce_0.webp
imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/ 4 KB
5 KB 13ms
6ms Image
image/webp 52.222.239.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/011a9a0e4920560e13ee10d62d590c12761e6cce_0.webp
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-126.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 319788c41fa0539e719d78e3d11103a57222a1db1bdfee1bbb97f9dced6faafe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 15:35:43 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Mon, 16 Nov 2020 00:35:00 GMT
server: nginx
age: 1571292
etag: "3df0c5cf3f582f5ec08eb142bc16c12e"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P4
content-length: 4474
x-amz-cf-id: SpLtAQRRChWZbwJtNuXve-bywSP5rl8OdEmxv2S95rvNAd7VF_DY1Q==

GET
H2 200 5acf3792e37fa3f364e6e6600bf8e8e00c105d42_0.webp
imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/ 3 KB
4 KB 15ms
9ms Image
image/webp 52.222.239.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/5acf3792e37fa3f364e6e6600bf8e8e00c105d42_0.webp
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-126.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: f3d224c09d9a4cf018fb686a2aaa1bb6bdfc0fda5e7f902128d24533c63727e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 19:28:13 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Thu, 09 Jan 2014 00:23:01 GMT
server: nginx
age: 2142
etag: "3173a4a065a13d62e66bda4929226a29"
x-cache: Hit from cloudfront
content-type: image/webp
x-amz-cf-pop: FRA56-P4
content-length: 3458
x-amz-cf-id: CPVOrI-Bitwm-bN1XK_DvBICBIObtwpmCesmuINCQChsuZbqpvztoQ==

GET
H2 200 b4af7777f2ddd3bcaf1e7ef5b9e1a0253c6cd9623889bb2604d947ec08a53c65_1.webp
img.ifunny.co/images/ 88 KB
89 KB 35ms
29ms Image
image/webp 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ifunny.co/images/b4af7777f2ddd3bcaf1e7ef5b9e1a0253c6cd9623889bb2604d947ec08a53c65_1.webp
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3a97b6fd43e6dd698e7cbb4fa689f68f2779cbcae627152fb67d67abb2b0c73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 00:29:58 GMT
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
last-modified: Tue, 21 Sep 2021 14:36:43 GMT
server: AmazonS3
age: 416038
etag: "c80fd81106c5ad355794000eb09eaa3e"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 90246
x-amz-cf-id: VqB2Fmj2WswQ-4CY0_mXP-EHWuY2D7ZOEkz3Pv8KJ0gLsFx1lEsMXA==

GET
H2 200 en.js Show response
cdn.jsdelivr.net/npm/vuejs-datepicker@1.6.2/dist/locale/translations/ 2 KB
1 KB 53ms
30ms Script
application/javascript 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vuejs-datepicker@1.6.2/dist/locale/translations/en.js

Requested by

Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43ee6cb7c61d8f2effbe552d50b7848f228c31c6554cbbeabaeac61361c4fc5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2521119
x-jsd-version: 1.6.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19182-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"6a8-m+bZB9TwLSvPrZx/oVlPiGUv+uk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 69b1f9ad0c2405cc-FRA

GET
H2 200 translations.d641f9eb.js Show response
ifunny.co/locales/en/ 16 KB
6 KB 114ms
109ms Script
application/javascript 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to

Full URL: https://ifunny.co/locales/en/translations.d641f9eb.js
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software: nginx /
Resource Hash: 2812c8656c4ebfd493881dc02c2ebaea0a55313cb9cb4de4570e4b6e61fb4f41

Request headers

:path: /locales/en/translations.d641f9eb.js
pragma: no-cache
cookie: x-csrf-token=09f5bd1eb58aa551af9e2bf51ab88783; CID=d5c294d5c3e954901e4e7e45d985de20ad84f294fbefcf154840604f3880b5ae.b3080ddb3364be01; sound=off
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: ifunny.co
referer: https://ifunny.co/video/BtVIBMWT8?s=cl
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://ifunny.co/video/BtVIBMWT8?s=cl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:55 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 09:08:30 GMT
server: nginx
etag: W/"3f99-17c54dc82b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0

GET
H2 200 runtime.0cb78a7f.js Show response
static.ifunny.co/dist/ifunny/assets/ 5 KB
3 KB 12ms
7ms Script
application/javascript 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/runtime.0cb78a7f.js
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: af8de26fca9dc5468d230b5048fa2d9c276c6120b08088cdd03045254f9ee2bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:32:04 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 09:31:31 GMT
server: AmazonS3
age: 210712
etag: W/"84cb904fc0d2767bfb173dc3647473b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: j3lsjey3BtMzULYpxWVWo71ZUpTYTa4Mz_wW7qePCuDzVHb886eRIQ==

GET
H2 200 28.23473119.js Show response
static.ifunny.co/dist/ifunny/assets/ 18 KB
7 KB 12ms
7ms Script
application/javascript 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/28.23473119.js
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db4452cf79295f3772941c2b05c9245b18f5fd23c7a39434ad7d80f7819fa597

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 12:50:39 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 12:50:06 GMT
server: AmazonS3
age: 285197
etag: W/"49dfef6c7020311cce341f695ba17eda"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 0hwkyVx7WaR15irBAUNLrBo_PvHB9f_PUHOHVLq3Tq5NaHOKW9fRuw==

GET
H2 200 1.71067983.js Show response
static.ifunny.co/dist/ifunny/assets/ 38 KB
12 KB 14ms
9ms Script
application/javascript 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/1.71067983.js
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aec67abc1addd3c573234fd5e1fcec7196c2bba6dcea8da3523d487adc0a537d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 12:50:39 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 12:50:06 GMT
server: AmazonS3
age: 285197
etag: W/"99a9a4263026d0c6a55ccf971da21c17"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: CuHgM2vBcKmCM5vsfdhSgLI9Si5vlGvTs2MPOkwFVHAEdopZT-81Iw==

GET
H2 200 41.b30e79b2.js Show response
static.ifunny.co/dist/ifunny/assets/ 62 KB
17 KB 18ms
13ms Script
application/javascript 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/41.b30e79b2.js
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 288a739ac06ce1d99252420602289a33394df63019d455622f427d9997ef354e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:38:13 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 11:37:41 GMT
server: AmazonS3
age: 1412743
etag: W/"d6d6b65726320a265c7b46651f8a929a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: j2G2CQTvI-VoaoHr-P0ZhUtJuLxtLT4hkeo2ZAYaJpVZvIEOLJoGhg==

GET
H2 200 46.46826402.js Show response
static.ifunny.co/dist/ifunny/assets/ 196 KB
63 KB 20ms
15ms Script
application/javascript 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/46.46826402.js
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3a772f0f8804de0d5a2aca813bac93a040f13d244a257916ecd1c9f28c117d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:38:13 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 11:37:41 GMT
server: AmazonS3
age: 1412743
etag: W/"e59e5d0fa77349b87831f7e8359decb9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: Q4Nk3pDS1KrPoAN1byhJq_dqAq3jDwBz8K2wpdWQ2gn0KLNCF7T4wA==

GET
H2 200 40.0309b692.js Show response
static.ifunny.co/dist/ifunny/assets/ 113 KB
33 KB 28ms
24ms Script
application/javascript 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/40.0309b692.js
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f0526d3e7df75573569ad4d7963f89e25b49398f00ef5d1d6f8ed1a156d02292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 12:50:39 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 12:50:06 GMT
server: AmazonS3
age: 285197
etag: W/"77485a47c8bc29085305024d904794cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: PhN6ByBgN7LzTAjgFGdqwhs3PaJnoAsGcEYzYtdXHZSYA-E4owMkSg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 48ms
21ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-877651770

Requested by

Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b7f5f374cc6e2ba3a029fede25490e53d45ed298ee7ec8fe6fe804c251c59e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39537
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Oct 2021 20:03:55 GMT

GET
H3 200 pubads_impl_2021100401.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
120 KB 42ms
23ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

7770fb287496ea4c36d2ac2f7ee6200008b73da0ec061c4d7e6d7a591df92fd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122419
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 08:37:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Oct 2021 20:03:55 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 61 B
90 B 30ms
15ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ifunny.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

3c2808394430f411a74c3afe5866fcc4ffba512d30f61b4361910e302ad494cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Oct 2021 20:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65
x-xss-protection: 0
expires: Fri, 08 Oct 2021 20:03:55 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ProximaNovaCond-black.41bffa25.woff2
static.ifunny.co/dist/ifunny/assets/fonts/ 32 KB
33 KB 26ms
8ms Font
application/font-woff 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/fonts/ProximaNovaCond-black.41bffa25.woff2
Requested by: Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/40.8d7f1465.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0be9e04c94f9e0d6b441af41d61e1c9df7db72aeabbbc31d3ebe922105ce457e

Request headers

Referer: https://static.ifunny.co/dist/ifunny/assets/40.8d7f1465.css
Origin: https://ifunny.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 13:41:12 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
vary: Origin
age: 267403
x-cache: Hit from cloudfront
content-length: 33216
last-modified: Mon, 09 Aug 2021 12:50:04 GMT
server: AmazonS3
etag: "213b99ecdbbab60a64b2349b8bee76df"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/font-woff
access-control-allow-origin: https://ifunny.co
cache-control: max-age=2592000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: 96WO-8y3Qh3IQ1HtlsZ-mymPbkQpdqmh8X2_8o-rQC9C_Aj4pLMPIg==

GET
H2 200 ProximaNova-bold.96993396.woff2
static.ifunny.co/dist/ifunny/assets/fonts/ 33 KB
34 KB 33ms
15ms Font
application/font-woff 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/fonts/ProximaNova-bold.96993396.woff2
Requested by: Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/40.8d7f1465.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd0798af7f8b8d1b97a557a4ebb86c609fda290e9088bf70c04b51b919dce596

Request headers

Referer: https://static.ifunny.co/dist/ifunny/assets/40.8d7f1465.css
Origin: https://ifunny.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 11:31:17 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
vary: Origin
age: 2293113
x-cache: Hit from cloudfront
content-length: 34068
last-modified: Wed, 04 Aug 2021 13:43:25 GMT
server: AmazonS3
etag: "86ec8c5111202d06723d9bb9c1fb4de1"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/font-woff
access-control-allow-origin: https://ifunny.co
cache-control: max-age=2592000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: LAgLD-wLYAXjTQdlblxtNWGw_uWNFJMo_QbGlfYo7RFJsLBm_FL6Ww==

GET
H2 200 ProximaNova-regular.8925f9bd.woff2
static.ifunny.co/dist/ifunny/assets/fonts/ 33 KB
34 KB 30ms
13ms Font
application/font-woff 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/fonts/ProximaNova-regular.8925f9bd.woff2
Requested by: Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/40.8d7f1465.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08a4dbce746a8b0f482404296cc2822dff339d2b013d6d527e38888566b401fa

Request headers

Referer: https://static.ifunny.co/dist/ifunny/assets/40.8d7f1465.css
Origin: https://ifunny.co
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 00:11:58 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
vary: Origin
age: 1194718
x-cache: Hit from cloudfront
content-length: 34200
last-modified: Wed, 25 Aug 2021 13:50:10 GMT
server: AmazonS3
etag: "420ba9856d37fdb1de8472f1d498b23e"
access-control-max-age: 3000
access-control-allow-methods: GET, PUT, POST, HEAD
content-type: application/font-woff
access-control-allow-origin: https://ifunny.co
cache-control: max-age=2592000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: Pg2EicdtwSHrpFsrVKRQy9WGCYDBkiYrytw9gXY7-kabyl6DijZP9g==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 52ms
29ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-877651770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

c7395cb3e42311d894b6f20d9877912ec71e9d81c63a1292455923588c6e803b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14394
x-xss-protection: 0
server: cafe
etag: 14335902481360483811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Oct 2021 20:03:55 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 29ms
15ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-23094255-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-877651770

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a822116646eaffae316f23e99358f0dcaa9572454ff22760f978dbd5026e6f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39153
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Oct 2021 20:03:55 GMT

OPTIONS
H2 200 /
geoip.ifunny.co/ Frame 0
0 309ms
96ms Preflight
text/plain 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.ifunny.co/
Protocol: H2
Server: 38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://ifunny.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Fri, 08 Oct 2021 20:03:55 GMT
content-type: text/plain
content-length: 18
access-control-allow-origin: https://ifunny.co
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: OPTIONS,GET,PUT,POST,DELETE,HEAD,PATCH
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin
allow: HEAD,GET,OPTIONS

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 74ms
33ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/1.71067983.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

ESF /

Resource Hash

e5c85e0a6c4be2aa4a6880effe874a973eae35378e876527bd14e150f00e2ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires: Fri, 08 Oct 2021 20:03:55 GMT

GET
H2 200 2.7dad718d.css
static.ifunny.co/dist/ifunny/assets/ 25 B
364 B 7ms
7ms Stylesheet
text/css 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/2.7dad718d.css
Requested by: Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/runtime.0cb78a7f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d89dd2a0232b5cf2ad7cd223d996658ddd5f01ffd3ba7de5fb63053da61823c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 16:36:09 GMT
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
last-modified: Sun, 26 Sep 2021 08:22:32 GMT
server: AmazonS3
age: 1049267
etag: "ce680269a88e5b59e4fb52e95c86386a"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 25
x-amz-cf-id: mW9NLrAuyXssojRK-7XE1uxHxpuKVY1hwPCpWoup73qj1Q5Ik6Aglg==

GET
H2 200 / Show response
geoip.ifunny.co/ 76 B
281 B 109ms
108ms Fetch
application/json 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.ifunny.co/
Requested by: Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/40.0309b692.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software: nginx /
Resource Hash: 00c2914151af5771584593b003b8734239ab62bb80ca2bcdefcf94fc1fc61476

Request headers

accept: application/json
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://ifunny.co
date: Fri, 08 Oct 2021 20:03:55 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx
vary: Accept-Encoding, Origin, Accept-Encoding
content-type: application/json;charset=utf-8

GET
H2 200 42.d5c2eff2.css
static.ifunny.co/dist/ifunny/assets/ 758 B
1 KB 7ms
7ms Stylesheet
text/css 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ifunny.co/dist/ifunny/assets/42.d5c2eff2.css
Requested by: Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/runtime.0cb78a7f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 07694290c0035788166e14e9822cd172a6e0e5326b6bad44f7afbba624a965e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 11:38:13 GMT
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
last-modified: Wed, 22 Sep 2021 11:37:41 GMT
server: AmazonS3
age: 1412743
etag: "7a876e6c68324a0ac68418dffe19e2b5"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
content-length: 758
x-amz-cf-id: _wQri759c6kiQz0nRabt3826UTefOgzHSSe0o1AYhI5GJBFuYyHAbg==

POST
H2 200 dwh
ifunny.co/api/v1/ 2 B
821 B 116ms
115ms Ping
application/json 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to

Full URL

https://ifunny.co/api/v1/dwh

Requested by

Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.134.113.246 , United States, ASN397341 (XL-103-397341, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://ifunny.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: x-csrf-token=09f5bd1eb58aa551af9e2bf51ab88783; CID=d5c294d5c3e954901e4e7e45d985de20ad84f294fbefcf154840604f3880b5ae.b3080ddb3364be01; sound=off; _gcl_au=1.1.1628513621.1633723435
content-length: 237
:path: /api/v1/dwh
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: ifunny.co
referer: https://ifunny.co/video/BtVIBMWT8?s=cl
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://ifunny.co/video/BtVIBMWT8?s=cl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
x-content-type-options: nosniff
app-version: website_ifunny-release_web_05.10.2021-73
surrogate-control: no-store
cross-origin-resource-policy: same-origin
content-length: 2
pragma: no-cache
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ifunny.co
access-control-expose-headers: x-requested-with, x-csrf-token
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers: x-requested-with, x-csrf-token
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
813 B 46ms
13ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c8914316e6f7f8c481cc2a6a8c37e519c03ea8446f77baf2d3259777ee5debd8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Oct 2021 20:03:55 GMT
X-Proxy-Origin: 216.131.114.19; 216.131.114.19; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4632a270-bf2f-4dae-89e0-10bb79e0697e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ifunny.co
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 dwh
ifunny.co/api/v1/ 2 B
821 B 115ms
115ms Ping
application/json 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to

Full URL

https://ifunny.co/api/v1/dwh

Requested by

Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.134.113.246 , United States, ASN397341 (XL-103-397341, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://ifunny.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: x-csrf-token=09f5bd1eb58aa551af9e2bf51ab88783; CID=d5c294d5c3e954901e4e7e45d985de20ad84f294fbefcf154840604f3880b5ae.b3080ddb3364be01; sound=off; _gcl_au=1.1.1628513621.1633723435
content-length: 235
:path: /api/v1/dwh
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: ifunny.co
referer: https://ifunny.co/video/BtVIBMWT8?s=cl
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://ifunny.co/video/BtVIBMWT8?s=cl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
x-content-type-options: nosniff
app-version: website_ifunny-release_web_05.10.2021-73
surrogate-control: no-store
cross-origin-resource-policy: same-origin
content-length: 2
pragma: no-cache
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ifunny.co
access-control-expose-headers: x-requested-with, x-csrf-token
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers: x-requested-with, x-csrf-token
expires: 0

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
336 B 134ms
32ms XHR
text/plain 63.34.174.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 63.34.174.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-174-201.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ifunny.co
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Fri, 08 Oct 2021 20:03:55 GMT
X-SMT-SessionId: f53d7a86-e143-484e-a5a3-04f2cb4cd847

POST
H2 200 dwh
ifunny.co/api/v1/ 2 B
821 B 113ms
113ms Ping
application/json 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to

Full URL

https://ifunny.co/api/v1/dwh

Requested by

Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.134.113.246 , United States, ASN397341 (XL-103-397341, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://ifunny.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: x-csrf-token=09f5bd1eb58aa551af9e2bf51ab88783; CID=d5c294d5c3e954901e4e7e45d985de20ad84f294fbefcf154840604f3880b5ae.b3080ddb3364be01; sound=off; _gcl_au=1.1.1628513621.1633723435
content-length: 235
:path: /api/v1/dwh
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: ifunny.co
referer: https://ifunny.co/video/BtVIBMWT8?s=cl
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://ifunny.co/video/BtVIBMWT8?s=cl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
x-content-type-options: nosniff
app-version: website_ifunny-release_web_05.10.2021-73
surrogate-control: no-store
cross-origin-resource-policy: same-origin
content-length: 2
pragma: no-cache
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ifunny.co
access-control-expose-headers: x-requested-with, x-csrf-token
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers: x-requested-with, x-csrf-token
expires: 0

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
336 B 134ms
32ms XHR
text/plain 63.34.174.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 63.34.174.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-174-201.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ifunny.co
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Fri, 08 Oct 2021 20:03:55 GMT
X-SMT-SessionId: 71508fbc-e080-4fd4-b5ec-994ccc3c8d1a

POST
H2 200 dwh
ifunny.co/api/v1/ 2 B
821 B 114ms
114ms Ping
application/json 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to

Full URL

https://ifunny.co/api/v1/dwh

Requested by

Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.134.113.246 , United States, ASN397341 (XL-103-397341, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://ifunny.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: x-csrf-token=09f5bd1eb58aa551af9e2bf51ab88783; CID=d5c294d5c3e954901e4e7e45d985de20ad84f294fbefcf154840604f3880b5ae.b3080ddb3364be01; sound=off; _gcl_au=1.1.1628513621.1633723435
content-length: 237
:path: /api/v1/dwh
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: ifunny.co
referer: https://ifunny.co/video/BtVIBMWT8?s=cl
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://ifunny.co/video/BtVIBMWT8?s=cl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
x-content-type-options: nosniff
app-version: website_ifunny-release_web_05.10.2021-73
surrogate-control: no-store
cross-origin-resource-policy: same-origin
content-length: 2
pragma: no-cache
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ifunny.co
access-control-expose-headers: x-requested-with, x-csrf-token
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers: x-requested-with, x-csrf-token
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
813 B 43ms
13ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

ba8e50fb8e016c5eaad8fce3c358b570abc2ba0c8d9f58b70c0e85a4b3c83704

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Oct 2021 20:03:55 GMT
X-Proxy-Origin: 216.131.114.19; 216.131.114.19; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 22040fec-f8e2-49b8-8a1f-666a58f92e1b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ifunny.co
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 0e0257709c53c8a602dfa71392f7e7d61e1920ac_0.webp
imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/ 5 KB
5 KB 292ms
292ms Image
image/webp 52.222.239.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/0e0257709c53c8a602dfa71392f7e7d61e1920ac_0.webp
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-126.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9e01f54fd5c216747cabcd7d29ab23223b6c345436eeccbca5bbf4cac5f9b2b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
via: 1.1 2ffde5fadc46cbcc3a678e8713ed76b0.cloudfront.net (CloudFront)
last-modified: Tue, 02 Mar 2021 21:38:12 GMT
server: nginx
x-amz-cf-pop: FRA56-P4
etag: "0fac8fdcc1204967acdae82e0b8134dc"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 5262
x-amz-cf-id: shysvFFxdtF7DyrPCXSMAhFDkOfoJxm3WYn9OoAE4rGkbbtSc1sA2A==

GET
H2 206 32191e43309fef38360a8880c00eb829f9026a01d3dad4598071ff5ee9c2af86_1.mp4
img.ifunny.co/videos/ 308 KB
309 KB 113ms
113ms Media
video/mp4 18.66.91.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ifunny.co/videos/32191e43309fef38360a8880c00eb829f9026a01d3dad4598071ff5ee9c2af86_1.mp4
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.91.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32191e43309fef38360a8880c00eb829f9026a01d3dad4598071ff5ee9c2af86

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 08 Oct 2021 20:03:57 GMT
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
last-modified: Tue, 13 Apr 2021 17:10:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
etag: "54c9ca321d675c7c4fd52ecbae18453a"
x-cache: Miss from cloudfront
content-type: video/mp4
Content-Range: bytes 0-315469/315470
cache-control: public, max-age=2592000
accept-ranges: bytes
Content-Length: 315470
x-amz-cf-id: GK2vmFtkKIzoY-b0aLHo13aZBoNNbtP8MU9RbS16ptryuVBSX9EY0g==

POST
H2 200 dwh
ifunny.co/api/v1/ 2 B
821 B 115ms
114ms Ping
application/json 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to

Full URL

https://ifunny.co/api/v1/dwh

Requested by

Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.134.113.246 , United States, ASN397341 (XL-103-397341, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://ifunny.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: x-csrf-token=09f5bd1eb58aa551af9e2bf51ab88783; CID=d5c294d5c3e954901e4e7e45d985de20ad84f294fbefcf154840604f3880b5ae.b3080ddb3364be01; sound=off; _gcl_au=1.1.1628513621.1633723435
content-length: 235
:path: /api/v1/dwh
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: ifunny.co
referer: https://ifunny.co/video/BtVIBMWT8?s=cl
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://ifunny.co/video/BtVIBMWT8?s=cl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
x-content-type-options: nosniff
app-version: website_ifunny-release_web_05.10.2021-73
surrogate-control: no-store
cross-origin-resource-policy: same-origin
content-length: 2
pragma: no-cache
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ifunny.co
access-control-expose-headers: x-requested-with, x-csrf-token
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers: x-requested-with, x-csrf-token
expires: 0

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
336 B 33ms
32ms XHR
text/plain 63.34.174.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 63.34.174.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-174-201.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://ifunny.co
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Fri, 08 Oct 2021 20:03:55 GMT
X-SMT-SessionId: aa37c46f-1e30-4e39-9d0a-596dff14341f

POST
H2 200 dwh
ifunny.co/api/v1/ 2 B
821 B 115ms
114ms Ping
application/json 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to

Full URL

https://ifunny.co/api/v1/dwh

Requested by

Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.134.113.246 , United States, ASN397341 (XL-103-397341, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://ifunny.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: x-csrf-token=09f5bd1eb58aa551af9e2bf51ab88783; CID=d5c294d5c3e954901e4e7e45d985de20ad84f294fbefcf154840604f3880b5ae.b3080ddb3364be01; sound=off; _gcl_au=1.1.1628513621.1633723435
content-length: 237
:path: /api/v1/dwh
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: ifunny.co
referer: https://ifunny.co/video/BtVIBMWT8?s=cl
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://ifunny.co/video/BtVIBMWT8?s=cl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
x-content-type-options: nosniff
app-version: website_ifunny-release_web_05.10.2021-73
surrogate-control: no-store
cross-origin-resource-policy: same-origin
content-length: 2
pragma: no-cache
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ifunny.co
access-control-expose-headers: x-requested-with, x-csrf-token
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers: x-requested-with, x-csrf-token
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
814 B 13ms
13ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

64372c3fe04082767385d74d69b1044cd8097f2ae94fbd439c56b2936d682fc3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Oct 2021 20:03:56 GMT
X-Proxy-Origin: 216.131.114.19; 216.131.114.19; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0957fe18-e29c-4a2e-9446-2efa483d969b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ifunny.co
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/877651770/ 2 KB
2 KB 43ms
21ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/877651770/?random=1633723436270&cv=9&fst=1633723436270&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fifunny.co%2Fvideo%2FBtVIBMWT8%3Fs%3Dcl&tiba=Video%20memes%20BtVIBMWT8%20by%20nrdrummer89%3A%20111%20comments%20-%20)&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0298b641a9f8e861a855282482963b09f25d1671a4815061648570b5623bf079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/920e4583/www-widgetapi.vflset/ 140 KB
45 KB 44ms
15ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/920e4583/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

sffe /

Resource Hash

ad0d99ab66d0e7ef994cd87cbca6c5f798af142b566fb904327b8f24cc3c7572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 01:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68308
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46468
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 00:21:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 08 Oct 2022 01:05:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 33ms
8ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23094255-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 170
date: Fri, 08 Oct 2021 20:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 08 Oct 2021 22:01:06 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/877651770/ 42 B
569 B 44ms
19ms Image
image/gif 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/877651770/?random=1633723436270&cv=9&fst=1633723200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fifunny.co%2Fvideo%2FBtVIBMWT8%3Fs%3Dcl&tiba=Video%20memes%20BtVIBMWT8%20by%20nrdrummer89%3A%20111%20comments%20-%20)&async=1&fmt=3&is_vtc=1&random=1032782518&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 20:03:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/877651770/ 42 B
569 B 44ms
20ms Image
image/gif 172.217.18.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/877651770/?random=1633723436270&cv=9&fst=1633723200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa60&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fifunny.co%2Fvideo%2FBtVIBMWT8%3Fs%3Dcl&tiba=Video%20memes%20BtVIBMWT8%20by%20nrdrummer89%3A%20111%20comments%20-%20)&async=1&fmt=3&is_vtc=1&random=1032782518&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 20:03:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
23ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1115917155&t=pageview&_s=1&dl=https%3A%2F%2Fifunny.co%2Fvideo%2FBtVIBMWT8%3Fs%3Dcl&ul=en-us&de=UTF-8&dt=Video%20memes%20BtVIBMWT8%20by%20nrdrummer89%3A%20111%20comments%20-%20)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1583960512&gjid=1486798728&cid=132914038.1633723436&tid=UA-23094255-1&_gid=1962299911.1633723436&_r=1&gtm=2oua60&z=1644549256

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 20:03:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ifunny.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
456 B 43ms
14ms XHR
text/plain 74.125.71.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-23094255-1&cid=132914038.1633723436&jid=1583960512&gjid=1486798728&_gid=1962299911.1633723436&_u=YEBAAUAAAAAAAC~&z=675975773

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 08 Oct 2021 20:03:56 GMT
content-type: text/plain
access-control-allow-origin: https://ifunny.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 67ms
26ms Script
application/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ifunny.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Oct 2021 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 38ms
17ms Script
application/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ifunny.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Oct 2021 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 447 B
255 B 151ms
151ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3137637217218611&correlator=918873575255061&output=ldjh&impl=fif&eid=31061423%2C31061425%2C31062220&vrg=2021100401&ptt=17&sc=1&sfv=1-0-38&ecs=20211008&iu_parts=1361489614%2Cifunny_web%2Cifunny_web_desktop_feed&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633723436&dt=1633723436502&dlt=1633723434920&idt=216&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=1345&adks=3948330540&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fifunny.co%2Fvideo%2FBtVIBMWT8%3Fs%3Dcl&vis=1&dmc=8&scr_x=0&scr_y=0&psz=580x22981&msz=580x0&ga_vid=132914038.1633723436&ga_sid=1633723437&ga_hid=1115917155&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

4dc51bea65d10eefbf4b70b3f9d73aa0e46cb0ea9353b1a500e164e6cf771cad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 224
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ifunny.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D16B 6 KB
4 KB 61ms
15ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 08 Oct 2021 20:03:56 GMT
expires: Sat, 08 Oct 2022 20:03:56 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 dwh
ifunny.co/api/v1/ 2 B
821 B 114ms
113ms Ping
application/json 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to

Full URL

https://ifunny.co/api/v1/dwh

Requested by

Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.134.113.246 , United States, ASN397341 (XL-103-397341, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://ifunny.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: x-csrf-token=09f5bd1eb58aa551af9e2bf51ab88783; CID=d5c294d5c3e954901e4e7e45d985de20ad84f294fbefcf154840604f3880b5ae.b3080ddb3364be01; sound=off; _gcl_au=1.1.1628513621.1633723435; _ga=GA1.2.132914038.1633723436; _gid=GA1.2.1962299911.1633723436; _gat_gtag_UA_23094255_1=1
content-length: 268
:path: /api/v1/dwh
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: ifunny.co
referer: https://ifunny.co/video/BtVIBMWT8?s=cl
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://ifunny.co/video/BtVIBMWT8?s=cl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
x-content-type-options: nosniff
app-version: website_ifunny-release_web_05.10.2021-73
surrogate-control: no-store
cross-origin-resource-policy: same-origin
content-length: 2
pragma: no-cache
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ifunny.co
access-control-expose-headers: x-requested-with, x-csrf-token
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers: x-requested-with, x-csrf-token
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 168ms
168ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3137637217218611&correlator=2054778874941198&output=ldjh&impl=fif&eid=31061423%2C31061425%2C31062220&vrg=2021100401&ptt=17&sc=1&sfv=1-0-38&ecs=20211008&iu_parts=1361489614%2Cifunny_web%2Cifunny_web_desktop_feed&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633723436&dt=1633723436512&dlt=1633723434920&idt=216&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=3673&adks=1329812439&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fifunny.co%2Fvideo%2FBtVIBMWT8%3Fs%3Dcl&vis=1&dmc=8&scr_x=0&scr_y=0&psz=580x496&msz=580x0&ga_vid=132914038.1633723436&ga_sid=1633723437&ga_hid=1115917155&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

93223e792d98bc5a9ebf4f4868b042b8c6d81050ab3f43fabd1dd1ffd48fef21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10127
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ifunny.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 dwh
ifunny.co/api/v1/ 2 B
821 B 114ms
114ms Ping
application/json 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to

Full URL

https://ifunny.co/api/v1/dwh

Requested by

Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.134.113.246 , United States, ASN397341 (XL-103-397341, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://ifunny.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: x-csrf-token=09f5bd1eb58aa551af9e2bf51ab88783; CID=d5c294d5c3e954901e4e7e45d985de20ad84f294fbefcf154840604f3880b5ae.b3080ddb3364be01; sound=off; _gcl_au=1.1.1628513621.1633723435; _ga=GA1.2.132914038.1633723436; _gid=GA1.2.1962299911.1633723436; _gat_gtag_UA_23094255_1=1
content-length: 268
:path: /api/v1/dwh
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: ifunny.co
referer: https://ifunny.co/video/BtVIBMWT8?s=cl
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://ifunny.co/video/BtVIBMWT8?s=cl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
x-content-type-options: nosniff
app-version: website_ifunny-release_web_05.10.2021-73
surrogate-control: no-store
cross-origin-resource-policy: same-origin
content-length: 2
pragma: no-cache
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ifunny.co
access-control-expose-headers: x-requested-with, x-csrf-token
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers: x-requested-with, x-csrf-token
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 450 B
251 B 162ms
161ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3137637217218611&correlator=1129782298328941&output=ldjh&impl=fif&eid=31061423%2C31061425%2C31062220&vrg=2021100401&ptt=17&sc=1&sfv=1-0-38&ecs=20211008&iu_parts=1361489614%2Cifunny_web%2Cifunny_web_desktop_sidebar&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633723436&dt=1633723436520&dlt=1633723434920&idt=216&frm=20&biw=1600&bih=1200&oid=2&adxs=1090&adys=88&adks=164404475&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fifunny.co%2Fvideo%2FBtVIBMWT8%3Fs%3Dcl&vis=1&dmc=8&scr_x=0&scr_y=0&psz=316x23085&msz=300x0&ga_vid=132914038.1633723436&ga_sid=1633723437&ga_hid=1115917155&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

a474447f7af53bc4c712c3086ba43abb4d634fb147a6f0cf599067b8fc7416be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ifunny.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 dwh
ifunny.co/api/v1/ 2 B
821 B 114ms
114ms Ping
application/json 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to

Full URL

https://ifunny.co/api/v1/dwh

Requested by

Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.134.113.246 , United States, ASN397341 (XL-103-397341, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://ifunny.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: x-csrf-token=09f5bd1eb58aa551af9e2bf51ab88783; CID=d5c294d5c3e954901e4e7e45d985de20ad84f294fbefcf154840604f3880b5ae.b3080ddb3364be01; sound=off; _gcl_au=1.1.1628513621.1633723435; _ga=GA1.2.132914038.1633723436; _gid=GA1.2.1962299911.1633723436; _gat_gtag_UA_23094255_1=1
content-length: 271
:path: /api/v1/dwh
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: ifunny.co
referer: https://ifunny.co/video/BtVIBMWT8?s=cl
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://ifunny.co/video/BtVIBMWT8?s=cl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
x-content-type-options: nosniff
app-version: website_ifunny-release_web_05.10.2021-73
surrogate-control: no-store
cross-origin-resource-policy: same-origin
content-length: 2
pragma: no-cache
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ifunny.co
access-control-expose-headers: x-requested-with, x-csrf-token
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers: x-requested-with, x-csrf-token
expires: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 44ms
21ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021100401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6e4372fbe2dee978c0fa5ffe89f4d5d6939a8983c669f8a887b41355afbc732a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Oct 2021 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8553
x-xss-protection: 0

GET
H3 200 container.html Show response
d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 58A1 6 KB
3 KB 22ms
7ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 08 Oct 2021 20:03:56 GMT
expires: Sat, 08 Oct 2022 20:03:56 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 492ms
470ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 08 Oct 2021 20:03:57 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 58A1 0
0 34ms
34ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5GyrLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgAJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUiPIxW8M4trjrPnBXdLdyIFyX4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU0NzU3ODU0MjA0MDUyMTQY1qke&sigh=zL5M49nxSH0&cid=CAQSOwCNIrLMnb_OZE1CxIDTwCiA-BaK0dUwkyAKuI322EwrXWO01FQWN1Niz27hdu_DjlYCSPFEczl1_uM5GAE
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 58A1 0
0 871ms
825ms Fetch
image/gif 34.95.89.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kb2wdwhjqq6mxcdcra3fepbebhdahmg7rekwwqw9vxvhtjbtcg0zh99pk64bbv46besc4ceecc09x2hstesfca0an1q6ggswrw86015n2m4dbt6pewcsjtdf8px4jg66vw7138f8e7a4w5c0p1qwp09s6ke0eap65fpxx6c1nx5c1mtqhcde8tgnregt7cgdjxh5qxnt8h24htr720gxghxs55n8a8vfcxg0nwd04k80paja6ctk7dyzvwgd5jfgm4yw5wm31ftrwtpv4srbsac1bdc37ka55kk3nyt5tvatb66hddpey5h4x4hc786vc5fz9vj20pfx682wjmyqc6mh21bnm0mzv448axqxdddstapd6gj2befpvxq25k2ms1scgv5ar&b=YWCkLAAIcrYK3pKYAA_yU2wpWTbZLrm0gO-mQg
Requested by: Host: ifunny.co
URL: https://ifunny.co/video/BtVIBMWT8?s=cl
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Oct 2021 20:03:57 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 1494 2 KB
3 KB 89ms
45ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g5bhep56zhzx7xz2ybe8shqmw0rmfz11j338vmf9jecf2vm0292e6rkxvpf9sf5jt2a8gbq9nwgyk9p84tz4wn6qxb9g8n9tfk4gyk0xm454dr3w58dhsktqdq7ydqj8h50hdaqrs7yctnmdv23zyevg7cc7dy44mn91ddqecdfjxgcjjr4mngzpapkrkcz79kr6pjwy3tcnxrsee5y546e4zkr98nw470kqxmwnxf30mgp9q8dt24k2gg21qx20h98rsqsw0y7jst71gxj5c4383yshyh2fxpreth6rmvh4tznynnfhkk88m0k8qjd7hj6y9aaznje2wmtj975yerkm0apvhx5e7f7wekkg836fpjjsss3gf89rn69vr4tzgpp2tr647xyqwj8p2wsr06v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%26client%3Dca-pub-5475785420405214%26adurl%3D

Requested by

Host: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
URL: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e249025ab78c733966097460941fc8c75daa3477726befd603b7d024eef4d158

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1g5bhep56zhzx7xz2ybe8shqmw0rmfz11j338vmf9jecf2vm0292e6rkxvpf9sf5jt2a8gbq9nwgyk9p84tz4wn6qxb9g8n9tfk4gyk0xm454dr3w58dhsktqdq7ydqj8h50hdaqrs7yctnmdv23zyevg7cc7dy44mn91ddqecdfjxgcjjr4mngzpapkrkcz79kr6pjwy3tcnxrsee5y546e4zkr98nw470kqxmwnxf30mgp9q8dt24k2gg21qx20h98rsqsw0y7jst71gxj5c4383yshyh2fxpreth6rmvh4tznynnfhkk88m0k8qjd7hj6y9aaznje2wmtj975yerkm0apvhx5e7f7wekkg836fpjjsss3gf89rn69vr4tzgpp2tr647xyqwj8p2wsr06v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%26client%3Dca-pub-5475785420405214%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69b1f9b7ff76f9d2-PRG
content-encoding: br

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 58A1 3 KB
2 KB 6ms
6ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/window_focus_fy2019.js

Requested by

Host: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
URL: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 19:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 682
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Oct 2021 19:52:34 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2ED2 1 KB
749 B 21ms
6ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
URL: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 08 Oct 2021 08:58:57 GMT
expires: Sat, 09 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 39899
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58A1 123 KB
38 KB 60ms
23ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
URL: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633547226118934"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Oct 2021 20:03:56 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 58A1 14 KB
6 KB 7ms
6ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
URL: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

cafe /

Resource Hash

51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 19:56:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6219
x-xss-protection: 0
server: cafe
etag: 4041254270185007295
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Oct 2021 19:56:33 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 58A1 22 KB
7 KB 7ms
7ms Script
text/javascript 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
URL: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 18:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 93793
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 07 Oct 2022 18:00:43 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 2ED2
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENGLmHuN2Tkww8uFAIBYmyw&google_cver=1&google_push=AYg5qPItYnRRMTJ5hI_yj5mtMlQeQ_tL8JjoGTZQE7JT9rh91GYf5sUe8fXy1D4jCj9DQvTRkP4rQdzX-M7kj5GxtOj6zjDCZQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzAzMjUzMzE0NDk1NTkzMTU3Mw==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEDX5NKu0TYc_R8cTTG9zNUw&google_cver=1

43 B
407 B

14ms
13ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEDX5NKu0TYc_R8cTTG9zNUw&google_cver=1
Requested by: Host: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
URL: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 20:03:56 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 08 Oct 2021 20:03:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEDX5NKu0TYc_R8cTTG9zNUw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 2ED2 0
104 B 74ms
23ms Image
text/plain 63.215.202.137
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMANaqqHBJcEMM72VFwCdDs&google_cver=1&google_push=AYg5qPL__iQ1wyrODfv0RGA0MJLr-fXf8qnmAmgYb788Dyxx3wWv1ETY_SMNOLY5VFUaINtd722wFTH7ftDrS6l_hJ9T_kCerw
Requested by: Host: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
URL: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams01-usadmm.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 20:03:56 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2ED2
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEO8-xh0FbWw57pYHltHdERI&google_cver=1&google_push=AYg5qPKw5fasTla6fBiTrl37FsmbvDnrsgEDIsVTbJmRtQvlYRH0IVWaBR07rtlSPxXEBXVbe0NLwTw7-ps5WDMjTZOP09PN
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3C029A37C05E41C4883021AED2F3CABA&google_push=AYg5qPKw5fasTla6fBiTrl37FsmbvDnrsgEDIsVTbJmRtQvlYRH0IVWaBR07rtlSPxXEBXVbe0NLwTw7-ps5WDM...

170 B
188 B

43ms
23ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3C029A37C05E41C4883021AED2F3CABA&google_push=AYg5qPKw5fasTla6fBiTrl37FsmbvDnrsgEDIsVTbJmRtQvlYRH0IVWaBR07rtlSPxXEBXVbe0NLwTw7-ps5WDMjTZOP09PN

Requested by

Host: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
URL: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 20:03:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Oct 2021 20:03:56 GMT
x-content-type-options: nosniff
server: openresty
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=3C029A37C05E41C4883021AED2F3CABA&google_push=AYg5qPKw5fasTla6fBiTrl37FsmbvDnrsgEDIsVTbJmRtQvlYRH0IVWaBR07rtlSPxXEBXVbe0NLwTw7-ps5WDMjTZOP09PN
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 07 Oct 2021 20:03:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2ED2
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESELfW-ocVL3HkvsNTa9crDmk&google_cver=1&google_push=AYg5qPIlzw9EmNVojapSER5IEOCxxvqDCrcwRckupV4tsTYKDdI5CZa-kxsOokBbfBmeTgg5iP-aZr1ObpGcDKct1dqt...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESELfW-ocVL3HkvsNTa9crDmk&google_cver=1&google_push=AYg5qPIlzw9EmNVojapSER5IEOCxxvqDCrcwRckupV4tsTYKDdI5CZa-kxsOokBbfBmeTgg5iP-aZr1ObpGcDK...
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=73636452-4f2b-4344-a217-ce0951c9ada4
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=73636452-4f2b-4344-a217-ce0951c9ada4
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=c9d906aa-df7a-4728-8732-29b2c946bc72&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIlzw9EmNVojapSER5IEOCxxvqDCrcwRckupV4tsTYKDdI5CZa-kxsOokBbfBmeTgg5iP-aZr1ObpGcDKct1dqt0Zx_7w&google_hm=c2NkUk8rQ0SiF84JUcmtpA==

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIlzw9EmNVojapSER5IEOCxxvqDCrcwRckupV4tsTYKDdI5CZa-kxsOokBbfBmeTgg5iP-aZr1ObpGcDKct1dqt0Zx_7w&google_hm=c2NkUk8rQ0SiF84JUcmtpA==

Requested by

Host: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
URL: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 20:03:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPIlzw9EmNVojapSER5IEOCxxvqDCrcwRckupV4tsTYKDdI5CZa-kxsOokBbfBmeTgg5iP-aZr1ObpGcDKct1dqt0Zx_7w&google_hm=c2NkUk8rQ0SiF84JUcmtpA==
Date: Fri, 08 Oct 2021 20:03:56 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2ED2
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELtEC0a9cfRByuT2zUB41wI&google_cver=1&google_push=AYg5qPL-IjQbFFhGuFaoVDHycPbGhHvk-NWcQlLZRhBAitFp8-hFkeQOTvKj58CHD_8Lc-4CkTiclGTKUVzs330cGIUiXF3-Ew
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL-IjQbFFhGuFaoVDHycPbGhHvk-NWcQlLZRhBAitFp8-hFkeQOTvKj58CHD_8Lc-4CkTiclGTKUVzs330cGIUiXF3-Ew&google_hm=MjM5NDQ2NjQyODg4NjY3NzYy...

170 B
188 B

23ms
22ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL-IjQbFFhGuFaoVDHycPbGhHvk-NWcQlLZRhBAitFp8-hFkeQOTvKj58CHD_8Lc-4CkTiclGTKUVzs330cGIUiXF3-Ew&google_hm=MjM5NDQ2NjQyODg4NjY3NzYyNw%3D%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 20:03:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Oct 2021 20:03:57 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPL-IjQbFFhGuFaoVDHycPbGhHvk-NWcQlLZRhBAitFp8-hFkeQOTvKj58CHD_8Lc-4CkTiclGTKUVzs330cGIUiXF3-Ew&google_hm=MjM5NDQ2NjQyODg4NjY3NzYyNw%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2ED2
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEFQqUphvyJUzOqb1asj4nZg&google_cver=1&google_push=AYg5qPJ-VT9ub00GI00cPXHUqfx07yikjmE32HY_SIPtJ4b487OtSb-m3gX9L7oAfNaRE-FVrG9tZY1T...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEFQqUphvyJUzOqb1asj4nZg&google_cver=1&google_push=AYg5qPJ-VT9ub00GI00cPXHUqfx07yikjmE32HY_SIPtJ4b487OtSb-m3gX9L7oAfNaRE-FVrG9...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjE3MDg3MTY5OTA2OTM0NTYwOA&google_push=AYg5qPJ-VT9ub00GI00cPXHUqfx07yikjmE32HY_SIPtJ4b487OtSb-m3gX9L7oAfNaRE-FVrG9tZY...

170 B
188 B

23ms
22ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjE3MDg3MTY5OTA2OTM0NTYwOA&google_push=AYg5qPJ-VT9ub00GI00cPXHUqfx07yikjmE32HY_SIPtJ4b487OtSb-m3gX9L7oAfNaRE-FVrG9tZY1Te3HlLhe0uh59bSP53g

Requested by

Host: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
URL: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 20:03:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Oct 2021 20:03:56 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjE3MDg3MTY5OTA2OTM0NTYwOA&google_push=AYg5qPJ-VT9ub00GI00cPXHUqfx07yikjmE32HY_SIPtJ4b487OtSb-m3gX9L7oAfNaRE-FVrG9tZY1Te3HlLhe0uh59bSP53g
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2ED2
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEOGMhZ6vMhXucPj_XpM6Rbg&google_cver=1&google_push=AYg5qPKNIA9OTBxDUVZW0E0zeJM2Z9Fb2R24xe5cp5OCDXqPOE67HZHIDDlM1z_lliBy7Ao-CYZVNixP2pClHft4...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKNIA9OTBxDUVZW0E0zeJM2Z9Fb2R24xe5cp5OCDXqPOE67HZHIDDlM1z_lliBy7Ao-CYZVNixP2pClHft4gmwMnWASqg

170 B
329 B

16ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKNIA9OTBxDUVZW0E0zeJM2Z9Fb2R24xe5cp5OCDXqPOE67HZHIDDlM1z_lliBy7Ao-CYZVNixP2pClHft4gmwMnWASqg

Requested by

Host: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
URL: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 20:03:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Oct 2021 20:03:56 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKNIA9OTBxDUVZW0E0zeJM2Z9Fb2R24xe5cp5OCDXqPOE67HZHIDDlM1z_lliBy7Ao-CYZVNixP2pClHft4gmwMnWASqg
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: JuKf6plEGqr8Y5jaUxJTO34fu9qbBrFWYGvcE13syIIBQ1jiThqcyw==

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 2ED2 0
253 B 37ms
14ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JEqVkI5DRfMJwq-VKTRjOz_EVetBHki51RcfLjogu7u5dxjTU00aS8eQfIKttbHCuZTJMh

Requested by

Host: d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
URL: https://d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 58A1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a38f382e5489730af1b1ddfbaef023cd6db5f2d0a1d6b25945e342a127b6aab9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 1494 64 KB
8 KB 37ms
21ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g5bhep56zhzx7xz2ybe8shqmw0rmfz11j338vmf9jecf2vm0292e6rkxvpf9sf5jt2a8gbq9nwgyk9p84tz4wn6qxb9g8n9tfk4gyk0xm454dr3w58dhsktqdq7ydqj8h50hdaqrs7yctnmdv23zyevg7cc7dy44mn91ddqecdfjxgcjjr4mngzpapkrkcz79kr6pjwy3tcnxrsee5y546e4zkr98nw470kqxmwnxf30mgp9q8dt24k2gg21qx20h98rsqsw0y7jst71gxj5c4383yshyh2fxpreth6rmvh4tznynnfhkk88m0k8qjd7hj6y9aaznje2wmtj975yerkm0apvhx5e7f7wekkg836fpjjsss3gf89rn69vr4tzgpp2tr647xyqwj8p2wsr06v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%26client%3Dca-pub-5475785420405214%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g5bhep56zhzx7xz2ybe8shqmw0rmfz11j338vmf9jecf2vm0292e6rkxvpf9sf5jt2a8gbq9nwgyk9p84tz4wn6qxb9g8n9tfk4gyk0xm454dr3w58dhsktqdq7ydqj8h50hdaqrs7yctnmdv23zyevg7cc7dy44mn91ddqecdfjxgcjjr4mngzpapkrkcz79kr6pjwy3tcnxrsee5y546e4zkr98nw470kqxmwnxf30mgp9q8dt24k2gg21qx20h98rsqsw0y7jst71gxj5c4383yshyh2fxpreth6rmvh4tznynnfhkk88m0k8qjd7hj6y9aaznje2wmtj975yerkm0apvhx5e7f7wekkg836fpjjsss3gf89rn69vr4tzgpp2tr647xyqwj8p2wsr06v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%26client%3Dca-pub-5475785420405214%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 113314
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 07 Oct 2021 12:35:22 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 69b1f9b8ca154138-PRG
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 1494 36 KB
13 KB 34ms
25ms Script
application/javascript 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g5bhep56zhzx7xz2ybe8shqmw0rmfz11j338vmf9jecf2vm0292e6rkxvpf9sf5jt2a8gbq9nwgyk9p84tz4wn6qxb9g8n9tfk4gyk0xm454dr3w58dhsktqdq7ydqj8h50hdaqrs7yctnmdv23zyevg7cc7dy44mn91ddqecdfjxgcjjr4mngzpapkrkcz79kr6pjwy3tcnxrsee5y546e4zkr98nw470kqxmwnxf30mgp9q8dt24k2gg21qx20h98rsqsw0y7jst71gxj5c4383yshyh2fxpreth6rmvh4tznynnfhkk88m0k8qjd7hj6y9aaznje2wmtj975yerkm0apvhx5e7f7wekkg836fpjjsss3gf89rn69vr4tzgpp2tr647xyqwj8p2wsr06v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%26client%3Dca-pub-5475785420405214%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Fri, 08 Oct 2021 20:03:56 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26277
x-guploader-uploadid: ADPycdu6yMPwbwZn7TY_03P84OpHuTyAI4k1gNNxOVDhneYwyeUPS6O7Y0wUdh49smMA_m4-vhs9R1Qno0AoNs74_5dyMQbETw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 08 Oct 2021 12:45:15 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAWW1RbdpZ1YBNDuxQEvZx7RY0YYKQivtn%2BYuj%2FpWRWKPmqBmGy09tmuGGXj2uYmXoX%2B%2FAq%2BRzS4Yaq0zhgHvqByxYqzyCGSRVQib8XPcoO%2BFdaZaA0fVEY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1633697115827754
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 69b1f9b8bff6f9d2-PRG
expires: Fri, 08 Oct 2021 12:45:59 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1494 3 KB
4 KB 56ms
19ms Image
image/png 104.26.7.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Fri, 08 Oct 2021 20:03:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10481043
x-guploader-uploadid: ABg5-UxHcnICLk7b7YkQQi88NGVF0WMcchfK1mG4dUlgFuCeLMEQbekxBAvPJ_LFWK4ZMOrhD-KiD3x1E9pCiaLs4VNde3QtWA
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfUTAKUdr0EXRJJk4YEZrBP3ImtS3bpLWdqDaGtpYCbo2hTzhX4UeuS%2BWkQiOmJDnStS%2BLIZtw0e0TgTF6BJIo5JB%2FkHdENe7fkL7EKokPZePPhjucR4AkzuOj6abgxx9GXOB0uN"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 69b1f9b92e962780-PRG
expires: Thu, 09 Jun 2022 12:39:14 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 8CDD 2 KB
2 KB 19ms
18ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 08 Oct 2021 20:03:56 GMT
content-type: text/html
x-guploader-uploadid: ABg5-Uwn3myKqNzKJaXHyUiZqbP8NSrxOcbkyaRD5NRgbFtq-4RIcqJ4vnL2qiKZKS--51-luBSbS_wwXQ-ancMVjw
expires: Fri, 08 Oct 2021 21:03:56 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 1175479
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vj1C9gBbz2qmMZ7%2Buj4P0bp6NYfd05SzY4hksefxE1m%2FWQnaMAwoDs4sGTE8EodH9%2FaZoLytpENDQU05EhPkiKKYn3Tw4XbdJEzRQAajBZCrYgU%2Fqx5fGew%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 69b1f9b8fa2c4138-PRG
content-encoding: br

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 62ms
40ms Preflight
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 08 Oct 2021 20:03:57 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-fx4g
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n3WhlloqwU91La4CiU5uoXgc3i24dVGOUzlF7UfBBLeV1gysortq%2BcoZv6eBffZjcoLP2yJ65hXk1MHMF%2BvPpSjkxhYkhHffyX%2Boz1FoH9uxG9vEe%2BA0VBI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69b1f9b95c65411f-PRG

POST
H3 200 rs Show response
ad4m.at/ Frame 1494 2 KB
2 KB 43ms
43ms XHR
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9c22caa07715ebeac72b510c4e147a138c1eba6bf4f2c8a7c7e07b5fe465be

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 69b1f9b99c80411f-PRG
date: Fri, 08 Oct 2021 20:03:57 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBrp30eH3s%2FEkh97B7bqlj1MpO158Feqp7pioM9JkXJHOqc4zK4LF5otix6xKEIvJsMYNmi%2FV81ygaXG7Si%2FeunjP3E0t71wf1lbHM9fccXS404QqbQFVao%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-fx4g

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 11F1 6 KB
4 KB 32ms
32ms Document
text/html 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=CX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWY&g=bb6a9a04458b0e97130553a9a5240704%2F10317237492547098759&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633723437076&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf6cbq5ka4t4d446q5s262esymxy5tv78ejgfg3vq08hqfs11jgxpd0sa82zf69nnqw9b4w2j802cjfbgaweycgdfr4tf67932v7nj553g0y6msa8h2gt22rxkj28m2besagdb9fz1da64cnmq1ha63hnscn3969w0qdfcn8a3dfj4w9xkdwbznwkkt49kcza71xb75h5bae92vg85cb1z8ecq9gr5dbfptnsd39s71h7g0cskstwnj8evgczq8762dh9wrfzvsj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%252526client%25253Dca-pub-5475785420405214%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa51e60ceeb1993bfe2dae1184840284bc752c2ca245b1874a449687496bf10d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=CX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWY&g=bb6a9a04458b0e97130553a9a5240704%2F10317237492547098759&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633723437076&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf6cbq5ka4t4d446q5s262esymxy5tv78ejgfg3vq08hqfs11jgxpd0sa82zf69nnqw9b4w2j802cjfbgaweycgdfr4tf67932v7nj553g0y6msa8h2gt22rxkj28m2besagdb9fz1da64cnmq1ha63hnscn3969w0qdfcn8a3dfj4w9xkdwbznwkkt49kcza71xb75h5bae92vg85cb1z8ecq9gr5dbfptnsd39s71h7g0cskstwnj8evgczq8762dh9wrfzvsj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%252526client%25253Dca-pub-5475785420405214%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1g5bhep56zhzx7xz2ybe8shqmw0rmfz11j338vmf9jecf2vm0292e6rkxvpf9sf5jt2a8gbq9nwgyk9p84tz4wn6qxb9g8n9tfk4gyk0xm454dr3w58dhsktqdq7ydqj8h50hdaqrs7yctnmdv23zyevg7cc7dy44mn91ddqecdfjxgcjjr4mngzpapkrkcz79kr6pjwy3tcnxrsee5y546e4zkr98nw470kqxmwnxf30mgp9q8dt24k2gg21qx20h98rsqsw0y7jst71gxj5c4383yshyh2fxpreth6rmvh4tznynnfhkk88m0k8qjd7hj6y9aaznje2wmtj975yerkm0apvhx5e7f7wekkg836fpjjsss3gf89rn69vr4tzgpp2tr647xyqwj8p2wsr06v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%26client%3Dca-pub-5475785420405214%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g5bhep56zhzx7xz2ybe8shqmw0rmfz11j338vmf9jecf2vm0292e6rkxvpf9sf5jt2a8gbq9nwgyk9p84tz4wn6qxb9g8n9tfk4gyk0xm454dr3w58dhsktqdq7ydqj8h50hdaqrs7yctnmdv23zyevg7cc7dy44mn91ddqecdfjxgcjjr4mngzpapkrkcz79kr6pjwy3tcnxrsee5y546e4zkr98nw470kqxmwnxf30mgp9q8dt24k2gg21qx20h98rsqsw0y7jst71gxj5c4383yshyh2fxpreth6rmvh4tznynnfhkk88m0k8qjd7hj6y9aaznje2wmtj975yerkm0apvhx5e7f7wekkg836fpjjsss3gf89rn69vr4tzgpp2tr647xyqwj8p2wsr06v&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%26client%3Dca-pub-5475785420405214%26adurl%3D

Response headers

date: Fri, 08 Oct 2021 20:03:57 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 69b1f9b9eac44138-PRG
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 11F1 64 KB
8 KB 21ms
20ms Stylesheet
text/css 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=CX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWY&g=bb6a9a04458b0e97130553a9a5240704%2F10317237492547098759&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633723437076&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf6cbq5ka4t4d446q5s262esymxy5tv78ejgfg3vq08hqfs11jgxpd0sa82zf69nnqw9b4w2j802cjfbgaweycgdfr4tf67932v7nj553g0y6msa8h2gt22rxkj28m2besagdb9fz1da64cnmq1ha63hnscn3969w0qdfcn8a3dfj4w9xkdwbznwkkt49kcza71xb75h5bae92vg85cb1z8ecq9gr5dbfptnsd39s71h7g0cskstwnj8evgczq8762dh9wrfzvsj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%252526client%25253Dca-pub-5475785420405214%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=CX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWY&g=bb6a9a04458b0e97130553a9a5240704%2F10317237492547098759&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633723437076&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf6cbq5ka4t4d446q5s262esymxy5tv78ejgfg3vq08hqfs11jgxpd0sa82zf69nnqw9b4w2j802cjfbgaweycgdfr4tf67932v7nj553g0y6msa8h2gt22rxkj28m2besagdb9fz1da64cnmq1ha63hnscn3969w0qdfcn8a3dfj4w9xkdwbznwkkt49kcza71xb75h5bae92vg85cb1z8ecq9gr5dbfptnsd39s71h7g0cskstwnj8evgczq8762dh9wrfzvsj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%252526client%25253Dca-pub-5475785420405214%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 20:03:57 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 113315
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 07 Oct 2021 12:35:22 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 69b1f9ba2aef4138-PRG
cf-bgj: minify

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 11F1 18 KB
19 KB 53ms
43ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=CX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWY&g=bb6a9a04458b0e97130553a9a5240704%2F10317237492547098759&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633723437076&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf6cbq5ka4t4d446q5s262esymxy5tv78ejgfg3vq08hqfs11jgxpd0sa82zf69nnqw9b4w2j802cjfbgaweycgdfr4tf67932v7nj553g0y6msa8h2gt22rxkj28m2besagdb9fz1da64cnmq1ha63hnscn3969w0qdfcn8a3dfj4w9xkdwbznwkkt49kcza71xb75h5bae92vg85cb1z8ecq9gr5dbfptnsd39s71h7g0cskstwnj8evgczq8762dh9wrfzvsj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%252526client%25253Dca-pub-5475785420405214%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Fri, 08 Oct 2021 20:03:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101622
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdvBijF5DX-CKiEY87u8_lPniihSHbZo7XOpTuPKFkZifSM1B9KHGCb-0UZs-qM-5xt95pzdc15zz6cGMJj1lZI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIzW53ZXhadca1BNpixebvMky3D7yU99Ks330Zj8MDKavuSU8wiAMOqHkhLMKLZmwC4tIUudreqRLIMKn7CHTodyFLCSbe2oinVUe6rYuv39F6GXGWyQ%2F1fcqXG3mXQr"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Sat, 09 Oct 2021 20:03:57 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 69b1f9ba48bef9d2-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 11F1 2 KB
2 KB 39ms
30ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=CX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWY&g=bb6a9a04458b0e97130553a9a5240704%2F10317237492547098759&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633723437076&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf6cbq5ka4t4d446q5s262esymxy5tv78ejgfg3vq08hqfs11jgxpd0sa82zf69nnqw9b4w2j802cjfbgaweycgdfr4tf67932v7nj553g0y6msa8h2gt22rxkj28m2besagdb9fz1da64cnmq1ha63hnscn3969w0qdfcn8a3dfj4w9xkdwbznwkkt49kcza71xb75h5bae92vg85cb1z8ecq9gr5dbfptnsd39s71h7g0cskstwnj8evgczq8762dh9wrfzvsj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%252526client%25253Dca-pub-5475785420405214%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Fri, 08 Oct 2021 20:03:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 92178
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdsxlXIqdGQ10Y-xx4RWkwWeUh9uJNnZblASP3VuUEZKQvAVzHJlJydgs6ez4GUkl9lw7RKt33RQQu1brTxvF2V1TdZqFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3by5vRNXmiuAdVjDMDMg1JdetYidAqlKqy%2FGHaf9chcu5CtGtiUcrnvqyy36AV4607ENq3eN9Yg5QrtCHldqZ3lMDMHvQh5lIhAgCoJVxKqDK1L1cQIwu%2B5mj5zyPcwe"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Sat, 09 Oct 2021 20:03:57 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 69b1f9ba38baf9d2-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 11F1 43 B
702 B 56ms
35ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__asuidCX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWYasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Oct 2021 20:03:57 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 11F1 38 KB
39 KB 39ms
31ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=CX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWY&g=bb6a9a04458b0e97130553a9a5240704%2F10317237492547098759&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633723437076&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf6cbq5ka4t4d446q5s262esymxy5tv78ejgfg3vq08hqfs11jgxpd0sa82zf69nnqw9b4w2j802cjfbgaweycgdfr4tf67932v7nj553g0y6msa8h2gt22rxkj28m2besagdb9fz1da64cnmq1ha63hnscn3969w0qdfcn8a3dfj4w9xkdwbznwkkt49kcza71xb75h5bae92vg85cb1z8ecq9gr5dbfptnsd39s71h7g0cskstwnj8evgczq8762dh9wrfzvsj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%252526client%25253Dca-pub-5475785420405214%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Fri, 08 Oct 2021 20:03:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 92959
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdv5V2VwCtQdmzAfRV3IygIGhc52h2nwgPW3FhrGWS6klUNgv8hIzxtfhxL_vrJnTlAIEKne_IfwcAZaS7_MXHs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6402xmTp4ExvPrYUdkS1JKTjUOLq2lDRyve7vBoVfM4%2BPJBQPguVa44SmzG46xnbYXTceiBxtt0XaRoNzHtwd6qiyd6kIv72PaPazucr%2BtYpSaaq0K7Lk1D%2BEEDFBZ2s"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Sat, 09 Oct 2021 20:03:57 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 69b1f9ba38b8f9d2-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 11F1 113 KB
113 KB 51ms
43ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=CX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWY&g=bb6a9a04458b0e97130553a9a5240704%2F10317237492547098759&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633723437076&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf6cbq5ka4t4d446q5s262esymxy5tv78ejgfg3vq08hqfs11jgxpd0sa82zf69nnqw9b4w2j802cjfbgaweycgdfr4tf67932v7nj553g0y6msa8h2gt22rxkj28m2besagdb9fz1da64cnmq1ha63hnscn3969w0qdfcn8a3dfj4w9xkdwbznwkkt49kcza71xb75h5bae92vg85cb1z8ecq9gr5dbfptnsd39s71h7g0cskstwnj8evgczq8762dh9wrfzvsj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%252526client%25253Dca-pub-5475785420405214%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Fri, 08 Oct 2021 20:03:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 99728
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdubCB_MqMJLzkyG9P_d-6ilaqovBpTQkHODzmtHhVNAClNJtgU61vb4U8N4C0Qf3uzWm5x1PlT7Xk-wrlHBVA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgmRXTDsHdhJLVrnwU%2FisIh0uAb6xFPnGiNopQ04jLGTTKFCRtEISjtZ5PToJVCohMSZrwONrRFDk9%2FGCpkR%2BVBaVbV4JfG2geB0HjjI4vUeEmjcK9Uq2Bm3yA1rIo3c"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Sat, 09 Oct 2021 20:03:57 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 69b1f9ba48bdf9d2-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 11F1 43 B
702 B 53ms
32ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__asuidCX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWYasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Oct 2021 20:03:57 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 11F1 8 KB
9 KB 50ms
42ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=CX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWY&g=bb6a9a04458b0e97130553a9a5240704%2F10317237492547098759&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633723437076&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf6cbq5ka4t4d446q5s262esymxy5tv78ejgfg3vq08hqfs11jgxpd0sa82zf69nnqw9b4w2j802cjfbgaweycgdfr4tf67932v7nj553g0y6msa8h2gt22rxkj28m2besagdb9fz1da64cnmq1ha63hnscn3969w0qdfcn8a3dfj4w9xkdwbznwkkt49kcza71xb75h5bae92vg85cb1z8ecq9gr5dbfptnsd39s71h7g0cskstwnj8evgczq8762dh9wrfzvsj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%252526client%25253Dca-pub-5475785420405214%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Fri, 08 Oct 2021 20:03:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 92953
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycds-K6vtVLL-5DWksQuWj-STuGjD8YI1h2rLLHsBC07nFjBSw8cVgQV4oG886qbmT5YK0pjVGZ-0PZhAcSPq_F8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1GDJuZsqCCjLDO%2FZIapFdzl4150Gzl%2FR%2BPrAE0%2FQzU8zmGifPEEsm0Lss7m5JJfQsRDmc3gLAkAdjarDD1CWS%2FNdIln5yjKPxomfn7jKUZPpUZFvXK70wbV3sRAURAT"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Sat, 09 Oct 2021 20:03:57 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 69b1f9ba38b9f9d2-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame 11F1 35 KB
35 KB 32ms
25ms Image
image/webp 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=CX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWY&g=bb6a9a04458b0e97130553a9a5240704%2F10317237492547098759&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633723437076&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf6cbq5ka4t4d446q5s262esymxy5tv78ejgfg3vq08hqfs11jgxpd0sa82zf69nnqw9b4w2j802cjfbgaweycgdfr4tf67932v7nj553g0y6msa8h2gt22rxkj28m2besagdb9fz1da64cnmq1ha63hnscn3969w0qdfcn8a3dfj4w9xkdwbznwkkt49kcza71xb75h5bae92vg85cb1z8ecq9gr5dbfptnsd39s71h7g0cskstwnj8evgczq8762dh9wrfzvsj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%252526client%25253Dca-pub-5475785420405214%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date: Fri, 08 Oct 2021 20:03:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 92755
cf-polished: qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid: ADPycdt624LKLdd8TTLCa2oRczwgwVV7NusdOAH2Kd2_4vaSco-IgwdsiuZhEvDOMhOyeNviW6HbGT6TSQKjvDTlbi2tMGsK0w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35504
last-modified: Wed, 19 Feb 2020 17:37:15 GMT
server: cloudflare
etag: "9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6RfzEB4gbqT00YQOaV5dmegeMzc7nAmbef5V3LtIVX7sdLQKQmXFRfs2BwvtyjiY%2BeUh4eT%2BqBfmxt5ZqdIPI9KMWxqrK%2BwNqwUWWIACrNlpw8I1dfbNFukDk3lsMsZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1582133835673152
content-type: image/webp
expires: Sat, 09 Oct 2021 20:03:57 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 40264
accept-ranges: bytes
cf-ray: 69b1f9ba38b7f9d2-PRG
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 11F1
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKeZiYnOu_MCFe_quwgdc1sNnw;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidCX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWYasuid__dc_reach_suite02wkz&gdpr_cons...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633723437_dee512a0-2872-11ec-bef8-692d023ad792

0
518 B

40ms
10ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633723437_dee512a0-2872-11ec-bef8-692d023ad792
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=CX3tHK8rZ60W0jmUB2LdOFWAJg8Y0dWY&g=bb6a9a04458b0e97130553a9a5240704%2F10317237492547098759&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633723437076&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jf6cbq5ka4t4d446q5s262esymxy5tv78ejgfg3vq08hqfs11jgxpd0sa82zf69nnqw9b4w2j802cjfbgaweycgdfr4tf67932v7nj553g0y6msa8h2gt22rxkj28m2besagdb9fz1da64cnmq1ha63hnscn3969w0qdfcn8a3dfj4w9xkdwbznwkkt49kcza71xb75h5bae92vg85cb1z8ecq9gr5dbfptnsd39s71h7g0cskstwnj8evgczq8762dh9wrfzvsj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCt_aqLKRgYbblIZil-gbT5L_YCZDhgYRctqjCivACwI23ARABIABgleKngrAHggEXY2EtcHViLTU0NzU3ODU0MjA0MDUyMTSgAcKu6N0DyAEJqQLemunIlmmzPuACAKgDAaoEgwJP0GKSQ9w0bg1_oCmT5ckHfx6uP7rIO3GHRWRsMri1-tuv6B5fT9VrN52nZcL4DBLaOcr9W2MELBcVDPi1OiHFw5JNn4Cda_SmMvNxhYj-ZZoGDMNPykmptruBbBHgKh4WgNiARquwckudQ6hISIRurGTV1zpyj2YnzJkGKbwldV14-K-MggokKAzJxw6GQLCny1ChXojkXbIN7IUdBWQ59GlQUIzZCofjrA_MqNy4Xm0h7cZuJySp1wncEKkPPGRW2xyrRthpT7YsauyaAAyU3TslUlVHAO8-faQfUqAFmJXi8LbY-2PawBAl0ahUyvA8yRTtMfgjuTjBrv7g0mWDCE5Y4AQBgAbxur7BzIOftfwBoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2UCs2BFYOOVpCeRPAcn9attFGiIQ%252526client%25253Dca-pub-5475785420405214%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Oct 2021 20:03:57 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Fri, 08 Oct 2021 20:03:57 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633723437_dee512a0-2872-11ec-bef8-692d023ad792
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7825 12 KB
5 KB 35ms
13ms Document
text/html 142.250.185.65
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.65 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 08 Oct 2021 15:17:31 GMT
expires: Sat, 08 Oct 2022 15:17:31 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 141D 783 B
534 B 51ms
23ms Document
text/html 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

GSE /

Resource Hash

3daa57c76e3cae71b8e93304dfdb6b424dfdfddda18aabe95ec036204cf6444e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9SSySVU1NluFmHthGS+zBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 08 Oct 2021 20:03:57 GMT
date: Fri, 08 Oct 2021 20:03:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-9SSySVU1NluFmHthGS+zBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7825 35 KB
13 KB 7ms
6ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 15:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 08 Oct 2022 15:56:39 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 141D 0
0 59ms
59ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021100401&jk=3137637217218611&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021100401&jk=3137637217218611&bg=!z8ylzIjNAAbGFvHlxhY7ACkAdvg8WouUQSE46NMAKxmHgwnZXdC7d-N23VoeVz73NHsK5Dk275AoiwIAAABuUgAAAAtoAQcKAE4itxCNwyGiacB_u_5UDowwHMnu9CHmmJFqLeaKjHcz5HEO2K1Om28-mbENgaJ3PzfVcIByw_RVaDAZhoSZ8omphtldxnTYxFz0FoMK5aeZArkJT2WyOP4bLeiyrz1LNA-p93uUXQGXR013tse-u03pUAa2aIIOvIIto6BtnGy1e3-OsdA4Y9Sp88Ygrh6o1BGuN20FN9sSDoQC3RRaWdEJttmPzL3eRPeskPvOd9Y6nYwXW21_Vo225IUMu6JtqtbOyzTAmBSeIhRMQ9_iM_QEc91KFrnzzJaGfqlGvPQveNQHinuNaMZz11zxz7q7OH8Mfw8iA4wmeG6ZTjLidJ7sAambVZmcTE8w1H48O_y_dX8AEh5N1MSFZfBlHZXvxUrDYokkeo3kzPLDyFqYt7Dp7zcoTAkSIOZnG7a-eRkVDnUNwsJBfM2489pVmZFyjv6SKIwb96ZV17FoBb51X4Eu4SRqBCoPMhxpz_XgoIpCiPWi1Lpm_Yx4FnQ9NCo90J_3aOnatwnGnRiEDPfacCGhBCVns24pQBA2cOdXyc2ArMrYLTIpYDFv06K-cuvgwyNLLU0ywERTwfI3Q-4MHTHLhMzvEFLh2ohZ0sRop0ey1RqjB1if8hpLCXzmxP2vH51iX4MTqKZgJ9fEesweSIdPVD2L3nY8kSL8ZMiQPMN89lxXjqiV1CJOOb4At66F-HWwq357rPq41d8RBCyC7JZVGVbYUO7uBE2PlfYq-_xOrgLqvzAbQzumIpo-hUISh6tklJw8BX3DcRqdF_HUpeR7e0fwCtpj_jZ02Nh8ZbycB-fIDnzNEHtkkEpMsuLkYUxCHIijvxPb-D68Vk4vx9ShuocCPT6AsSRXZ7R-xpPuf1tHNRBilkn1wphX77C6298k5DUtU_Hm_n70cCopeMpHDfFbSLg9PigKBzzy9UOxNKtZ_4qixJqJTByF9-Ty1SCJfjzMNd20Xbw7IBPR9JGxKD5iBK6N8s3r40DSZtXQ4B6xPITl0USfXiO35JljQI5WLK1X4A67RB8L

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Oct 2021 20:03:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rum
ifunny.co/api/v1/ 2 B
821 B 110ms
109ms Ping
application/json 38.134.113.246
XL-103-397341

General

Check archive.org

Show headers Download Go to

Full URL

https://ifunny.co/api/v1/rum

Requested by

Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/46.46826402.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

38.134.113.246 , United States, ASN397341 (XL-103-397341, US),

Reverse DNS

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://ifunny.co
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: x-csrf-token=09f5bd1eb58aa551af9e2bf51ab88783; CID=d5c294d5c3e954901e4e7e45d985de20ad84f294fbefcf154840604f3880b5ae.b3080ddb3364be01; sound=off; _gcl_au=1.1.1628513621.1633723435; _ga=GA1.2.132914038.1633723436; _gid=GA1.2.1962299911.1633723436; _gat_gtag_UA_23094255_1=1; __gads=ID=be132ac0ebc136d5:T=1633723436:S=ALNI_MZ1tjG2i84BeFVeUiCQpNvXwUmKPQ
content-length: 659
:path: /api/v1/rum
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: ifunny.co
referer: https://ifunny.co/video/BtVIBMWT8?s=cl
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://ifunny.co/video/BtVIBMWT8?s=cl
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Oct 2021 20:03:57 GMT
x-content-type-options: nosniff
app-version: website_ifunny-release_web_05.10.2021-73
surrogate-control: no-store
cross-origin-resource-policy: same-origin
content-length: 2
pragma: no-cache
referrer-policy: same-origin
server: nginx
cross-origin-opener-policy: same-origin
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://ifunny.co
access-control-expose-headers: x-requested-with, x-csrf-token
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers: x-requested-with, x-csrf-token
expires: 0

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ifunny.co/	1969-12-31 23:59:59	Name: x-csrf-token Value: 09f5bd1eb58aa551af9e2bf51ab88783
ifunny.co/	1970-01-20 06:34:19	Name: CID Value: d5c294d5c3e954901e4e7e45d985de20ad84f294fbefcf154840604f3880b5ae.b3080ddb3364be01
ifunny.co/	1970-01-20 06:34:19	Name: sound Value: off
.ifunny.co/	1970-01-19 23:58:19	Name: _gcl_au Value: 1.1.1628513621.1633723435
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 0uNJvWNtqKQ
.youtube.com/	1970-01-20 02:07:55	Name: VISITOR_INFO1_LIVE Value: XgORaZ27egw
.ifunny.co/	1970-01-20 15:19:55	Name: _ga Value: GA1.2.132914038.1633723436
.ifunny.co/	1970-01-19 21:50:09	Name: _gid Value: GA1.2.1962299911.1633723436
.ifunny.co/	1970-01-19 21:48:43	Name: _gat_gtag_UA_23094255_1 Value: 1
.doubleclick.net/	1970-01-20 07:10:19	Name: IDE Value: AHWqTUkmejQ_xIf_eNpM65kXd7sgECPfMbgj7KAcfqiHfki-GZwoKjK6u359GvPOreU
.ifunny.co/	1970-01-20 07:10:19	Name: __gads Value: ID=be132ac0ebc136d5:T=1633723436:S=ALNI_MZ1tjG2i84BeFVeUiCQpNvXwUmKPQ
.simpli.fi/	1970-01-20 06:35:45	Name: suid Value: 3C029A37C05E41C4883021AED2F3CABA
.bidswitch.net/	1970-01-20 06:34:19	Name: tuuid Value: 73636452-4f2b-4344-a217-ce0951c9ada4
.bidswitch.net/	1970-01-20 06:34:19	Name: c Value: 1633723436
.bidswitch.net/	1970-01-20 06:34:19	Name: tuuid_lu Value: 1633723436
.turn.com/	1970-01-20 02:07:55	Name: uid Value: 7032533144955931573
.adform.net/	1970-01-19 22:33:21	Name: C Value: 1
.adform.net/	1970-01-19 23:15:07	Name: uid Value: 6170871699069345608
.volvelle.tech/	1970-01-20 06:34:19	Name: ouuid Value: c9d906aa-df7a-4728-8732-29b2c946bc72
.volvelle.tech/	1970-01-20 06:34:19	Name: c Value: 1633723436
.volvelle.tech/	1970-01-20 06:34:19	Name: ouuid_lu Value: 1633723436
.yahoo.com/	1970-01-20 06:34:41	Name: A3 Value: d=AQABBC2kYGECEJAyBEeLNWzvTwFzUsyrM0MFEgEBAQH1YWFqYQAAAAAA_SMAAA&S=AQAAAr3Iol_gqde4xmnyDqAgSmQ
.awin1.com/	1970-01-19 21:51:36	Name: awpv11830 Value: 412871\|1633723437\|ded979e0-2872-11ec-a1d8-692d067fb68d
.awin1.com/	1970-01-19 21:58:48	Name: awpv14098 Value: 412871\|1633723437\|ded9c800-2872-11ec-a1d8-692d067fb68d
.awin1.com/	1970-01-19 21:58:48	Name: awpv11938 Value: 412871\|1633723437\|dee512a0-2872-11ec-bef8-692d023ad792
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-19 21:58:55	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1633723437_dee512a0-2872-11ec-bef8-692d023ad792%22%2C%22sp%22%3A%22awin%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.volvelle.tech
ad.doubleclick.net
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
banner.congstar.de
c1.adform.net
cdn.jsdelivr.net
cm.g.doubleclick.net
d888e0ab57724f7a9fda5ddccab2b422.safeframe.googlesyndication.com
dclk-match.dotomi.com
geoip.ifunny.co
googleads.g.doubleclick.net
ib.adnxs.com
ifunny.co
imageproxy.ifunny.co
img.ifunny.co
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prod-rtb.ad4mat.net
r.turn.com
s.ad.smaato.net
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.ifunny.co
stats.g.doubleclick.net
tpc.googlesyndication.com
um.simpli.fi
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
104.111.239.217
104.16.86.20
104.26.10.209
104.26.11.209
104.26.7.27
13.32.29.62
142.250.181.226
142.250.184.226
142.250.184.230
142.250.185.132
142.250.185.226
142.250.185.65
142.250.185.98
142.250.186.142
142.250.186.162
142.250.186.33
142.250.186.66
142.250.186.78
142.250.186.98
148.251.139.77
169.50.137.190
172.217.16.130
172.217.16.136
172.217.18.99
18.185.143.19
18.66.91.125
185.33.221.15
34.95.89.54
35.210.178.101
37.157.6.245
38.134.113.246
46.228.164.11
52.222.239.126
52.50.110.98
63.215.202.137
63.34.174.201
74.125.71.154
00c2914151af5771584593b003b8734239ab62bb80ca2bcdefcf94fc1fc61476
0298b641a9f8e861a855282482963b09f25d1671a4815061648570b5623bf079
07694290c0035788166e14e9822cd172a6e0e5326b6bad44f7afbba624a965e5
08a4dbce746a8b0f482404296cc2822dff339d2b013d6d527e38888566b401fa
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0be9e04c94f9e0d6b441af41d61e1c9df7db72aeabbbc31d3ebe922105ce457e
219b4d2bda692ffbf76a0073a83b18f89230768b0a1ab3dcd5eb741f4ffaf1fd
2812c8656c4ebfd493881dc02c2ebaea0a55313cb9cb4de4570e4b6e61fb4f41
288a739ac06ce1d99252420602289a33394df63019d455622f427d9997ef354e
2c8fca23c29e1101d29300036cd1f3eeb60212bc95115c45e0f247a31a8c3f97
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
319788c41fa0539e719d78e3d11103a57222a1db1bdfee1bbb97f9dced6faafe
32191e43309fef38360a8880c00eb829f9026a01d3dad4598071ff5ee9c2af86
39b2875be14c84e8bc7d2f2a6ab3a19acca216967561ec0dbaf46b4803da3ba4
3c2808394430f411a74c3afe5866fcc4ffba512d30f61b4361910e302ad494cc
3daa57c76e3cae71b8e93304dfdb6b424dfdfddda18aabe95ec036204cf6444e
43ee6cb7c61d8f2effbe552d50b7848f228c31c6554cbbeabaeac61361c4fc5d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4dc51bea65d10eefbf4b70b3f9d73aa0e46cb0ea9353b1a500e164e6cf771cad
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c
543d88bdd1d3e028a135efa42716ba9dbfffaa704900af4996b0127bbad711fc
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
5c98c0dc715b5aaa5efafacaf4465cb10a481fe212faebbf92d4f4afd5301d00
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
614d3a03223262ffb8ca6686e4070b707fb86031e69f4d59ab1ebe3634de19c0
64372c3fe04082767385d74d69b1044cd8097f2ae94fbd439c56b2936d682fc3
6a9c22caa07715ebeac72b510c4e147a138c1eba6bf4f2c8a7c7e07b5fe465be
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e4372fbe2dee978c0fa5ffe89f4d5d6939a8983c669f8a887b41355afbc732a
751cdce6dd3a080789741ce6f5b49695042cc2cfff6c0a22548b1097b3e30aad
7735473c74192317bc1ec19e17e206f8676d0fa7ea6a0e517300dbfcd99e33cd
7770fb287496ea4c36d2ac2f7ee6200008b73da0ec061c4d7e6d7a591df92fd5
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
803042df438b4611562d9e6968a58bb415555b43ff15cddadd5824ce207516a2
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
93223e792d98bc5a9ebf4f4868b042b8c6d81050ab3f43fabd1dd1ffd48fef21
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06
9e01f54fd5c216747cabcd7d29ab23223b6c345436eeccbca5bbf4cac5f9b2b7
a38f382e5489730af1b1ddfbaef023cd6db5f2d0a1d6b25945e342a127b6aab9
a474447f7af53bc4c712c3086ba43abb4d634fb147a6f0cf599067b8fc7416be
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a822116646eaffae316f23e99358f0dcaa9572454ff22760f978dbd5026e6f6e
ad0d99ab66d0e7ef994cd87cbca6c5f798af142b566fb904327b8f24cc3c7572
adeaa3930fabc8ad10e1cd81885c63c03c1d4a2279c594f7a5cf4af26b0f6d41
aec67abc1addd3c573234fd5e1fcec7196c2bba6dcea8da3523d487adc0a537d
af8de26fca9dc5468d230b5048fa2d9c276c6120b08088cdd03045254f9ee2bb
b63ae50261fb6210436a4ab247e2bfb63b07ea3ed0ca133208a0eb289e8b0b30
b7f5f374cc6e2ba3a029fede25490e53d45ed298ee7ec8fe6fe804c251c59e0b
ba8e50fb8e016c5eaad8fce3c358b570abc2ba0c8d9f58b70c0e85a4b3c83704
c7395cb3e42311d894b6f20d9877912ec71e9d81c63a1292455923588c6e803b
c8914316e6f7f8c481cc2a6a8c37e519c03ea8446f77baf2d3259777ee5debd8
cd0798af7f8b8d1b97a557a4ebb86c609fda290e9088bf70c04b51b919dce596
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d4e8b167006cc320147bf048a7f093f994783b56849c8b3bcdb40adc6017be10
d754073533290c6a7296bac534acf16df3fe695301542dc9994bb6281556a338
d89dd2a0232b5cf2ad7cd223d996658ddd5f01ffd3ba7de5fb63053da61823c4
db4452cf79295f3772941c2b05c9245b18f5fd23c7a39434ad7d80f7819fa597
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e249025ab78c733966097460941fc8c75daa3477726befd603b7d024eef4d158
e3a772f0f8804de0d5a2aca813bac93a040f13d244a257916ecd1c9f28c117d1
e3a97b6fd43e6dd698e7cbb4fa689f68f2779cbcae627152fb67d67abb2b0c73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c85e0a6c4be2aa4a6880effe874a973eae35378e876527bd14e150f00e2ff5
e87eeb7bc51ac0ceae4535f8f12a673612afab79bef97ada62bc9e0a91ac5c06
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
ec77ec2332755bcbbb6980e9f03f5da8ae666ca1c5ebfcbdd5de883c5110778f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0526d3e7df75573569ad4d7963f89e25b49398f00ef5d1d6f8ed1a156d02292
f3d224c09d9a4cf018fb686a2aaa1bb6bdfc0fda5e7f902128d24533c63727e6
f658215fcd2b09b07a9aba5e6bfae200a9b74d4bf9a74a5725358f0e83516734
fa51e60ceeb1993bfe2dae1184840284bc752c2ca245b1874a449687496bf10d
fcb27863737dc031bf195f0d0984f2e10ff5bab72f43238364b01e518474221a
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

ifunny.co Open in urlscan Pro 38.134.113.246 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

113 Requests

100 %HTTPS

0 %IPv6

24 Domains

41 Subdomains

31 IPs

8 Countries

1497 kBTransfer

2949 kBSize

27 Cookies

24 Outgoing links

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ifunny.co Open in urlscan Pro
38.134.113.246 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

100 %
HTTPS

0 %
IPv6

24
Domains

41
Subdomains

31
IPs

8
Countries

1497 kB
Transfer

2949 kB
Size

27
Cookies

113 HTTP transactions
2 data transactions