aubtu.biz Open in urlscan Pro
2606:4700:20::681a:52e  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

• https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.9664933 HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.9664933 HTTP 302
• https://udmserve.net/udm/fetch.pix?dt=1;apnid=3025544780433409412;cb=0.9664933

Request Chain 39

• https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.9664933 HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.9664933&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjc5MjZFOTAtNjJFOC00RTU2LTlDMjQtOUVBRTBEQjM1MkVE&gdpr=0&gdpr_consent= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjc5MjZFOTAtNjJFOC00RTU2LTlDMjQtOUVBRTBEQjM1MkVE&gdpr=0&gdpr_consent=&google_tc= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DF7926E90-62E8-4E56-9C24-9EAE0DB352ED;cb=0.9664933 HTTP 302
• https://udmserve.net/udm/fetch.pix?pmid=F7926E90-62E8-4E56-9C24-9EAE0DB352ED;cb=0.9664933

Request Chain 40

• https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9664933%3Bindx%3D HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9664933%3Bindx%3D&s=199174&C=1 HTTP 302
• https://udmserve.net/udm/fetch.pix?dt=1;cb=0.9664933;indx=Y6bfeG40dTlLdVnEPtp3sQAABF8AAAAB

Request Chain 41

• https://ad.360yield.com/server_match?partner_id=1782&r=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9664933%3Bidid%3D%7BPUB_USER_ID%7D HTTP 302
• https://ad.360yield.com/ul_cb/server_match?partner_id=1782&r=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9664933%3Bidid%3D%7BPUB_USER_ID%7D HTTP 302
• https://udmserve.net/udm/fetch.pix?dt=1;cb=0.9664933;idid=c92282c5-be6b-488f-9ccc-04a0a6a2b588

Request Chain 42

• https://ups.analytics.yahoo.com/ups/58720/occ?cb=0.9664933 HTTP 302
• https://ups.analytics.yahoo.com/ups/58720/occ?cb=0.9664933&verify=true HTTP 302
• https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-gVvxNUdE2uGJR0leLDWE0_6.7.pIGnsPK1l5sZU-~A

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response aubtu.biz/83862/	143 KB 26 KB	1390ms 1309ms	Document text/html	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/83862/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / LarVPS Resource Hash 9fb51c392fabc7adaec79b0cc364a41de97c69ef03abceba8d2e91a70e0b93f2 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-apo-via origin,no-cache cf-cache-status BYPASS cf-ray 77e8ec3fda799bf4-FRA content-encoding br content-type text/html; charset=UTF-8 date Sat, 24 Dec 2022 11:16:07 GMT link <https://aubtu.biz/wp-json/>; rel="https://api.w.org/", <https://aubtu.biz/wp-json/wp/v2/posts/83862>; rel="alternate"; type="application/json", <https://aubtu.biz/?p=83862>; rel=shortlink nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzSoP2WWKOWMHYKfN0ghdkVXAIvmWDNg8rZyyh1DNn%2F9ZD4BNEktsX7qQ764aWQhazqH29VMRQgmutcOll7YaGWUVHTL7tAAOfO3oWrnSlk9y5Z4f1KsKub91Kio6nBQ2r%2Fam%2F%2BW%2FA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-powered-by LarVPS x-rocket-nginx-serving-static MISS x-xss-protection 1; mode=block
GET H2	200	lazyload.min.js Show response aubtu.biz/wp-content/plugins/w3-total-cache/pub/js/	6 KB 3 KB	32ms 30ms	Script application/javascript	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / LarVPS Resource Hash 1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 338368 x-powered-by LarVPS content-encoding br x-rocket-nginx-serving-static MISS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 20 Dec 2022 13:09:53 GMT server cloudflare etag W/"63a1b421-1883" x-download-options noopen vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YZmbdo28Xnmt2cQW2MwkZXFtYXUIGAkOevEvIk6Q8otJ04Jrc%2Ft%2Bo8HE5rWlHDUBkfisvzPJSEZsMincZjwNXVepYkWUQejiuRqj0qidSa%2FWaAl77HL8dlX0qC4jCzHlhtU2Z7mkjw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 77e8ec481a609bf4-FRA expires Thu, 19 Jan 2023 13:16:39 GMT
GET H2	200	style.min.css aubtu.biz/wp-includes/css/dist/block-library/	87 KB 12 KB	32ms 31ms	Stylesheet text/css	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 790936 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public last-modified Thu, 28 Jul 2022 04:02:52 GMT server cloudflare etag W/"62e20a6c-15b64" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ia3UhuoUyiVlwrV8PfChywrp8ycjHG4toXJxcbt7qE%2FHjpdtF9JU1CppBi4KboNrFv2ypK3VQX6EZ%2BYrQ24bZjC6RpVZaHo4Hszqv%2FKGpZvAciwM1prmu8eqEd0sraVA3vGpkwO8Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 77e8ec481a629bf4-FRA expires Sat, 14 Jan 2023 07:33:51 GMT
GET H2	200	single-shortcode.css aubtu.biz/wp-content/plugins/penci-framework/assets/css/	27 KB 4 KB	30ms 29ms	Stylesheet text/css	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/wp-content/plugins/penci-framework/assets/css/single-shortcode.css?ver=6.0.3 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5be0cfb304424105ce3ffe177d44d3685e1f7952b16fcc8b47e72353af6f775c Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 790972 cf-polished origSize=27935 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public cf-bgj minify last-modified Sun, 29 Aug 2021 18:45:48 GMT server cloudflare etag W/"612bd5dc-6d1f" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6mwdfK4VhCKgvQPzDokJxwImWgkoZ9qRclTE2XSZYEiUbi3ibkgPjga%2BpeOMzQCHTkR11or73v0FpfUETSmAgm81oDsz%2FGbTjjihleAqWRWBKUP2YMFaC2rnL0K4QrFXLu0qFY%2FCMA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 77e8ec481a639bf4-FRA expires Sat, 14 Jan 2023 07:33:15 GMT
GET H2	200	style.css aubtu.biz/wp-content/themes/pennews/	995 KB 109 KB	39ms 38ms	Stylesheet text/css	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/wp-content/themes/pennews/style.css?ver=6.0.3 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bbafb3a37fbf0e8ca0387927da13bc53ae78c1c7ac13d913c621ebadefa74f0f Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 791000 cf-polished origSize=1106703 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public cf-bgj minify last-modified Sun, 29 Aug 2021 18:45:55 GMT server cloudflare etag W/"612bd5e3-10e30f" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVlu6TrAHhujbx6xO%2BLgCere9OLOpPsAE3W7%2BTSNzI2XvWuLzuXuBaCCLrOn08pS66vFbl1py5gUp5lrgcJnHTOreRyQ895RlWTlfuXEgr05TxBdDAdB40Y1mDZlaaNnQQMTpiiBig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 77e8ec481a649bf4-FRA expires Sat, 14 Jan 2023 07:32:47 GMT
GET H2	200	style.css aubtu.biz/wp-content/themes/pennews-child/	0 358 B	31ms 31ms	Stylesheet text/css	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/wp-content/themes/pennews-child/style.css?ver=1.0.0 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 791000 cf-polished origSize=493 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public cf-bgj minify last-modified Sun, 29 Aug 2021 18:45:55 GMT server cloudflare etag W/"612bd5e3-1ed" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6Ijoo9nDamXk3oqJ4S8Nd%2BfcLMQU6SnHi1UcQM3Vsel40AtcnGDG4GiJ0ntoypO27MRnbRuznwHpYbq3GIMq7c93KK3qjfIe4%2FEAExxM%2FzqTy0H2QdwWTT5OTUy2EckgquGAbc7jQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 77e8ec481a659bf4-FRA expires Sat, 14 Jan 2023 07:32:47 GMT
GET H2	200	font-awesome.min.css aubtu.biz/wp-content/themes/pennews/css/	33 KB 8 KB	34ms 34ms	Stylesheet text/css	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/wp-content/themes/pennews/css/font-awesome.min.css?ver=4.5.2 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74a67b8c7ae08c6d59dc50172516683401d19b8495c83b3be490ea3dce522193 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 791000 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public last-modified Sun, 29 Aug 2021 18:45:55 GMT server cloudflare etag W/"612bd5e3-8472" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=De3MJ7Z0S4on4mo4%2F23ztYAjpFpWsPjznoHcLY4nk2p1fqWL671hb%2BMPqguxldnpgzH3gZRYRXrIhb69ddl6u76Hgjp%2FYIf%2FtnF8KtRVx57ICGPlMXu0VJel9CbZOiZsGHraYmBWEg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 77e8ec481a689bf4-FRA expires Sat, 14 Jan 2023 07:32:47 GMT
GET H2	200	style.css aubtu.biz/wp-content/themes/pennews-child/	0 421 B	37ms 37ms	Stylesheet text/css	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/wp-content/themes/pennews-child/style.css?ver=6.5.7 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 790968 cf-polished origSize=493 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public cf-bgj minify last-modified Sun, 29 Aug 2021 18:45:55 GMT server cloudflare etag W/"612bd5e3-1ed" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQwibBj4GZgHtfxCQlLGifHAgGlzN2R6KhAbLjXKKMUMn3pCxIc4bitpGOMz0HpnTF%2FSgWHWG9IQ8X26v%2Ff9wrXcQPj%2BLkY34ZEOmFQmG7wlE7VyTpFH6KsoUw0iCCpHES0cJPcuUg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 77e8ec483aa49bf4-FRA expires Sat, 14 Jan 2023 07:33:19 GMT
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 75488baa72c053f0c7f9624d163394b92ded87973d51a7e2a2b6126849559f2a Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	fontawesome-webfont.woff2 aubtu.biz/wp-content/themes/pennews/fonts/	75 KB 76 KB	33ms 33ms	Font font/woff2	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/wp-content/themes/pennews/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: aubtu.biz URL: https://aubtu.biz/wp-content/themes/pennews/css/font-awesome.min.css?ver=4.5.2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / LarVPS Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://aubtu.biz/wp-content/themes/pennews/css/font-awesome.min.css?ver=4.5.2 Origin https://aubtu.biz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 343519 x-powered-by LarVPS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 77160 x-xss-protection 1; mode=block last-modified Sun, 29 Aug 2021 18:45:55 GMT server cloudflare etag "612bd5e3-12d68" x-download-options noopen vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0KQdwGfyk1dXNT4MjWExnnBUFJ%2BMFfXR3j6EuhHRF6RtEIWUPk%2B7JE%2Bmist%2FV5wEIpsfe4YGV2wy1PubY08fXanHKFxshugeATNFAXMspLfz%2BOD7nSu0v4cH%2F1rBbvGhDR%2FkN74Qg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control max-age=31536000 accept-ranges bytes cf-ray 77e8ec48cf5fbba9-FRA
GET H3	200	pxiEyp8kv8JHgFVrJJfecg.woff2 aubtu.biz/fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	90ms 90ms	Font font/woff2	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Request headers Referer https://aubtu.biz/83862/ Origin https://aubtu.biz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 790935 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7884 last-modified Wed, 27 Apr 2022 17:03:52 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTybQOhmd8p2WTWIC4rgeJFfooWrXcMsknvJW44Webaxd82R0L55eX9nhi%2FZiNqcziGadTbfufUv6%2BvrJrU9IwLZz6ZqlpLJRasgWEunOcQceqMBhmBoS0GXq21q9R31C2TC8hYSiA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=31536000 cf-apo-via proxy accept-ranges bytes cf-ray 77e8ec48cf66bba9-FRA expires Thu, 14 Dec 2023 19:25:00 GMT
GET H3	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 aubtu.biz/fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	89ms 89ms	Font font/woff2	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Request headers Referer https://aubtu.biz/83862/ Origin https://aubtu.biz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 790935 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7816 last-modified Wed, 27 Apr 2022 16:11:40 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWCrkW6XTrhXWNnoR7EAyWVrWJBp2TxmKa2V4K9SLZ%2FP2gA1sw0e%2Faj0lI8pqgGi0m8JBE3wYYJTs7vglMLZuIylDVinSafFgD5F7lAJVMiaCvT3CUIEdyiN4YMgUUdfXx6Pkio%2Fzw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=31536000 cf-apo-via proxy accept-ranges bytes cf-ray 77e8ec48cf6dbba9-FRA expires Thu, 14 Dec 2023 19:24:52 GMT
GET DATA	200 OK	truncated /	64 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 aubtu.biz/fonts.gstatic.com/s/poppins/v20/	8 KB 8 KB	64ms 64ms	Font font/woff2	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Request headers Referer https://aubtu.biz/83862/ Origin https://aubtu.biz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 791000 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7748 last-modified Wed, 27 Apr 2022 16:21:30 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tg2FvdAo8p7dlgXIxQ4Lnslz9K79iW6Yv%2B7XemtzSxUqUHSzBQko37l9ZjRVTl4ObyMhVDTYqT1IDOw9BxecDkqOp%2BbYCRcarFtEEKta%2FM5bzYeZHZ4hP99gfm9XpvUw%2BhUw8e8%2F6w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=31536000 cf-apo-via proxy accept-ranges bytes cf-ray 77e8ec48ffc6bba9-FRA expires Thu, 14 Dec 2023 19:25:01 GMT
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 34abc9af83c90d8332019d1237875edc4f40d3ec6dd465331f038c7bf37b90f1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9ab5dc18480058c3dac419640763c0f88ef2ab36f2d003c4b31d02c3a6705de3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 94c8868a337af8fc6cb70eb87ad1e2c017c9dee96b7f3b67c8f9b3bf5ae4fdef Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 64cf350d924e5f17e6d5128fdd3521500c417f7bf7e982ae8d4baa87680ada57 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	pxiGyp8kv8JHgFVrJJLucHtA.woff2 aubtu.biz/fonts.gstatic.com/s/poppins/v20/	8 KB 9 KB	55ms 55ms	Font font/woff2	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972 Request headers Referer https://aubtu.biz/83862/ Origin https://aubtu.biz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 791016 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8668 last-modified Wed, 27 Apr 2022 16:07:02 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMUIrMSDSiXFj5WPe1%2FYHDpqNIq0K0j%2BFtyoEEKtg0dRqDVkce84RednksKelK8680vQMz6AkwD8OORGNEqXs18die7VPvMItYnDqZoROUDkzJ4fmpoCcSYHZELk1vwLOvXz81tpXg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=31536000 cf-apo-via proxy accept-ranges bytes cf-ray 77e8ec490fdfbba9-FRA expires Tue, 12 Dec 2023 23:42:57 GMT
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 66c30630761be9b60f504a32797f1b1738e5c7c35932df2a5d6929e65a4e24e0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	68 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 77f0e7c1d5bd61ba6de00158b4bed62792dd788b5eb9ec26ba4581032a3fec16 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	email-decode.min.js Show response aubtu.biz/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	45ms 45ms	Script application/javascript	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 20 Dec 2022 16:36:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a1e484-4d7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2BmntZUEt%2BF2MqfQjG54pW35DMG7dm%2BlUuJXLY11rZdXhwaMMzt6wFLOkg4JnTWLGVkxBTudfFhFaK%2BXtyYmNqgn0AiZQincOh%2FKBa7qV2xYx2PAYk635Nn3IR3QBeaSxljeBbhQOg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 77e8ec491ffbbba9-FRA expires Mon, 26 Dec 2022 11:16:07 GMT
GET H/1.1	200 OK	img.fetch Show response udmserve.net/udm/	43 KB 6 KB	712ms 184ms	Script application/x-javascript	68.71.249.118 ZEROLAG
General Check archive.org Show headers Download Go to Full URL https://udmserve.net/udm/img.fetch?sid=16619;tid=1;dt=6; Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US), Reverse DNS Software / Resource Hash 1af22dadfda0470725613c0ac3822859d3fe57e475de0252dd391570a2825f6b Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Date Sat, 24 Dec 2022 11:16:07 GMT Content-Encoding gzip Transfer-Encoding chunked P3p NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT Content-Type application/x-javascript Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Expires 0
GET H3	200	rocket-loader.min.js Show response aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	44ms 44ms	Script application/javascript	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 20 Dec 2022 16:36:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"63a1e484-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Z2MOGx%2Fet8qvqOo%2FNoCQTFOvZ7IkumOUv2DeYrnD6U%2FPf6NuEg93%2BMgOjn4bDMCzQzLC5Bd3a3t6BWo7H%2BsjKUck%2FJ6YFajvpwXsn2qlVRQtGr0a5zV%2BynkLlIGETgcBrSnCpMh3Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 77e8ec491802bba9-FRA expires Mon, 26 Dec 2022 11:16:07 GMT
GET H3	200	LYjCdG7kmE0gdRhYsCRgqA.woff2 aubtu.biz/fonts.gstatic.com/s/teko/v15/	13 KB 13 KB	39ms 39ms	Font font/woff2	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/fonts.gstatic.com/s/teko/v15/LYjCdG7kmE0gdRhYsCRgqA.woff2 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ac7f47be06ed56cebf7d19f23386fa58144a3fec5dfb68a82edcecc20df444a Request headers Referer https://aubtu.biz/83862/ Origin https://aubtu.biz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 790949 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 12908 last-modified Wed, 27 Apr 2022 16:11:41 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAwfX%2FlAG%2FSRkKShRrsWVePzgz%2Btoq7diM%2F4t3YFXvan0HYlH4lK6PA2MBjUXvUNsB3%2BJEYwr0TXK2oBwYcF8RNUkkiulbjb8i8sOBPbBKStoUFHe9k%2FzHmKPNZ5gFtU14HLNXFsiw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=31536000 cf-apo-via proxy accept-ranges bytes cf-ray 77e8ec49283ebba9-FRA expires Sat, 09 Dec 2023 20:15:05 GMT
GET H3	200	script.min.js Show response aubtu.biz/wp-content/themes/pennews/js/	468 KB 140 KB	43ms 42ms	Script application/javascript	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/wp-content/themes/pennews/js/script.min.js?ver=6.5.7 Requested by Host: aubtu.biz URL: https://aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 577cf87bef6a4cf8a0d07d27447e5841959c9658e5681600593625e60430e629 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 790999 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public last-modified Sun, 29 Aug 2021 18:45:55 GMT server cloudflare etag W/"612bd5e3-75008" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DUa0EzTH5h7eHD1%2FCXEhoPD4LhCmJD48R%2F2c0R7GZVTCjaRc42OQvhTwvMQKbxn%2B7KaDk60APWmE4%2FrPTsb5%2FaFAFBXvAo9BQue0SM8a0G9jIC5uKEEWToDbDfxYT9IxkWHyNgRH6Q%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 77e8ec4968bbbba9-FRA expires Sat, 14 Jan 2023 07:32:48 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	109 KB 43 KB	156ms 66ms	Script application/javascript	2a00:1450:400d:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-138655475-60 Requested by Host: aubtu.biz URL: https://aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bfdca33253ffa0fb74db4c75423b2bbb73d88384d244cd7528f7974f440e98e2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43574 x-xss-protection 0 last-modified Sat, 24 Dec 2022 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 24 Dec 2022 11:16:07 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	147 KB 49 KB	193ms 102ms	Script text/javascript	2a00:1450:400d:804::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4402329642115120 Requested by Host: aubtu.biz URL: https://aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bc0b73daf8ccb51b621b18bf71875c104a56765ae632a47e195a339de861294a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://aubtu.biz/ Origin https://aubtu.biz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49742 x-xss-protection 0 server cafe etag 9965258131825758779 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sat, 24 Dec 2022 11:16:07 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	232 KB 79 KB	146ms 57ms	Script application/javascript	2a00:1450:400d:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GMEP4Y0H90 Requested by Host: aubtu.biz URL: https://aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 44de6781a69d664bc639b10b3dda10fd5cdaead0144960814ddfa8fcf65ec37d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 80631 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 24 Dec 2022 11:16:07 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	80 KB 27 KB	198ms 85ms	Script text/javascript	2a00:1450:400d:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: aubtu.biz URL: https://aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27542 x-xss-protection 0 server sffe etag "1430 / 975 of 1000 / last-modified: 1670587517" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 24 Dec 2022 11:16:07 GMT
GET H2	200	player.js Show response cdn.unibotscdn.com/ubplayer/	130 KB 47 KB	160ms 40ms	Script application/javascript	2400:52e0:1e00::1048:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn.unibotscdn.com/ubplayer/player.js Requested by Host: aubtu.biz URL: https://aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1048:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1048 / Resource Hash ef0a3f1e274da89f34f4ae7640b2cb4b6858b474cf39568887decd99834212c4 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding br cdn-edgestorageid 1049 cdn-storageserver DE-167 cdn-cachedat 12/22/2022 11:48:30 cdn-pullzone 873945 last-modified Thu, 22 Dec 2022 05:22:22 GMT server BunnyCDN-DE1-1048 cdn-fileserver 336 cdn-requestpullcode 200 cdn-proxyver 1.03 etag W/"63a3e98e-20615" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed cache-control public, max-age=3600 cdn-requestid cbc6ccf626215b7fb83577348bd6c78e cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	fb.js Show response cdn.pubguru.com/	1013 B 1002 B	129ms 20ms	Script application/javascript	2600:9000:2057:5600:5:3aaa:f40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.pubguru.com/fb.js Requested by Host: aubtu.biz URL: https://aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2057:5600:5:3aaa:f40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2d2ba1afbfd92cba1bed039b1562cfca77e23fdb8df3272c9cb6f51ebb02fa19 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id dEl0hjkpHvGrYMHvUnuJgpp9lfixHU0U content-encoding gzip via 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront) date Fri, 23 Dec 2022 13:11:45 GMT last-modified Fri, 09 Oct 2020 14:01:06 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 79471 etag W/"0275e34e092169e948a69b76ef396f31" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id HvO9aj5CMq4uTS0mJf-QlnVlIgvqf9fteHSuFlvRxSqiFfXSJuQuuQ==
GET H2	200	pg.aubtu.biz.js Show response m2d.m2.ai/	41 KB 8 KB	125ms 31ms	Script application/javascript	13.225.34.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m2d.m2.ai/pg.aubtu.biz.js Requested by Host: aubtu.biz URL: https://aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.34.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-34-71.cdg3.r.cloudfront.net Software AmazonS3 / Resource Hash 5c20187574c97cc7f1facb3e2c01a19e8ba537525776ad2fc0d1cb4ff6e35431 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id vCIqqtiAuAe1ugp0Z9unQbwRSm0Stv6e content-encoding gzip via 1.1 49fc2f926cfb7dd26ebb967cdc70f29a.cloudfront.net (CloudFront) date Sat, 24 Dec 2022 11:10:04 GMT last-modified Wed, 21 Dec 2022 18:42:57 GMT server AmazonS3 x-amz-cf-pop CDG3-C2 age 396 etag W/"e1204582a9677b8fc0e2d993b3809a0a" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=14400 x-amz-cf-id r4lzQdpaIztEtrG24Vej0Wlkm32kwcBvN-Jm_SzP7-KxFW2YooQ3mw==
GET H2	200	js Show response www.googletagmanager.com/gtag/	112 KB 44 KB	200ms 112ms	Script application/javascript	2a00:1450:400d:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-153122571-11 Requested by Host: aubtu.biz URL: https://aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 32b88ef38958c9bb46b194c8d2aa83dfa48b3e2a44be9ead510223aafbfe1dd4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 44677 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 24 Dec 2022 11:16:07 GMT
GET H3	200	jquery-migrate.min.js Show response aubtu.biz/wp-includes/js/jquery/	11 KB 5 KB	30ms 29ms	Script application/javascript	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: aubtu.biz URL: https://aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 790935 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public last-modified Sun, 29 Aug 2021 16:38:22 GMT server cloudflare etag W/"612bb7fe-2bd8" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZ2%2F2pbMtWNevwJI%2BDPXyYz5BmbwvyaxY9o%2FEDm6QPoH4G%2BkceGqyFQoDTYEUzBhyVcPRBa4CYspvSNPXyaLcT2aTTJJI6s8GNkFdlTNtfU2d2%2FWAYnxIEI6n1xt5cmLTa7b%2BZ9c7A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 77e8ec4968c5bba9-FRA expires Sat, 14 Jan 2023 07:33:52 GMT
GET H3	200	jquery.min.js Show response aubtu.biz/wp-includes/js/jquery/	87 KB 32 KB	35ms 34ms	Script application/javascript	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Requested by Host: aubtu.biz URL: https://aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:07 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 790912 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 pragma public last-modified Sun, 29 Aug 2021 16:38:22 GMT server cloudflare etag W/"612bb7fe-15db1" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6tb23sLoHRyGW1MZsybzbmr4ryzHcD701HKpw4Pb1T4zrl1%2Fs7sbUWs3TpFh4UR5dbJQhDlrDAXCCLF1ScNIpKLdkTtFdrZiJSzq5BL4rceHyDFOpmuM5WhWkPhdQElBNM1mBuGnA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 77e8ec4968c9bba9-FRA expires Sat, 14 Jan 2023 07:34:15 GMT
GET H2	200	config.js Show response cdn.confiant-integrations.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/	123 KB 28 KB	88ms 31ms	Script text/javascript	2606:4700::6812:116b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.confiant-integrations.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/config.js Requested by Host: udmserve.net URL: https://udmserve.net/udm/img.fetch?sid=16619;tid=1;dt=6; Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75e92564f0453045a8d53fecd72052ebe1d182b4d83355610d4d8ad89cce9daa Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:08 GMT content-encoding br cf-cache-status HIT last-modified Sat, 24 Dec 2022 09:52:26 GMT server cloudflare x-amz-request-id NGA831YS86VGDXAW age 821 etag W/"4ebfaf12e99f1341f04cd7496376dee5" vary Accept-Encoding content-type text/javascript cache-control public, max-age=900, stale-while-revalidate=3600 cf-ray 77e8ec4de94592b4-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 Jsu5qfQ1CGYnCHndpzgWZjK+/wUcodXGLFjCZIKgTZRUZ5Tau8k5r+PcgV3LFQnnHT5v0yGREXM=
GET H2	200	udm-r3_v2.16.3.js Show response bid.underdog.media/	558 KB 173 KB	158ms 34ms	Script application/javascript	2600:9000:211a:da00:5:c4ab:c3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bid.underdog.media/udm-r3_v2.16.3.js Requested by Host: udmserve.net URL: https://udmserve.net/udm/img.fetch?sid=16619;tid=1;dt=6; Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:da00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 443c15a1f3835d0f83cb0f5a108b230f6fd0dda6ae92c852ea8ab0db9cad6f1c Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Tue, 06 Dec 2022 18:05:38 GMT content-encoding gzip via 1.1 c855d201fddbb6ef22989607fe8f5d1e.cloudfront.net (CloudFront) last-modified Tue, 06 Dec 2022 17:54:20 GMT server AmazonS3 x-amz-cf-pop VIE50-C2 age 1530631 etag "593c07f420c03495d60c43c72c0bf37b" x-cache Hit from cloudfront content-type application/javascript cache-control max-age=2592000 accept-ranges bytes content-length 177012 x-amz-cf-id fepnxLf4ylMGT1RifDA3GolJ8NlH1y9FGa7BkH38KZycN6aCfGPK1Q==
GET H2	200	quant.js Show response secure.quantserve.com/	25 KB 10 KB	127ms 20ms	Script application/javascript	2620:116:800d:21:93ca:31d8:d86e:38f6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: udmserve.net URL: https://udmserve.net/udm/img.fetch?sid=16619;tid=1;dt=6; Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:08 GMT content-encoding gzip etag "StHfV9prSwQMxjKWocWEFw==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Sat, 31 Dec 2022 11:16:08 GMT
GET H/1.1	200 OK	fetch.pix udmserve.net/udm/ Redirect Chain https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.9664933 https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.9664933 https://udmserve.net/udm/fetch.pix?dt=1;apnid=3025544780433409412;cb=0.9664933	43 B 612 B	326ms 171ms	Image image/gif	68.71.249.118 ZEROLAG
General Check archive.org Show headers Download Go to Show image Full URL https://udmserve.net/udm/fetch.pix?dt=1;apnid=3025544780433409412;cb=0.9664933 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol HTTP/1.1 Server 68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 11:16:08 GMT Cache-Control max-age=43200 Connection Keep-Alive Content-Length 43 Content-Type image/gif Redirect headers Date Sat, 24 Dec 2022 11:16:08 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 217.114.215.133; 217.114.215.133; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 48bf78f2-c606-4806-ae3f-e62e6092b58a Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://udmserve.net/udm/fetch.pix?dt=1;apnid=3025544780433409412;cb=0.9664933 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	fetch.pix udmserve.net/udm/ Redirect Chain https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%... https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%... https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjc5MjZFOTAtNjJFOC00RTU2LTlDMjQtOUVBRTBEQjM1MkVE&gdpr=0&gdpr_consent= https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Rjc5MjZFOTAtNjJFOC00RTU2LTlDMjQtOUVBRTBEQjM1MkVE&gdpr=0&gdpr_consent=&google_tc= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DF7926E90-62E8-4E56-9C24-9EAE0DB352ED;cb=0.9664933 https://udmserve.net/udm/fetch.pix?pmid=F7926E90-62E8-4E56-9C24-9EAE0DB352ED;cb=0.9664933	43 B 628 B	181ms 180ms	Image image/gif	68.71.249.118 ZEROLAG
General Check archive.org Show headers Download Go to Show image Full URL https://udmserve.net/udm/fetch.pix?pmid=F7926E90-62E8-4E56-9C24-9EAE0DB352ED;cb=0.9664933 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol HTTP/1.1 Server 68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 11:16:08 GMT Cache-Control max-age=43200 Connection Keep-Alive Content-Length 43 Content-Type image/gif Redirect headers location https://udmserve.net/udm/fetch.pix?pmid=F7926E90-62E8-4E56-9C24-9EAE0DB352ED;cb=0.9664933 date Sat, 24 Dec 2022 11:16:08 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H/1.1	200 OK	fetch.pix udmserve.net/udm/ Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9664933%3Bindx%3D https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9664933%3Bindx%3D&s=199174&C=1 https://udmserve.net/udm/fetch.pix?dt=1;cb=0.9664933;indx=Y6bfeG40dTlLdVnEPtp3sQAABF8AAAAB	43 B 624 B	470ms 171ms	Image image/gif	68.71.249.118 ZEROLAG
General Check archive.org Show headers Download Go to Show image Full URL https://udmserve.net/udm/fetch.pix?dt=1;cb=0.9664933;indx=Y6bfeG40dTlLdVnEPtp3sQAABF8AAAAB Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol HTTP/1.1 Server 68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 11:16:08 GMT Cache-Control max-age=43200 Connection Keep-Alive Content-Length 43 Content-Type image/gif Redirect headers pragma no-cache date Sat, 24 Dec 2022 11:16:08 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdaMa8WGfYHLUtXDIiKss0pcqrhszG3LTL0zvuDk%2BXb5EmZnsj2v5O8DH125h2z%2FK1ZGWe1xrQeaMyvEaa6HpRmINXe3OpZU6bafjsbzs9qy5VH9qVUnm4hV7u45yz73m6%2BdgNenwO2new%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location https://udmserve.net/udm/fetch.pix?dt=1;cb=0.9664933;indx=Y6bfeG40dTlLdVnEPtp3sQAABF8AAAAB cache-control no-cache cf-ray 77e8ec4e78389176-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expires 0
GET H/1.1	200 OK	fetch.pix udmserve.net/udm/ Redirect Chain https://ad.360yield.com/server_match?partner_id=1782&r=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9664933%3Bidid%3D%7BPUB_USER_ID%7D https://ad.360yield.com/ul_cb/server_match?partner_id=1782&r=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.9664933%3Bidid%3D%7BPUB_USER_ID%7D https://udmserve.net/udm/fetch.pix?dt=1;cb=0.9664933;idid=c92282c5-be6b-488f-9ccc-04a0a6a2b588	43 B 628 B	492ms 176ms	Image image/gif	68.71.249.118 ZEROLAG
General Check archive.org Show headers Download Go to Show image Full URL https://udmserve.net/udm/fetch.pix?dt=1;cb=0.9664933;idid=c92282c5-be6b-488f-9ccc-04a0a6a2b588 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol HTTP/1.1 Server 68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 11:16:08 GMT Cache-Control max-age=43200 Connection Keep-Alive Content-Length 43 Content-Type image/gif Redirect headers location https://udmserve.net/udm/fetch.pix?dt=1;cb=0.9664933;idid=c92282c5-be6b-488f-9ccc-04a0a6a2b588 access-control-allow-origin * date Sat, 24 Dec 2022 11:16:08 GMT content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H/1.1	200 OK	fetch.pix udmserve.net/udm/ Redirect Chain https://ups.analytics.yahoo.com/ups/58720/occ?cb=0.9664933 https://ups.analytics.yahoo.com/ups/58720/occ?cb=0.9664933&verify=true https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-gVvxNUdE2uGJR0leLDWE0_6.7.pIGnsPK1l5sZU-~A	43 B 637 B	171ms 171ms	Image image/gif	68.71.249.118 ZEROLAG
General Check archive.org Show headers Download Go to Show image Full URL https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-gVvxNUdE2uGJR0leLDWE0_6.7.pIGnsPK1l5sZU-~A Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol HTTP/1.1 Server 68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Sat, 24 Dec 2022 11:16:08 GMT Cache-Control max-age=43200 Connection Keep-Alive Content-Length 43 Content-Type image/gif Redirect headers location https://udmserve.net/udm/fetch.pix?dt=1;yahoo=y-gVvxNUdE2uGJR0leLDWE0_6.7.pIGnsPK1l5sZU-~A date Sat, 24 Dec 2022 11:16:08 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H3	200	wrap.js Show response cdn.confiant-integrations.net/prebid/202212211045/	115 KB 37 KB	59ms 35ms	Script application/javascript	2606:4700::6812:116b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.confiant-integrations.net/prebid/202212211045/wrap.js Requested by Host: cdn.confiant-integrations.net URL: https://cdn.confiant-integrations.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/config.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc38d0aa2dbeded97b540b45b25a865e3e180626028ea678b5778c662ac2148c Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:08 GMT content-encoding br cf-cache-status HIT last-modified Wed, 21 Dec 2022 15:47:02 GMT server cloudflare x-amz-request-id EM44G901DZ23J8FT age 234259 etag W/"5417c9520f72355296c28a32c51cfce3" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 cf-ray 77e8ec4e6fc468ef-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-amz-id-2 AypDk+fB66tTR5LAxWXB9l/BwSCyOwbB7Uqqve3OpVMxI7gEU9jLg6N+vFCv0Ue+xGMcTAwtBH8=
GET H2	200	rules-p-effSsmMYCbAck.js Show response rules.quantcount.com/	160 B 616 B	76ms 20ms	Script application/javascript	2600:9000:223c:6800:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-effSsmMYCbAck.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:6800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 10:20:04 GMT via 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 3364 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 160 last-modified Thu, 13 Oct 2022 22:21:01 GMT server AmazonS3 etag "435cbd9bc4b3440e866ad1f4f7d1ef02" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id orYqXlafZpDKqsVMW2gT4LzrwB-4968jul6-_TcH1vgMLESIy5RPcw==
GET H2	200	rules-p-Pz67dCqdsHfxh.js Show response rules.quantcount.com/	160 B 614 B	76ms 20ms	Script application/javascript	2600:9000:223c:6800:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:6800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 10:17:38 GMT via 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 3511 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 160 last-modified Thu, 13 Oct 2022 23:00:33 GMT server AmazonS3 etag "eee1bd1fc55b604b66cd9e63c4f811b8" access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id YiKzdyfJecVBr9m5QG8ZeG_qcbzjvQ5679GKQ7iA_NA9ps04wwv7MA==
GET H2	200	pixel;r=353122661;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Faubtu.biz%2F83862%2F;uht=2;fpan=1;fpa=P0-1795628977-1671880568069;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=aubtu.... pixel.quantserve.com/	35 B 372 B	74ms 22ms	Image image/gif	2620:116:800d:21:93ca:31d8:d86e:38f6 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=353122661;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Faubtu.biz%2F83862%2F;uht=2;fpan=1;fpa=P0-1795628977-1671880568069;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=aubtu.biz;dst=0;et=1671880568162;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Money%20Heist%20-%20Who%20are%20the%20Casts%20and%20Characters%3F%20(Part%201)%2Cdescription.Money%20Heist%20is%20a%20really%20famous%20Crime%20%26%20Drama%20TV%20Series%252E%20Let%20get%20to%20know%20who%20are%20%2Curl.https%3A%2F%2Faubtu%252Ebiz%2F83862%2F%2Csite_name.We%20Love%20Animals%2Cimage.https%3A%2F%2Faubtu%252Ebiz%2Fwp-content%2Fuploads%2F2022%2F08%2FFotoJet-2%252Ejpg%2Cimage%3Awidth.800%2Cimage%3Aheight.720%2Cimage%3Atype.image%2Fjpeg;ses=fef2f209-c9ea-4137-81f3-22b31962548e Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 24 Dec 2022 11:16:08 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	pixel;r=914009310;labels=edge.1%2Csid.16619;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Faubtu.biz%2F83862%2F;uht=2;fpan=1;fpa=P0-1795628977-1671880568069;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-2022121511163... pixel.quantserve.com/	35 B 371 B	74ms 22ms	Image image/gif	2620:116:800d:21:93ca:31d8:d86e:38f6 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=914009310;labels=edge.1%2Csid.16619;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Faubtu.biz%2F83862%2F;uht=2;fpan=1;fpa=P0-1795628977-1671880568069;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=aubtu.biz;dst=0;et=1671880568163;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Money%20Heist%20-%20Who%20are%20the%20Casts%20and%20Characters%3F%20(Part%201)%2Cdescription.Money%20Heist%20is%20a%20really%20famous%20Crime%20%26%20Drama%20TV%20Series%252E%20Let%20get%20to%20know%20who%20are%20%2Curl.https%3A%2F%2Faubtu%252Ebiz%2F83862%2F%2Csite_name.We%20Love%20Animals%2Cimage.https%3A%2F%2Faubtu%252Ebiz%2Fwp-content%2Fuploads%2F2022%2F08%2FFotoJet-2%252Ejpg%2Cimage%3Awidth.800%2Cimage%3Aheight.720%2Cimage%3Atype.image%2Fjpeg;ses=fef2f209-c9ea-4137-81f3-22b31962548e Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 24 Dec 2022 11:16:08 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	choice.js Show response quantcast.mgr.consensu.org/choice/P1H7K5VnbfnPD/aubtu.biz/	3 KB 2 KB	97ms 23ms	Script application/javascript	2600:9000:236e:3e00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/choice/P1H7K5VnbfnPD/aubtu.biz/choice.js Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0b3530981f4fdc9c6d5c6db1947acc8c848be5de20577e44bc5db431f0e4df34 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:15:36 GMT content-encoding gzip via 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront) last-modified Tue, 12 Apr 2022 09:06:43 GMT server AmazonS3 x-amz-cf-pop FRA60-P1 age 38 x-amz-server-side-encryption AES256 etag W/"07bb62c2a09d1417a792f2c7b5c8f44a" vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 cross-origin-resource-policy cross-origin x-amz-cf-id BRa-qcXU25GXBj-ViQ5mff4x1szoIRMsyyTolzpLb5hE2cF5rs9BBw==
GET H3	200	wp-emoji-release.min.js Show response aubtu.biz/wp-includes/js/	18 KB 5 KB	34ms 34ms	Script application/javascript	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://aubtu.biz/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / LarVPS Resource Hash 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:08 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 337965 x-powered-by LarVPS content-encoding br x-rocket-nginx-serving-static BYPASS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Thu, 28 Jul 2022 04:02:52 GMT server cloudflare etag W/"62e20a6c-48b9" x-download-options noopen vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0oa5xV1O2Mi4Z8iiWADbeCvHhyFMGRohRFJOIQr6YfmMlPN0T%2B36KeiG%2Bhptibt5oYxyN6vID%2FORo5cY7DQ4Cx5KCjr6TduwcC1YPlULKcoNAAo0q5TB4SLd4exPSBqMZN4QKPrqxA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=31536000 cf-ray 77e8ec541f70bba9-FRA expires Thu, 19 Jan 2023 13:23:23 GMT
GET H3	200	pubads_impl_2022120501.js Show response securepubads.g.doubleclick.net/gpt/	380 KB 129 KB	105ms 35ms	Script text/javascript	2a00:1450:400d:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Wed, 21 Dec 2022 01:30:51 GMT content-encoding gzip x-content-type-options nosniff age 294318 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131905 x-xss-protection 0 last-modified Mon, 05 Dec 2022 09:36:10 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 21 Dec 2023 01:30:51 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	592 B 225 B	138ms 69ms	XHR application/json	2a00:1450:400d:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=aubtu.biz Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2e0062e045eba04badbe0fd46e94ac9f53d2a89e1e3b35c43a4c05d21adc398d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 200 x-xss-protection 0 expires Sat, 24 Dec 2022 11:16:09 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	80 KB 27 KB	172ms 70ms	Script text/javascript	2a00:1450:400d:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: m2d.m2.ai URL: https://m2d.m2.ai/pg.aubtu.biz.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27542 x-xss-protection 0 server sffe etag "1430 / 899 of 1000 / last-modified: 1670587517" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 24 Dec 2022 11:16:09 GMT
GET H2	200	pg-221109-9ce-nc-a84bab9c20f4bbd96b6d3169d2a7bef6.js Show response m2d.m2.ai/v/	634 KB 185 KB	30ms 30ms	Script application/javascript	13.225.34.71 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m2d.m2.ai/v/pg-221109-9ce-nc-a84bab9c20f4bbd96b6d3169d2a7bef6.js Requested by Host: m2d.m2.ai URL: https://m2d.m2.ai/pg.aubtu.biz.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.34.71 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-34-71.cdg3.r.cloudfront.net Software AmazonS3 / Resource Hash b3a52eddffa4185a313af5f1a88638e7f9a63ddc32c45d9b0ae5dee1ada4b164 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id qLsQGJFs0fIZLgUbsc2d7dqnowr69.bj content-encoding gzip via 1.1 49fc2f926cfb7dd26ebb967cdc70f29a.cloudfront.net (CloudFront) date Sat, 24 Dec 2022 07:22:01 GMT last-modified Tue, 22 Nov 2022 16:06:20 GMT server AmazonS3 x-amz-cf-pop CDG3-C2 age 14141 etag W/"a25d036179d6bec2fe0776d53f339c3f" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type application/javascript cache-control max-age=14400 timing-allow-origin * x-amz-cf-id Y1t3dkcrgieiKI-ve3bdJMwUJxA8f2vqTzE9NR3vN49RsY302JngVA==
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	80 KB 27 KB	168ms 107ms	Script text/javascript	2a00:1450:400d:808::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: aubtu.biz URL: https://aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27542 x-xss-protection 0 server sffe etag "1430 / 271 of 1000 / last-modified: 1670587517" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Sat, 24 Dec 2022 11:16:09 GMT
GET H2	200	loader.js Show response cdn.taboola.com/libtrc/pawsworld-aubtu/	289 KB 28 KB	86ms 26ms	Script application/javascript	151.101.129.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js Requested by Host: aubtu.biz URL: https://aubtu.biz/83862/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash b7704bf2c8cac3501f58611546bdfcfa32d826596aee72cd324e09d9fbef1ec0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id lwW4CSzqif8FOwF9vcIAPqEPEcY1hJpj content-encoding gzip via 1.1 varnish date Sat, 24 Dec 2022 11:16:09 GMT x-amz-request-id AT77Y7QF13GYXXSY age 66 x-cache HIT content-length 28394 x-amz-id-2 JOWKpSIK92+SU3tUW+tYzCQD0R6ztmZxP7fvxEw/XpigmNfMgQKmXxkwwH7FeQX6P5KUjpGr4tY= x-served-by cache-hhn-etou8220093-HHN last-modified Thu, 22 Dec 2022 18:11:56 GMT server AmazonS3 x-timer S1671880569.087277,VS0,VE1 etag "6a5ef8509e4bc25c7c963b3204084eb9" vary Accept-Encoding content-type application/javascript; charset=utf-8 abp 64 cache-control private,max-age=14401 accept-ranges bytes x-cache-hits 1
GET H3	200	js Show response www.googletagmanager.com/gtag/	213 KB 75 KB	190ms 117ms	Script application/javascript	2a00:1450:400d:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-0NE7QEYY49&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-153122571-11 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a0a33a05f4fb99180f337223c6e81c31875ac7fe6b0214c8fef21473c56dd0a4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 76341 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 24 Dec 2022 11:16:09 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	126ms 36ms	Script text/javascript	2a00:1450:400d:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-153122571-11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 24 Dec 2022 10:27:20 GMT last-modified Tue, 27 Sep 2022 22:01:05 GMT server Golfe2 age 2929 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20039 expires Sat, 24 Dec 2022 12:27:20 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	232 KB 79 KB	151ms 80ms	Script application/javascript	2a00:1450:400d:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GMEP4Y0H90&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-153122571-11 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a19f6e24ac0ab4ff97dbbc78e6bdde38fec56385ebefcdb65964ec370e0f9e77 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 80708 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 24 Dec 2022 11:16:09 GMT
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	147 KB 49 KB	183ms 92ms	Script text/javascript	2a00:1450:400d:804::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4402329642115120 Requested by Host: aubtu.biz URL: https://aubtu.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53a5783e72d293dda050e1c7883a8c51f5a33a31958510b4b3ad8132beffaeee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://aubtu.biz/ Origin https://aubtu.biz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49879 x-xss-protection 0 server cafe etag 643183129163830256 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sat, 24 Dec 2022 11:16:09 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	109 KB 43 KB	129ms 60ms	Script application/javascript	2a00:1450:400d:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-138655475-60&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-153122571-11 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 640e169986bb9ed1556a7c29842c787ebeae6b00f6e93056e6d97627c2b8189b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43581 x-xss-protection 0 last-modified Sat, 24 Dec 2022 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 24 Dec 2022 11:16:09 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/	356 KB 117 KB	177ms 100ms	Script text/javascript	2a00:1450:400d:804::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4402329642115120&plah=aubtu.biz&bust=31071167 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4402329642115120 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6447502f0f3b8851b6fe0d917d785f72f6bd2e87315fb83075a329672d75f672 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 120032 x-xss-protection 0 server cafe etag 12577236829698920473 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sat, 24 Dec 2022 11:16:09 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 5EFA	10 KB 5 KB	137ms 34ms	Document text/html	2a00:1450:400d:80c::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4402329642115120 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://aubtu.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 34660 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 24 Dec 2022 01:38:29 GMT etag 10353107486223812946 expires Sat, 07 Jan 2023 01:38:29 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	jquery.mousewheel.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/	3 KB 2 KB	86ms 28ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js Requested by Host: aubtu.biz URL: https://aubtu.biz/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1964382 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1046 last-modified Mon, 04 May 2020 16:11:46 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec2-ad3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuSFm9Vp61VZBMFM2BFD6hpwKfNcMEtSdWE%2BMqKR4w0liIZnTC0hy7LymWueOYjDso950z0Fh%2B%2BCV8vK9hWnN97KPL0OJoXAlCM%2FxdgtBx7eN0I0c55c3J9%2FKJCVDUU4HWIy3TdPPAWyG1K0PdbPWRxq"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 77e8ec5538c29bd0-FRA expires Thu, 14 Dec 2023 11:16:09 GMT
GET H2	200	rr16619v7.js Show response bid.underdog.media/	3 KB 2 KB	31ms 31ms	Script application/x-javascript	2600:9000:211a:da00:5:c4ab:c3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bid.underdog.media/rr16619v7.js Requested by Host: bid.underdog.media URL: https://bid.underdog.media/udm-r3_v2.16.3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:211a:da00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 415e524fe7b7dced4736caa7c6dac04711c9313fe289504ffcd03fc77993dab6 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 10:53:37 GMT content-encoding gzip via 1.1 c855d201fddbb6ef22989607fe8f5d1e.cloudfront.net (CloudFront) last-modified Sat, 24 Dec 2022 10:30:05 GMT server AmazonS3 x-amz-cf-pop VIE50-C2 age 1353 etag "551d7aca7dda989ccc288ddb0af49d6a" x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=7200 accept-ranges bytes content-length 1473 x-amz-cf-id Xl-4I2ezqmnv2WujrWvwLKauQoaGVGLK543-FHVZnTgGPy9xZ9n6qg==
POST H2	204	collect region1.google-analytics.com/g/	0 343 B	83ms 29ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-GMEP4Y0H90&gtm=2oebu0&_p=824771868&cid=39467824.1671880569&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671880569&sct=1&seg=0&dl=https%3A%2F%2Faubtu.biz%2F83862%2F&dt=Money%20Heist%20-%20Who%20are%20the%20Casts%20and%20Characters%3F%20(Part%201)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GMEP4Y0H90 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 24 Dec 2022 11:16:09 GMT server Golfe2 content-type text/plain access-control-allow-origin https://aubtu.biz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	quant.js Show response secure.quantserve.com/	25 KB 10 KB	26ms 26ms	Script application/javascript	2620:116:800d:21:93ca:31d8:d86e:38f6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/choice/P1H7K5VnbfnPD/aubtu.biz/choice.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-encoding gzip etag "StHfV9prSwQMxjKWocWEFw==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Sat, 31 Dec 2022 11:16:09 GMT
GET H2	200	rules-p-P1H7K5VnbfnPD.js Show response rules.quantcount.com/	160 B 631 B	20ms 19ms	Script application/javascript	2600:9000:223c:6800:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-P1H7K5VnbfnPD.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223c:6800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 083a58ffdb0425670c304cc7ab19dfc21a7d7a11528bbb5b1d7b49a884918eee Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:09:05 GMT via 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 age 425 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 160 last-modified Thu, 13 Oct 2022 15:26:28 GMT server AmazonS3 etag "be513b77089f4c620f804c6d7625b0ae" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes x-amz-cf-id sEJyepynemmZA-j4NU35LoCw3OJuTC3z7luA5-8efS0SogiTF6ubtw==
GET H2	200	cmp2.js Show response quantcast.mgr.consensu.org/tcfv2/	177 KB 44 KB	24ms 24ms	Script text/javascript	2600:9000:236e:3e00:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=aubtu.biz Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/choice/P1H7K5VnbfnPD/aubtu.biz/choice.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:236e:3e00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 10:30:04 GMT content-encoding br via 1.1 fd38301adb0ceb6cf6c42567f371a2f4.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P1 age 2766 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 10 Nov 2022 18:23:42 GMT server AmazonS3 etag W/"37fdfbac0c6ef64496f7d86258c934a8" access-control-max-age 86400 access-control-allow-methods GET content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control max-age=3600 x-amz-meta-qc-ineu True vary Accept-Encoding x-amz-cf-id -_NdvwQ8olFZnjlHv_Y2-IJ_INL7pe5H2c3lDuUbs27CQuMtM0vlVA==
GET H2	200	pixel;r=1353861575;source=choice;rf=3;a=p-P1H7K5VnbfnPD;url=https%3A%2F%2Faubtu.biz%2F83862%2F;uht=2;fpan=1;fpa=P0-1795628977-1671880568069;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=... pixel.quantserve.com/	35 B 210 B	25ms 24ms	Image image/gif	2620:116:800d:21:93ca:31d8:d86e:38f6 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=1353861575;source=choice;rf=3;a=p-P1H7K5VnbfnPD;url=https%3A%2F%2Faubtu.biz%2F83862%2F;uht=2;fpan=1;fpa=P0-1795628977-1671880568069;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=aubtu.biz;dst=0;et=1671880569159;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Money%20Heist%20-%20Who%20are%20the%20Casts%20and%20Characters%3F%20(Part%201)%2Cdescription.Money%20Heist%20is%20a%20really%20famous%20Crime%20%26%20Drama%20TV%20Series%252E%20Let%20get%20to%20know%20who%20are%20%2Curl.https%3A%2F%2Faubtu%252Ebiz%2F83862%2F%2Csite_name.We%20Love%20Animals%2Cimage.https%3A%2F%2Faubtu%252Ebiz%2Fwp-content%2Fuploads%2F2022%2F08%2FFotoJet-2%252Ejpg%2Cimage%3Awidth.800%2Cimage%3Aheight.720%2Cimage%3Atype.image%2Fjpeg;ses=fef2f209-c9ea-4137-81f3-22b31962548e Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sat, 24 Dec 2022 11:16:09 GMT cache-control private, no-cache, no-store, proxy-revalidate strict-transport-security max-age=86400 content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	Aubtub.png aubtu.biz/wp-content/uploads/2021/09/	9 KB 10 KB	30ms 30ms	Image image/png	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aubtu.biz/wp-content/uploads/2021/09/Aubtub.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf70ed4ef802a26c4c944e23f5686617f668818f8e4b5e55fe83b6417648d0a0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 790998 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9496 pragma public last-modified Thu, 04 Nov 2021 04:45:02 GMT server cloudflare etag "6183654e-2518" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWwvfp%2BNpadwdQWxYLoO%2BWSFd1xiJWtrm%2BTe1BTrNDVWQJNzvvuc8UNAi7q%2BvS7mg9EYg%2Fp9faxjmPLkxLqipRm8GZXt%2BFtR7F2bFuOshGUHIzglOa%2FVYabZhewUgPRzwuf3ny9VOw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 77e8ec558a5ebba9-FRA expires Sat, 14 Jan 2023 07:32:51 GMT
GET H3	200	FotoJet-2-561x505.jpg aubtu.biz/wp-content/uploads/2022/08/	27 KB 28 KB	543ms 542ms	Image image/jpeg	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aubtu.biz/wp-content/uploads/2022/08/FotoJet-2-561x505.jpg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / LarVPS Resource Hash 29362e722088410f36fa3d14332c501adff54511c65a0b299f5f4bf7e07ab3ac Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by LarVPS x-rocket-nginx-serving-static MISS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27838 x-xss-protection 1; mode=block last-modified Mon, 05 Sep 2022 09:05:09 GMT server cloudflare etag "6315bbc5-6cbe" x-download-options noopen vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPSmRCXRDNBurDE%2Fi5%2FTVzlb%2BINHdWRldFVxzAPv9QT%2BUmLf5LBLdy0j9IHxIsKqo5nGPtZPnufTU6xOiK62tQwOuxbVDUwHwNpbuYUxUiblwRuJu6QyFSXmxH7T64n23X1peXjvFg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=31536000 accept-ranges bytes cf-ray 77e8ec558a61bba9-FRA expires Mon, 23 Jan 2023 11:16:08 GMT
GET H2	200	H1.webp cdn3s.com/wp-content/uploads/2022/08/	15 KB 15 KB	591ms 527ms	Image image/webp	2606:4700:3038::6815:ebcc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn3s.com/wp-content/uploads/2022/08/H1.webp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:ebcc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / DLEMP Resource Hash fbb6eb68e63412ed0af82c1ac44b395b40c6cda017ec13c23762d94ec908c0b3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by DLEMP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 14860 x-xss-protection 1; mode=block last-modified Wed, 03 Aug 2022 01:12:21 GMT server cloudflare etag "62e9cb75-3a0c" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7X3j0238Bwn%2BJMjH%2F6UZSLnibiyrYdyJ5RG%2F1Mg9rR7Y6qABkgRBxXs%2BwSH4vOyUJSCWcZRUcgCC9tOKYBegO2Xz5zUGvAbofk7qfm4JUkpS0GmunBtG0m2uEUBy%2B8VNU10Ucu76lw%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp vary Accept-Encoding cache-control max-age=14400 accept-ranges bytes cf-ray 77e8ec55e8459b88-FRA
GET H3	200	Aubtu2.png aubtu.biz/wp-content/uploads/2021/08/	8 KB 9 KB	34ms 33ms	Image image/png	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aubtu.biz/wp-content/uploads/2021/08/Aubtu2.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5ca08df13c407b74128fa9ad44fc50e6c1db209c692c5d251b1624b0564944b Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 791016 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8362 pragma public last-modified Sun, 29 Aug 2021 18:53:56 GMT server cloudflare etag "612bd7c4-20aa" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNN3%2B39wuhA9unWkgOb0BnWkh%2BW07C%2FHL5IyZvTFelv9iPDSNRyCqNwcWyfUpCHYV%2FJuV8Xbtn14OrZ8cNDzq8nwGUs45PgZhTnpan0Ct7haYtzJRl2hk8VMidhzW%2BAwciqOTj2pfg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 77e8ec558a62bba9-FRA expires Sat, 14 Jan 2023 07:32:33 GMT
GET H2	200	load.js Show response widget.perfectmarket.com/pawsworld-aubtu/	3 KB 1 KB	76ms 25ms	Script application/javascript	151.101.193.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://widget.perfectmarket.com/pawsworld-aubtu/load.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 127152e73d0df5e6395acd0229059f5ffaa45aa0487ec1b4453d1963547d03fb Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id s8h2ZStVaP7oKAkS6GDqZwD30WpqVkv9 content-encoding gzip via 1.1 varnish, 1.1 varnish date Sat, 24 Dec 2022 11:16:09 GMT x-amz-request-id GE5SC55JZHY62PMG age 139 x-cache HIT, HIT content-length 1063 x-amz-id-2 XcWyb+lbOKrSER8VXLtVC6aU3yHvwR4Rfw9DbaZifg90ws3GMSNcnksj6nUoZHp75AdHBEjR9xw= x-served-by cache-lax10654-LGB, cache-hhn-etou8220094-HHN last-modified Tue, 20 Dec 2022 02:39:04 GMT server AmazonS3 x-timer S1671880569.285167,VS0,VE3 etag "a7cbe1dc710844160595d0d2a2c1417c" vary Accept-Encoding,, content-type application/javascript; charset=utf-8 cache-control max-age=300 accept-ranges bytes x-cache-hits 2, 1
GET H2	200	impl.20221222-8-RELEASE.js Show response cdn.taboola.com/libtrc/	699 KB 145 KB	27ms 25ms	Script application/javascript	151.101.129.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.taboola.com/libtrc/impl.20221222-8-RELEASE.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.129.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3-br / Resource Hash a16d627fccd0fadd4f02db9de6a07c4e7ca17abcf832a0cf87b0374cbff64b2c Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id 50BdW6qMuaL4JaTUWgXawQSLMOyqaSkT content-encoding br via 1.1 varnish date Sat, 24 Dec 2022 11:16:09 GMT x-amz-request-id EZT0HV58X1F2MDW1 age 932 x-cache HIT content-length 148539 x-amz-id-2 eEajxHqfX6jvB7d+JUvEq8p9Vn6hfPSnvX+22macOIfwYvAgbt8DYTnbA2Wb140/bJlxeY9/rwY= x-served-by cache-hhn-etou8220093-HHN last-modified Thu, 22 Dec 2022 11:00:36 GMT server AmazonS3-br x-timer S1671880569.239219,VS0,VE0 etag "fd353293fc672a35b1079ac75f6fc865" vary Accept-Encoding content-type application/javascript abp 3 cache-control private,max-age=31536000 accept-ranges bytes x-cache-hits 2831
GET H2	200	beacon.js Show response sb.scorecardresearch.com/	4 KB 2 KB	95ms 21ms	Script application/javascript	99.86.4.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/pawsworld-aubtu/loader.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-32.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 07:06:06 GMT content-encoding gzip via 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront) last-modified Tue, 28 Jun 2022 13:19:23 GMT server AmazonS3 x-amz-cf-pop FRA6-C1 age 15004 x-amz-server-side-encryption AES256 etag W/"eaf85c1c6758e84acfe134efd70e9373" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id XJIq6fwVMRc84nUV3d-fZMs6UjtN96sU-qIbhpMTtCI51g4zcyaVqg==
GET H2	200	/ Show response a3.pubguru.net/	139 B 457 B	84ms 27ms	XHR application/json	3.64.100.236 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a3.pubguru.net/?device=desktop&domain=aubtu.biz Requested by Host: m2d.m2.ai URL: https://m2d.m2.ai/v/pg-221109-9ce-nc-a84bab9c20f4bbd96b6d3169d2a7bef6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.64.100.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-100-236.eu-central-1.compute.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 46554948352fa64e9fbe7e07deb82648a4323f6b510749e16b3e4693ec95662a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT x-content-type-options nosniff referrer-policy same-origin server Apache/2.4.29 (Ubuntu) cross-origin-opener-policy same-origin x-frame-options DENY vary Origin content-type application/json access-control-allow-origin https://aubtu.biz x-m2 1 access-control-expose-headers X-M2, X-Duration access-control-allow-credentials true x-duration 4 content-length 139
POST H2	200	stream Show response a3.pubguru.net/	2 B 375 B	32ms 26ms	XHR text/plain	3.64.100.236 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a3.pubguru.net/stream?beacon=immediate Requested by Host: m2d.m2.ai URL: https://m2d.m2.ai/v/pg-221109-9ce-nc-a84bab9c20f4bbd96b6d3169d2a7bef6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.64.100.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-100-236.eu-central-1.compute.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://aubtu.biz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-encoding gzip x-content-type-options nosniff referrer-policy same-origin server Apache/2.4.29 (Ubuntu) cross-origin-opener-policy same-origin x-frame-options DENY vary Origin,Accept-Encoding content-type text/plain access-control-allow-origin https://aubtu.biz x-m2 1 access-control-expose-headers X-M2, X-Duration access-control-allow-credentials true x-duration 3
POST H2	200	stream a3.pubguru.net/	0 0	65ms 23ms	Ping text/plain	3.64.100.236 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://a3.pubguru.net/stream?beacon=test Requested by Host: m2d.m2.ai URL: https://m2d.m2.ai/v/pg-221109-9ce-nc-a84bab9c20f4bbd96b6d3169d2a7bef6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.64.100.236 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-100-236.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://aubtu.biz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	123ms 54ms	XHR text/plain	2a00:1450:400d:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=824771868&t=pageview&_s=1&dl=https%3A%2F%2Faubtu.biz%2F83862%2F&ul=en-us&de=UTF-8&dt=Money%20Heist%20-%20Who%20are%20the%20Casts%20and%20Characters%3F%20(Part%201)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1777179280&gjid=345716123&cid=39467824.1671880569&tid=UA-153122571-11&_gid=987739460.1671880569&_r=1&gtm=2oubu0&z=1426736170 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://aubtu.biz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 24 Dec 2022 11:16:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://aubtu.biz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	120ms 54ms	XHR text/plain	2a00:1450:400d:80a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j98&a=824771868&t=pageview&_s=1&dl=https%3A%2F%2Faubtu.biz%2F83862%2F&ul=en-us&de=UTF-8&dt=Money%20Heist%20-%20Who%20are%20the%20Casts%20and%20Characters%3F%20(Part%201)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=231251431&gjid=1578935874&cid=39467824.1671880569&tid=UA-138655475-60&_gid=987739460.1671880569&_r=1&gtm=2oubu0&z=865746472 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://aubtu.biz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sat, 24 Dec 2022 11:16:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://aubtu.biz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	21928950349 Show response fundingchoicesmessages.google.com/i/	113 KB 39 KB	254ms 150ms	Script application/javascript	2a00:1450:400d:807::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/21928950349?ers=3 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 82c5b389c2203590bfb27e8b6710c0fca9eb4ea89ff6ef53326adb387e34a2ee Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mhCB03siZBtMffTyYZh91w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mhCB03siZBtMffTyYZh91w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin; report-to="ContributorServingWebSwitchboardHttp" server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site report-to {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]} content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect region1.google-analytics.com/g/	0 17 B	70ms 26ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-0NE7QEYY49&gtm=2oebu0&_p=824771868&cid=39467824.1671880569&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671880569&sct=1&seg=0&dl=https%3A%2F%2Faubtu.biz%2F83862%2F&dt=Money%20Heist%20-%20Who%20are%20the%20Casts%20and%20Characters%3F%20(Part%201)&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-0NE7QEYY49&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 24 Dec 2022 11:16:09 GMT server Golfe2 content-type text/plain access-control-allow-origin https://aubtu.biz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cmp-list.json Show response test.cmp.quantcast.com/GVL-v2/	10 KB 3 KB	492ms 161ms	XHR application/json	2600:9000:20c5:ce00:3:a4cd:8380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.cmp.quantcast.com/GVL-v2/cmp-list.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=aubtu.biz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20c5:ce00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 853a1f973e0c7d05b846cb408953ca4c5a00be5410f030c37f25dcccaf2c7bf1 Request headers Accept application/json, text/plain, */* Referer https://aubtu.biz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 03:00:39 GMT x-amz-version-id 1z0UoXMJ9xzbs2qI0bEVqRIwlX6l1fM5 content-encoding br via 1.1 5f77bd93eaeac8e32d1c411a80449034.cloudfront.net (CloudFront) x-amz-cf-pop LAX3-C3 age 29731 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 15 Dec 2022 19:53:40 GMT server AmazonS3 etag W/"1fcb7b340973662b8c72821035297be8" access-control-max-age 86400 access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control max-age=172800 vary Accept-Encoding x-amz-cf-id Ewnv_qgSZIEWF5zVyHacik2Hzb2VCwx0DKpXpLA7hiLzlxKSkcNSVg==
GET H2	200	ca-pub-4402329642115120 Show response fundingchoicesmessages.google.com/i/	113 KB 40 KB	111ms 106ms	Script application/javascript	2a00:1450:400d:807::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/ca-pub-4402329642115120?ers=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4402329642115120&plah=aubtu.biz&bust=31071167 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 213c831b46b4f00717d6a284e0192436f3da5f4f720c226409bbc8c3a33271a9 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-pgm9U9Ee8Wc4Ob10KPw14g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-security-policy script-src 'report-sample' 'nonce-pgm9U9Ee8Wc4Ob10KPw14g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin; report-to="ContributorServingWebSwitchboardHttp" server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site report-to {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]} content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	pmk-20220605.2.js Show response widget.perfectmarket.com/pawsworld-aubtu/	109 KB 30 KB	25ms 24ms	Script application/javascript	151.101.193.44 FASTLY
General Check archive.org Show headers Download Go to Full URL https://widget.perfectmarket.com/pawsworld-aubtu/pmk-20220605.2.js Requested by Host: widget.perfectmarket.com URL: https://widget.perfectmarket.com/pawsworld-aubtu/load.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 063a99510a37184a9d23ebad4be014fb16bf40389d1f5e6bcaec6c13d447dc1e Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-amz-version-id QrJPSD_lLzrj.X.u_uqt2v35NRKmORQy content-encoding gzip via 1.1 varnish, 1.1 varnish date Sat, 24 Dec 2022 11:16:09 GMT x-amz-request-id 8544HAXS8ETZ1FJ1 age 376617 x-cache HIT, HIT content-length 30546 x-amz-id-2 X1RS+wQYx2B6InMU7I+nX6H/VrelR4z5VUpuSm1QKuw2P/AR1373Do5MPOc/0Ng7cEkTHwhki5g= x-served-by cache-lax10621-LGB, cache-hhn-etou8220094-HHN last-modified Tue, 20 Dec 2022 02:39:03 GMT server AmazonS3 x-timer S1671880570.556164,VS0,VE0 etag "c29924bf0ecdbbe09b181d5aca57729a" vary Accept-Encoding,, content-type application/javascript; charset=utf-8 cache-control max-age=31536000 accept-ranges bytes x-cache-hits 3, 135
GET H2	200	sync Show response gum.criteo.com/	46 B 288 B	100ms 39ms	Script text/javascript	2a02:2638::1c ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd= Requested by Host: cdn.taboola.com URL: https://cdn.taboola.com/libtrc/impl.20221222-8-RELEASE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding content-type text/javascript; charset=utf-8 cache-control private, max-age=3600 server-processing-duration-in-ticks 833792 expires 60
GET H2	204	debug trc-events.taboola.com/pawsworld-aubtu/log/2/	0 90 B	304ms 29ms	Image text/plain	141.226.228.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://trc-events.taboola.com/pawsworld-aubtu/log/2/debug?tim=11%3A16%3A09.565&type=usage&msg=rtus&llvl=2&id=8157&cv=20221222-8-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=ccpaApiTriggerRtus&extraData=%7B%7D Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT access-control-allow-credentials true server nginx x-fastly-to-nlb-rtt 28568
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 435 B	101ms 31ms	XHR text/plain	2a00:1450:4025:401::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-153122571-11&cid=39467824.1671880569&jid=1777179280&gjid=345716123&_gid=987739460.1671880569&_u=YADAAUAAAAAAACAAI~&z=213444068 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://aubtu.biz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 24 Dec 2022 11:16:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://aubtu.biz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 67 B	102ms 32ms	XHR text/plain	2a00:1450:4025:401::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-138655475-60&cid=39467824.1671880569&jid=231251431&gjid=1578935874&_gid=987739460.1671880569&_u=YADAAUABAAAAACAAI~&z=1823656 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://aubtu.biz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sat, 24 Dec 2022 11:16:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://aubtu.biz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	aubtu.json Show response cdn.unibotscdn.com/clientdata/	19 KB 2 KB	101ms 34ms	Fetch application/json	2400:52e0:1e00::1048:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn.unibotscdn.com/clientdata/aubtu.json Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1048:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1048 / Resource Hash 8db0ad2d902a8a63738ad9b51b55ea2435b96fc5f15b1a49f5da10c89738116c Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-encoding gzip cdn-edgestorageid 1054 cdn-storageserver DE-164 cdn-cachedat 12/20/2022 17:29:08 cdn-pullzone 873945 last-modified Tue, 20 Dec 2022 12:36:20 GMT server BunnyCDN-DE1-1048 cdn-fileserver 421 cdn-requestpullcode 206 cdn-proxyver 1.03 vary Accept-Encoding content-type application/json access-control-allow-origin * cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=3600 cdn-requestid 565d540385e518b3c6b14a34b157bde1 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H/1.1	200 OK	block Show response api.unibots.in/	45 B 288 B	532ms 173ms	Fetch application/json	45.79.126.27 AKAMAI-AP Akamai ...
General Check archive.org Show headers Download Go to Full URL https://api.unibots.in/block?client=Aubtu&page=aubtu.biz/83862/ Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 45.79.126.27 Mumbai, India, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG), Reverse DNS 45-79-126-27.ip.linodeusercontent.com Software / Express Resource Hash 7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sat, 24 Dec 2022 11:16:10 GMT Keep-Alive timeout=5 X-Powered-By Express Content-Length 45 ETag W/"2d-u7Q5CwGaa1ObtHaIkSK9AjhXyhU" Content-Type application/json; charset=utf-8
GET H3	200	AGSKWxXJVbryjcN-GVUHbsgh-jvOzamBr8DKY_1udWEEqXJBJ_FezJgb7oT5MYPSnxzH1CfsJjgE3YUKsFk4ceMIeFI= Show response fundingchoicesmessages.google.com/f/	417 KB 57 KB	235ms 167ms	Script application/javascript	2a00:1450:400d:807::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXJVbryjcN-GVUHbsgh-jvOzamBr8DKY_1udWEEqXJBJ_FezJgb7oT5MYPSnxzH1CfsJjgE3YUKsFk4ceMIeFI=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjcxODgwNTY5LDcxNjAwMDAwMF0sIkY1QzA5RTQ1LTQ3QzMtNDUyNi05RTYwLTVERjc1OEJEMkYzQSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vYXVidHUuYml6LzgzODYyLyIsbnVsbCxbWzgsIk9nWG9sLS1UX000Il0sWzksImRlIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.OgXol--T_M4.es5.O/d=1/rs=AJlcJMwY2736qfvOgEFeTsZ2ae4fQQLYVw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash be45209bb389cd7ae789db9957fb2e6bf0af49970d873b0b651ecfb66b6af6bc Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-nXPooMGHkfta1VuqGJ4_2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:09 GMT content-security-policy script-src 'report-sample' 'nonce-nXPooMGHkfta1VuqGJ4_2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin; report-to="ContributorGlobalRouterHttp" server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site report-to {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]} content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	cmp2ui-en.js Show response cmp.quantcast.com/tcfv2/45/	248 KB 65 KB	103ms 23ms	Script text/javascript	2600:9000:21f3:9400:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=aubtu.biz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 22 Dec 2022 18:35:30 GMT content-encoding gzip via 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 age 146441 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin last-modified Thu, 10 Nov 2022 18:23:24 GMT server AmazonS3 etag W/"39d0cac7e548f81f1e1e1c36db3c775e" access-control-max-age 604800 access-control-allow-methods GET content-type text/javascript;charset=UTF-8 access-control-allow-origin * cache-control max-age=172800 vary Accept-Encoding x-amz-cf-id EX5FvLJaQfJDTwll3wvn6p_v8aVlAh-Qu57HP2T4wr-E2vvWxKLJwQ==
GET H2	200	vendor-list-trimmed-v1.json Show response cmp.quantcast.com/GVL-v2/	349 KB 43 KB	100ms 25ms	XHR application/json	2600:9000:21f3:9400:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=aubtu.biz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e4dd75bdb66343ee2600ba67ae8b1c000a4ed8822acd32c80e1a04320a447fbc Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 03:00:36 GMT content-encoding br via 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 age 29735 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Sat, 24 Dec 2022 03:00:33 GMT server AmazonS3 etag W/"787f1d8a11adaf92271e5992aa8cd521" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control max-age=172800 access-control-allow-credentials true vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id 9s7i758bmpZNA-l-Rc-eN2S47mChP_p7MD0JTXo6MGhoBAVvFmJHfg==
GET H2	204	b2 sb.scorecardresearch.com/	0 189 B	21ms 21ms	Image text/plain	99.86.4.32 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671880569547&ns_c=UTF-8&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=1&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=484&c7=https%3A%2F%2Faubtu.biz%2F83862%2F&c8=Money%20Heist%20-%20Who%20are%20the%20Casts%20and%20Characters%3F%20(Part%201)&c9= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.32 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-32.fra6.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:10 GMT via 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amz-cf-id q5flPnzp-GDwCEgacgesaO7NqNbO8MUajBDTCf30PHrYKALdz_AIpg== x-cache Miss from cloudfront
GET H2	200	google-atp-list.json Show response cmp.quantcast.com/tcfv2/	152 KB 35 KB	120ms 46ms	XHR application/json	2600:9000:21f3:9400:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.quantcast.com/tcfv2/google-atp-list.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=aubtu.biz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:9400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7f97c395d8c7383e543f30158f6b577a4161dc6f87b79a0878feb7ebd4ee845f Request headers Accept application/json, text/plain, */* Referer https://aubtu.biz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 03:01:38 GMT content-encoding br via 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront) x-amz-cf-pop FRA2-C2 age 29673 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Sat, 24 Dec 2022 03:01:36 GMT server AmazonS3 etag W/"505447daad0efff5e3d0fa9fe62f05e2" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * cache-control max-age=172800 access-control-allow-credentials true vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id inSWzqWoPNm8YX5F8QSVQbXFkfszYEBuVFeeNYhf3B0-KhkwKrQizw==
GET H/1.1	200 OK	img.fetch Show response udmserve.net/udm/	1 B 470 B	178ms 177ms	Script application/x-javascript	68.71.249.118 ZEROLAG
General Check archive.org Show headers Download Go to Full URL https://udmserve.net/udm/img.fetch?sid=16619;tid=1;dt=6;gdprApplies=true;consentGiven=false;consentData= Requested by Host: bid.underdog.media URL: https://bid.underdog.media/udm-r3_v2.16.3.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US), Reverse DNS Software / Resource Hash 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers P3p NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT Date Sat, 24 Dec 2022 11:16:10 GMT Connection Keep-Alive Content-Length 1 Content-Type application/x-javascript
GET H2	200	aubtu.js Show response cdn.unibotscdn.com/clientdata/js/	1 KB 1 KB	33ms 33ms	Script application/javascript	2400:52e0:1e00::1048:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn.unibotscdn.com/clientdata/js/aubtu.js Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1048:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1048 / Resource Hash 32a9ffdee86d0e6ec31dd881788fbf019191171538b3c4a718652456f11e1fee Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:10 GMT content-encoding br cdn-edgestorageid 752 cdn-storageserver DE-167 cdn-cachedat 12/21/2022 07:06:25 cdn-pullzone 873945 last-modified Wed, 21 Dec 2022 07:05:34 GMT server BunnyCDN-DE1-1048 cdn-fileserver 436 cdn-requestpullcode 200 cdn-proxyver 1.03 etag W/"63a2b03e-5d3" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed cache-control public, max-age=3600 cdn-requestid 18ce7d2c7ce957e7107e3cf47db69032 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	videojs.ads.css cdn.jsdelivr.net/npm/videojs-contrib-ads@6.8.0/dist/	975 B 1 KB	83ms 26ms	Stylesheet text/css	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.8.0/dist/videojs.ads.css Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 95694 x-jsd-version 6.8.0 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19140-FRA, cache-yyz4534-YYZ x-jsd-version-type version server cloudflare etag W/"3cf-QkYNpQ1t+HGGuQzDGS8mZdpVWDg" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RO2cNC419CYE2qYAPQLdNKRkPkDh8AETNaapiOYaiRKnzkMIQ%2BDc6kJaSmebsY5CvtjxIqUs0ek0xObr4tMP5orTS2NVe3G4BTni91Bp4EU7qcK13LzBix%2BlfveFPG1luzGJkEU6I%2FHL%2B7kOwpA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 77e8ec5c8c692bce-FRA
GET H2	200	videojs.ima.css cdn.jsdelivr.net/npm/videojs-ima@1.11.0/dist/	4 KB 2 KB	88ms 31ms	Stylesheet text/css	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/videojs-ima@1.11.0/dist/videojs.ima.css Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 95694 x-jsd-version 1.11.0 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19155-FRA, cache-yyz4525-YYZ x-jsd-version-type version server cloudflare etag W/"eda-rFTc9uQpHYoG97d1hpF7y+maJdM" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJ0xRGY7IIFUAVFSL6w5oR%2BsWnfLCEIPE0gkfRa3Gu1P0nH5LBNGw8OF4laZ5Qwn3TPUaDNodzm7WGeIsaTPFbF9E8PoeiqwUGwELSHh3ob8juc6sux%2FwDf4G%2Bf1%2B7T2p7LDaH2nC8nvf9B9I%2BA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 77e8ec5c8c6c2bce-FRA
GET H2	200	video-js.min.css cdn.jsdelivr.net/npm/video.js@7.11.8/dist/	39 KB 10 KB	86ms 29ms	Stylesheet text/css	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/video.js@7.11.8/dist/video-js.min.css Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 95694 x-jsd-version 7.11.8 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19129-FRA, cache-yyz4537-YYZ x-jsd-version-type version server cloudflare etag W/"9cdf-hOphjOeyfUewXdwzXYtoioxwLLQ" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMgH9v%2FuMJrBtsl1T95S5UAZMU%2BMDvzXOR7oXp8jGvd3aXIRD5fUit6ysFtA2CMuBOO0uCLuMzMvT4li5VZ1cg%2Fgo%2BVPkdWumUDG3J%2FkEZ0ZibX2xeNaNj54KuwbS2exwbyHrSHCfNNT4MdTMIg%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 77e8ec5c8c6e2bce-FRA
GET H2	200	aubtu.css cdn.unibotscdn.com/clientdata/css/	4 KB 2 KB	34ms 33ms	Stylesheet text/css	2400:52e0:1e00::1048:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn.unibotscdn.com/clientdata/css/aubtu.css Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1048:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1048 / Resource Hash c68046856ce6026f40aadc375b72b8f78f3ce598510707f562689970d1830868 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:10 GMT content-encoding br cdn-edgestorageid 1054 cdn-storageserver DE-167 cdn-cachedat 12/07/2022 11:21:20 cdn-pullzone 873945 last-modified Wed, 07 Dec 2022 11:21:02 GMT server BunnyCDN-DE1-1048 cdn-fileserver 422 cdn-requestpullcode 200 cdn-proxyver 1.03 etag W/"6390771e-11b9" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=3600 cdn-requestid 38331c10adc16669b21ba4a4aee8cd58 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	372 KB 125 KB	206ms 105ms	Script text/javascript	2a00:1450:400d:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:10 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 126857 x-xss-protection 0 expires Sat, 24 Dec 2022 11:16:10 GMT
GET H2	200	/ Show response audit-tcfv2.cmp.quantcast.com/	2 B 101 B	91ms 21ms	XHR text/plain	18.192.132.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22P1H7K5VnbfnPD%22%2C%22domain%22%3A%22aubtu.biz%22%2C%22publisher%22%3A%22Aubtu%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22luj3OSSxI239fi9ntwsWDA%22%2C%22clientTimestamp%22%3A1671880570277%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-9j55xj9rxn4wthf0j577%22%7D Requested by Host: cmp.quantcast.com URL: https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.192.132.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-192-132-118.eu-central-1.compute.amazonaws.com Software / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Accept application/json, text/plain, */* Referer https://aubtu.biz/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-origin * date Sat, 24 Dec 2022 11:16:10 GMT content-length 2 content-type text/plain; charset=utf-8
GET H3	200	Aubtub.png aubtu.biz/wp-content/uploads/2021/09/	9 KB 10 KB	34ms 33ms	Image image/png	2606:4700:20::681a:52e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://aubtu.biz/wp-content/uploads/2021/09/Aubtub.png?qc-size=300,90 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:52e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf70ed4ef802a26c4c944e23f5686617f668818f8e4b5e55fe83b6417648d0a0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/83862/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:10 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 790495 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9496 pragma public last-modified Thu, 04 Nov 2021 04:45:02 GMT server cloudflare etag "6183654e-2518" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2L00H%2BT8ax6dll5ibfeggSTmK5HfYoI1IoWzwOe4cVxij8pVO%2FRum2w09hWaTrgrDGHXVGebvDkxWksVuPvz20dJSl6tpxv7ImLJPsD3hMDLB8cS%2FYY9DwYR8rpPkfmrExbYrx6PQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 77e8ec5c6885bba9-FRA expires Sat, 14 Jan 2023 07:41:15 GMT
GET H2	200	video.min.js Show response vjs.zencdn.net/7.11.4/	524 KB 145 KB	78ms 20ms	Script application/javascript	2a04:4e42:200::729 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vjs.zencdn.net/7.11.4/video.min.js Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-served-by cache-hhn-etou8220057-HHN date Sat, 24 Dec 2022 11:16:10 GMT content-encoding gzip last-modified Thu, 04 Feb 2021 16:37:54 GMT etag "dca7de69f28da40d65353c2e9323442b" vary Accept-Encoding x-cache HIT content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 timing-allow-origin * content-length 148475 x-cache-hits 24
GET H3	200	videojs.ads.js Show response cdn.jsdelivr.net/npm/videojs-contrib-ads@6.8.0/dist/	91 KB 24 KB	76ms 52ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/videojs-contrib-ads@6.8.0/dist/videojs.ads.js Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 6946271 x-jsd-version 6.8.0 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19163-FRA, cache-yyz4554-YYZ x-jsd-version-type version server cloudflare etag W/"16c3c-XTWyR/+wTNuO+mhGvQZwQQTNP2I" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akuhPlF7%2Fqi%2BbYqLUR4WDU9PW%2B0pE0ihj45fZy84YojnGUxkgSy8IiIlh1rggUPJbIYKDD%2BWCp1Qk0Tvf%2BGPcNhY8MJVQvEMcI8AsyHyE8fvrrAxdyoxxZ96QKlQjxmGqwMKe8jST0YHS2yk0%2BE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 77e8ec5f5cd59b63-FRA
GET H3	200	videojs.ima.js Show response cdn.jsdelivr.net/npm/videojs-ima@1.11.0/dist/	84 KB 18 KB	55ms 32ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/videojs-ima@1.11.0/dist/videojs.ima.js Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 24026051 x-jsd-version 1.11.0 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19140-FRA, cache-hhn4027-HHN x-jsd-version-type version server cloudflare etag W/"14fe2-x9+sAvNQeZX8jxoQcZlsO67xEgo" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mzUtPs%2BSo%2B%2BWxalus%2Bme2JQoJ4Qc7Fa3Mj0OfX7ZJ1byqiHnV39V93%2B%2B7zE3%2F2ErMYlsUUWVbxD%2B%2FcANhKI8Nka5O9jPW8e9UhCyAJEC9kfUMHcooHYCYNh94%2FQYbPsNs1DSljpWsLyTJ%2Bv1fe4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 77e8ec5f5cd19b63-FRA
GET H3	200	can-autoplay.min.js Show response cdn.jsdelivr.net/npm/can-autoplay@3.0.0/build/	11 KB 4 KB	54ms 31ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/can-autoplay@3.0.0/build/can-autoplay.min.js Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 24026050 x-jsd-version 3.0.0 content-encoding br x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19121-FRA x-jsd-version-type version server cloudflare etag W/"2ae4-KCPSMTN2SdlCpBkMeQk1eb16L7s" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AFET6%2BBdvySuZWmLPzpFPfw%2Brg1ouTMzdAxpByi%2BvlU0cNRtfbbaoUd8vnjUD5kMJz2XjXRDVC07iUZ61uaaw48XuvUzirwPw%2Fv67QxCE1ER6dyx2yKaZyB0x2dTKxVBV97fiXgy5EOFbr1SFHo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 77e8ec5f5ccc9b63-FRA
GET H3	200	videojs-playlist.min.js Show response cdn.jsdelivr.net/npm/videojs-playlist@5.0.0/dist/	5 KB 3 KB	98ms 75ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/videojs-playlist@5.0.0/dist/videojs-playlist.min.js Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 4551807 x-jsd-version 5.0.0 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19126-FRA, cache-yyz4577-YYZ x-jsd-version-type version server cloudflare etag W/"13b1-wxzLT0Y4ihksb8Q+NruQQceFjtA" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4JFYZDJnDs9bVT1s4qdh57Uzr8wr1lY9epxRYe%2BUZhVKVOqGadttjSd64LRSGdX0PcVlgQLHXs%2BKlXtbS%2BTsMZz50rAXavBm1yfPm8Lwre9wFlQqbmt1A6unpzOBRsPG919uofEu1AYoJuMEeM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cf-ray 77e8ec5f5cda9b63-FRA
GET H2	200	videojs-http-streaming.min.js Show response unpkg.com/@videojs/http-streaming@2.14.2/dist/	313 KB 89 KB	100ms 44ms	Script application/javascript	2606:4700::6810:7baf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/@videojs/http-streaming@2.14.2/dist/videojs-http-streaming.min.js Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87ad3937041399e3fa70ced9c237f347f54eed87a593ef7672ae6bd8f694aa2e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:10 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 16674089 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01G5GZWYQMFHWZ1S9QB4P6K6AD-fra server cloudflare etag W/"4e381-sWncTYk99Vh6MbFTmww1DxncjVE" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 77e8ec5f8cce9a00-FRA
GET BLOB	200 OK	e3ce400f-0d24-48ac-8bfc-0e4eaaf0e896 https://aubtu.biz/	31 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://aubtu.biz/e3ce400f-0d24-48ac-8bfc-0e4eaaf0e896 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Length 31 Content-Type application/javascript
GET H/1.1	200 OK	ubpvideos Show response newsbot.unibots.in/get_videos/	264 B 436 B	592ms 180ms	Fetch application/json	172.105.43.230 AKAMAI-AP Akamai ...
General Check archive.org Show headers Download Go to Full URL https://newsbot.unibots.in/get_videos/ubpvideos Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 172.105.43.230 Mumbai, India, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG), Reverse DNS 172-105-43-230.ip.linodeusercontent.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 4a369dc1fba0b999b5e8a86e45fdaadf458074ebbd4b9ccfc7c8f6e0b1da0f4f Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Sat, 24 Dec 2022 11:16:11 GMT Server nginx/1.14.0 (Ubuntu) Content-Length 264 Content-Type application/json
GET H3	200	js Show response www.googletagmanager.com/gtag/	224 KB 77 KB	58ms 58ms	Script application/javascript	2a00:1450:400d:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-XXJ8PP2E8P Requested by Host: cdn.unibotscdn.com URL: https://cdn.unibotscdn.com/ubplayer/player.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b83b945650194c803675abc75362dc72dc455659048ea00eb7d443dc72c34845 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:11 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78959 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 24 Dec 2022 11:16:11 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	224 KB 77 KB	59ms 58ms	Script application/javascript	2a00:1450:400d:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-XXJ8PP2E8P&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-153122571-11 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 3eb657256a8b049ffb08d56bf60b101ab0b31d2648885313a1698114504aec28 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:11 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78987 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Sat, 24 Dec 2022 11:16:11 GMT
GET BLOB	206 Partial Content	2fb7d184-966f-4c6a-812e-d1ef80cd64f9 https://aubtu.biz/	1 KB 0		Media video/mp4
General Check archive.org Show headers Download Go to Full URL blob:https://aubtu.biz/2fb7d184-966f-4c6a-812e-d1ef80cd64f9 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-1492/1493 Content-Length 1493 Content-Type video/mp4
GET BLOB	206 Partial Content	d91493e5-0e69-453e-9ade-c607188d903a https://aubtu.biz/	1 KB 0		Media video/mp4
General Check archive.org Show headers Download Go to Full URL blob:https://aubtu.biz/d91493e5-0e69-453e-9ade-c607188d903a Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Range bytes=0- Response headers Content-Range bytes 0-1492/1493 Content-Length 1493 Content-Type video/mp4
GET H2	200	ub.svg cdn.unibotscdn.com/ubplayer/logo/	2 KB 1 KB	33ms 33ms	Image image/svg+xml	2400:52e0:1e00::1048:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.unibotscdn.com/ubplayer/logo/ub.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1048:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1048 / Resource Hash a60a1b492ccc3784df2d649db4bf3fbb8bb70a583522a61194e7552a6e28c5aa Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:11 GMT content-encoding gzip cdn-edgestorageid 1049 cdn-storageserver DE-200 cdn-cachedat 11/12/2022 05:25:03 cdn-pullzone 873945 last-modified Thu, 30 Jun 2022 06:20:30 GMT server BunnyCDN-DE1-1048 cdn-fileserver 377 cdn-requestpullcode 206 cdn-proxyver 1.03 vary Accept-Encoding content-type image/svg+xml cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed cache-control public, max-age=2592000 cdn-requestid 8430d9360474b0824ed4389d54597be7 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET DATA	200 OK	truncated /	4 KB 4 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308 Request headers Referer Origin https://aubtu.biz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H2	200	playlist.m3u8 Show response stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/	171 B 853 B	162ms 36ms	XHR application/vnd.apple.mpegurl	2400:52e0:1e00::723:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/playlist.m3u8 Requested by Host: vjs.zencdn.net URL: https://vjs.zencdn.net/7.11.4/video.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-723 / Resource Hash ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers cdn-storagebalancer NY-266 date Sat, 24 Dec 2022 11:16:11 GMT content-encoding gzip cdn-edgestorageid 860 cdn-storageserver DE-51 cdn-cachedat 12/17/2022 22:11:08 cdn-pullzone 829957 last-modified Fri, 16 Dec 2022 07:13:08 GMT server BunnyCDN-DE1-723 cdn-fileserver 54 cdn-requestpullcode 206 cdn-proxyver 1.03 vary Accept-Encoding content-type application/vnd.apple.mpegurl access-control-allow-origin * cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=30 cdn-requestid 4ba704b381fe242259f1ade6353420eb cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET BLOB	200 OK	80730bcf-a72f-4253-9d53-74279a7e58c3 https://aubtu.biz/	6 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://aubtu.biz/80730bcf-a72f-4253-9d53-74279a7e58c3 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 0b69e5f3ff4f4334a57797153ed18c266f06e757220c9968a2509c38577c1753 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Length 6121 Content-Type application/javascript
GET BLOB	200 OK	b18beb36-d53c-4bc3-b02d-cd663952b0a2 https://aubtu.biz/	78 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://aubtu.biz/b18beb36-d53c-4bc3-b02d-cd663952b0a2 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 3f7599bee29320a0bd9e8eeb17d6bec67327eeb4fcbbc9f9e213419be025d600 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Length 80371 Content-Type application/javascript
GET BLOB	200 OK	aa3e9f12-4168-4158-ac29-2b033ba6b3b0 https://aubtu.biz/	78 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://aubtu.biz/aa3e9f12-4168-4158-ac29-2b033ba6b3b0 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 3f7599bee29320a0bd9e8eeb17d6bec67327eeb4fcbbc9f9e213419be025d600 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Length 80371 Content-Type application/javascript
GET H3	200	bridge3.549.0_en.html Show response imasdk.googleapis.com/js/core/ Frame 18C3	693 KB 222 KB	102ms 33ms	Document text/html	2a00:1450:400d:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://aubtu.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 295374 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 227324 content-type text/html cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" cross-origin-resource-policy cross-origin date Wed, 21 Dec 2022 01:13:17 GMT expires Thu, 21 Dec 2023 01:13:17 GMT last-modified Fri, 09 Dec 2022 15:29:50 GMT report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	client.js Show response s0.2mdn.net/instream/video/	44 KB 17 KB	189ms 86ms	Script text/javascript	2a00:1450:400d:803::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:11 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript cache-control private, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16746 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 24 Dec 2022 11:16:11 GMT
POST H3	204	collect region1.google-analytics.com/g/	0 17 B	27ms 26ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-XXJ8PP2E8P&gtm=2oebu0&_p=824771868&cid=39467824.1671880569&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671880571&sct=1&seg=0&dl=https%3A%2F%2Faubtu.biz%2F83862%2F&dt=Money%20Heist%20-%20Who%20are%20the%20Casts%20and%20Characters%3F%20(Part%201)&en=page_view&_fv=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XXJ8PP2E8P Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Sat, 24 Dec 2022 11:16:11 GMT server Golfe2 content-type text/plain access-control-allow-origin https://aubtu.biz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	video.m3u8 Show response stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/	4 KB 1 KB	36ms 36ms	XHR application/vnd.apple.mpegurl	2400:52e0:1e00::723:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/video.m3u8 Requested by Host: vjs.zencdn.net URL: https://vjs.zencdn.net/7.11.4/video.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-723 / Resource Hash 29b9a3cf0e31aa1a01137ce6a1375694b435a3cbd695364b661282e088f72e1d Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers cdn-storagebalancer NY-266 date Sat, 24 Dec 2022 11:16:11 GMT content-encoding gzip cdn-edgestorageid 1048 cdn-storageserver DE-51 cdn-cachedat 12/17/2022 22:11:11 cdn-pullzone 829957 last-modified Fri, 16 Dec 2022 07:12:19 GMT server BunnyCDN-DE1-723 cdn-fileserver 500 cdn-requestpullcode 206 cdn-proxyver 1.03 vary Accept-Encoding content-type application/vnd.apple.mpegurl access-control-allow-origin * cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=30 cdn-requestid 2dee70816db827624e2a62e44d01e7a0 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	video0.ts Show response stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/	253 KB 254 KB	49ms 49ms	XHR video/mp2t	2400:52e0:1e00::723:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/video0.ts Requested by Host: vjs.zencdn.net URL: https://vjs.zencdn.net/7.11.4/video.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-723 / Resource Hash 9e15a297a187d951cd464c81d40ded9dc51e00b85e9db2120a453dd8b5c9726b Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:11 GMT cdn-edgestorageid 1054 cdn-storageserver DE-199 cdn-cachedat 12/16/2022 10:58:18 cdn-pullzone 829957 content-length 258688 last-modified Fri, 16 Dec 2022 07:12:15 GMT server BunnyCDN-DE1-723 cdn-fileserver 455 cdn-requestpullcode 206 cdn-proxyver 1.03 content-type video/mp2t access-control-allow-origin * cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=43200 cdn-requestid 22dc9fccf355f3604af8a0b614b9da45 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	video1.ts Show response stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/	226 KB 227 KB	38ms 37ms	XHR video/mp2t	2400:52e0:1e00::723:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/video1.ts Requested by Host: vjs.zencdn.net URL: https://vjs.zencdn.net/7.11.4/video.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-723 / Resource Hash 41dbc0a6ed84ceb306518990c98327dd071231764d6c4fd9e77837ca31056b04 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:12 GMT cdn-edgestorageid 723 cdn-storageserver DE-198 cdn-cachedat 12/16/2022 10:58:19 cdn-pullzone 829957 content-length 231804 last-modified Fri, 16 Dec 2022 07:12:15 GMT server BunnyCDN-DE1-723 cdn-fileserver 162 cdn-requestpullcode 206 cdn-proxyver 1.03 content-type video/mp2t access-control-allow-origin * cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=43200 cdn-requestid a78e408717cae7090c34fb70adbeec96 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	video2.ts Show response stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/	227 KB 228 KB	36ms 36ms	XHR video/mp2t	2400:52e0:1e00::723:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/video2.ts Requested by Host: vjs.zencdn.net URL: https://vjs.zencdn.net/7.11.4/video.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-723 / Resource Hash eac41e3229b4b89c8688ad01e836d908629964afa4f205010712550b441fc707 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:12 GMT cdn-edgestorageid 755 cdn-storageserver DE-200 cdn-cachedat 12/16/2022 10:58:19 cdn-pullzone 829957 content-length 232180 last-modified Fri, 16 Dec 2022 07:12:10 GMT server BunnyCDN-DE1-723 cdn-fileserver 296 cdn-requestpullcode 206 cdn-proxyver 1.03 content-type video/mp2t access-control-allow-origin * cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=43200 cdn-requestid ff958110807656978d42b7df248679a4 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/ Frame 18C3	124 B 125 B	61ms 61ms	XHR text/xml	2a00:1450:400d:804::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?iu=%2F22082859479%2C22808405779%2FT5_FifthAdBreak%2Faubtu_T5_FifthAdBreak&tfcd=0&npa=0&sz=1x1%7C192x108%7C320x180%7C400x225%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2249274619768077&adsafe=medium&hl=en&vpos=preroll&description_url=https%3A%2F%2Faubtu.biz%2F83862%2F&cust_params=max_ad_duration%3D900&vpa=click&vpmute=0&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4134430641&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&media_url=blob%3Ahttps%253a%2F%2Faubtu.biz%2Fc02ba1d6-abc2-40ec-b822-c61f2ecfe932&sid=6D8954A4-ED9B-4F59-A34B-7E9E116467A8&nel=0&eid=44748969%2C44752995%2C44765701&url=https%3A%2F%2Faubtu.biz%2F83862%2F&dlt=1671880567046&idt=4896&dt=1671880572204&scor=3638438143085696&ged=ve4_td5_tt0_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:12 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 98 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-creative-id -2 content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	video3.ts Show response stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/	217 KB 218 KB	36ms 36ms	XHR video/mp2t	2400:52e0:1e00::723:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/video3.ts Requested by Host: vjs.zencdn.net URL: https://vjs.zencdn.net/7.11.4/video.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-723 / Resource Hash 8d1dddf53ee5895c25d3c4fa818273fab117e4edfa4695347bf61126561fe483 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:12 GMT cdn-edgestorageid 1054 cdn-storageserver DE-165 cdn-cachedat 12/16/2022 10:58:20 cdn-pullzone 829957 content-length 222404 last-modified Fri, 16 Dec 2022 07:12:18 GMT server BunnyCDN-DE1-723 cdn-fileserver 32 cdn-requestpullcode 206 cdn-proxyver 1.03 content-type video/mp2t access-control-allow-origin * cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=43200 cdn-requestid 00321b08b5af23fd663d3281dac8165a accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	video4.ts Show response stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/	210 KB 211 KB	37ms 37ms	XHR video/mp2t	2400:52e0:1e00::723:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/video4.ts Requested by Host: vjs.zencdn.net URL: https://vjs.zencdn.net/7.11.4/video.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-723 / Resource Hash 02749aae8d084a78272f6139b17419a0e3e18e72fe7251cdd4a96acc1be0420c Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:12 GMT cdn-edgestorageid 756 cdn-storageserver DE-164 cdn-cachedat 12/16/2022 10:58:20 cdn-pullzone 829957 content-length 214884 last-modified Fri, 16 Dec 2022 07:12:17 GMT server BunnyCDN-DE1-723 cdn-fileserver 162 cdn-requestpullcode 206 cdn-proxyver 1.03 content-type video/mp2t access-control-allow-origin * cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=43200 cdn-requestid 8e8294c3cfecb78e1c695a54e0042bdc accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	video5.ts Show response stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/	271 KB 272 KB	38ms 38ms	XHR video/mp2t	2400:52e0:1e00::723:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/video5.ts Requested by Host: vjs.zencdn.net URL: https://vjs.zencdn.net/7.11.4/video.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-723 / Resource Hash 6ceec189724f73e904b11118768f7866b666dd55e6ac6c58a5a22721a9b9f957 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:12 GMT cdn-edgestorageid 874 cdn-storageserver DE-165 cdn-cachedat 12/16/2022 10:58:20 cdn-pullzone 829957 content-length 277488 last-modified Fri, 16 Dec 2022 07:12:11 GMT server BunnyCDN-DE1-723 cdn-fileserver 32 cdn-requestpullcode 206 cdn-proxyver 1.03 content-type video/mp2t access-control-allow-origin * cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=43200 cdn-requestid 16db7662abbd5511ff317de35dcb62d0 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	video6.ts Show response stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/	327 KB 328 KB	36ms 36ms	XHR video/mp2t	2400:52e0:1e00::723:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/video6.ts Requested by Host: vjs.zencdn.net URL: https://vjs.zencdn.net/7.11.4/video.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-723 / Resource Hash 0bf64e72573d590430b7a60dc03bd43086f34bf4f363eea449a9e7f32fd434b8 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:12 GMT cdn-edgestorageid 1047 cdn-storageserver DE-199 cdn-cachedat 12/16/2022 10:58:21 cdn-pullzone 829957 content-length 334828 last-modified Fri, 16 Dec 2022 07:12:16 GMT server BunnyCDN-DE1-723 cdn-fileserver 55 cdn-requestpullcode 206 cdn-proxyver 1.03 content-type video/mp2t access-control-allow-origin * cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=43200 cdn-requestid 135167000fc4b9924bc4be9105764083 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	video7.ts Show response stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/	318 KB 319 KB	277ms 277ms	XHR video/mp2t	2400:52e0:1e00::723:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/video7.ts Requested by Host: vjs.zencdn.net URL: https://vjs.zencdn.net/7.11.4/video.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-723 / Resource Hash a36bb11d208962fa855fac755865750ce0a4e4dc22120bd13a25d65dd3a9c516 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:12 GMT cdn-edgestorageid 863 cdn-storageserver DE-200 cdn-cachedat 12/16/2022 10:58:22 cdn-pullzone 829957 content-length 325616 last-modified Fri, 16 Dec 2022 07:12:15 GMT server BunnyCDN-DE1-723 cdn-fileserver 493 cdn-requestpullcode 206 cdn-proxyver 1.03 content-type video/mp2t access-control-allow-origin * cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=43200 cdn-requestid 9c1b2dc8890cf9edbef490543423170b accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	video8.ts Show response stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/	270 KB 271 KB	36ms 36ms	XHR video/mp2t	2400:52e0:1e00::723:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://stream.unibots.in/93027cd6-b46a-41d1-af88-7bea17256d46/640x360/video8.ts Requested by Host: vjs.zencdn.net URL: https://vjs.zencdn.net/7.11.4/video.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-723 / Resource Hash fdfc6f88e51533ed6ec54331ee352b0c723224a17616d36a73896d165504c444 Request headers accept-language de-DE,de;q=0.9 Referer https://aubtu.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:13 GMT cdn-edgestorageid 722 cdn-storageserver DE-168 cdn-cachedat 12/16/2022 10:58:22 cdn-pullzone 829957 content-length 276548 last-modified Fri, 16 Dec 2022 07:12:10 GMT server BunnyCDN-DE1-723 cdn-fileserver 55 cdn-requestpullcode 206 cdn-proxyver 1.03 content-type video/mp2t access-control-allow-origin * cdn-cache HIT cdn-uid 7bd10f57-831e-4fd9-beca-97093a9ae0ed access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=43200 cdn-requestid fcef1a84d1a497f78c531d79ff71c0f9 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/ Frame 18C3	124 B 125 B	61ms 61ms	XHR text/xml	2a00:1450:400d:804::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?iu=%2F22082859479%2C22808405779%2FT3_ThirdAdBreak%2Faubtu_T3_ThirdAdBreak&tfcd=0&npa=0&sz=1x1%7C192x108%7C320x180%7C400x225%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3154457092813897&adsafe=medium&hl=en&vpos=preroll&description_url=https%3A%2F%2Faubtu.biz%2F83862%2F&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4134430641&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&media_url=blob%3Ahttps%253a%2F%2Faubtu.biz%2Fc02ba1d6-abc2-40ec-b822-c61f2ecfe932&sid=6D8954A4-ED9B-4F59-A34B-7E9E116467A8&nel=0&eid=44748969%2C44752995%2C44765701&url=https%3A%2F%2Faubtu.biz%2F83862%2F&dlt=1671880567046&idt=4896&dt=1671880573481&scor=2546992090185806&ged=ve4_td6_tt1_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:13 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 98 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-creative-id -2 content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET		json trc.taboola.com/pawsworld-aubtu/trc/3/	0 0
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/ Frame 18C3	124 B 125 B	65ms 65ms	XHR text/xml	2a00:1450:400d:804::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?iu=%2F22082859479%2C22808405779%2FT2_FifthAdBreak%2Faubtu_T2_FifthAdBreak&tfcd=0&npa=0&sz=1x1%7C192x108%7C320x180%7C400x225%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=481772919623676&adsafe=medium&hl=en&vpos=preroll&description_url=https%3A%2F%2Faubtu.biz%2F83862%2F&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4134430641&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&media_url=blob%3Ahttps%253a%2F%2Faubtu.biz%2Fc02ba1d6-abc2-40ec-b822-c61f2ecfe932&sid=6D8954A4-ED9B-4F59-A34B-7E9E116467A8&nel=0&eid=44748969%2C44752995%2C44765701&url=https%3A%2F%2Faubtu.biz%2F83862%2F&dlt=1671880567046&idt=4896&dt=1671880574751&scor=4147586274692507&ged=ve4_td8_tt3_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts2_eb16491 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://imasdk.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Sat, 24 Dec 2022 11:16:14 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 98 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-creative-id -2 content-type text/xml; charset=UTF-8 access-control-allow-origin https://imasdk.googleapis.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

trc.taboola.com

URL

https://trc.taboola.com/pawsworld-aubtu/trc/3/json?tim=11%3A16%3A14.573&lti=deflated&data=%7B%22id%22%3A532%2C%22ii%22%3A%22%2F83862%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1671732705735%2C%22vi%22%3A1671880574570%2C%22cv%22%3A%2220221222-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Faubtu.biz%2F83862%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22%22%2C%22gwto%22%3Atrue%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Faubtu.biz%2F83862%2F%22%2C%22vpi%22%3A%22%2F83862%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A14685%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20Unit%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20Unit%22%2C%22cd%22%3A13256.28125%2C%22mw%22%3A740%7D%5D%2C%22cacheKey%22%3A%22text%3D%2F83862%2CBelow%20Article%20Thumbnails%20Unit%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2