urlscan.io logo urlscan.io
SecurityTrails logo

ifunny.co Open in urlscan Pro
38.134.113.246  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ifunny.co/
Effective URL: https://ifunny.co/
Submission: On February 15 via manual from PH — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 4 countries across 19 domains to perform 128 HTTP transactions. The main IP is 38.134.113.246, located in United States and belongs to XL-103-397341, US. The main domain is ifunny.co. The Cisco Umbrella rank of the primary domain is 11801.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 23rd 2021. Valid for: a year.
This is the only time ifunny.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 14 38.134.113.246 397341 (XL-103-39...)
5 142.250.185.226 15169 (GOOGLE)
18 65.9.64.129 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.66.246.127 16509 (AMAZON-02)
4 8 37.252.173.215 29990 (ASN-APPNEX)
2 63.33.40.108 16509 (AMAZON-02)
1 142.250.186.66 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 ()
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 8 142.250.185.162 15169 (GOOGLE)
4 8 2.21.141.232 16625 (AKAMAI-AS)
8 138.201.63.165 24940 (HETZNER-AS)
1 4 138.201.84.245 24940 (HETZNER-AS)
3 94.130.102.164 24940 (HETZNER-AS)
2 4 142.250.185.198 15169 (GOOGLE)
6 104.111.239.217 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
128 30
14    38.134.113.246 (United States)

ASN397341 (XL-103-397341, US)
ifunny.co
geoip.ifunny.co
5    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
18    65.9.64.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-64-129.fra56.r.cloudfront.net
static.ifunny.co
img.ifunny.co
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    18.66.246.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-246-127.dus51.r.cloudfront.net
imageproxy.ifunny.co
8    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    63.33.40.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-40-108.eu-west-1.compute.amazonaws.com
prebid.ad.smaato.net
1    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
15    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
pagead2.googlesyndication.com
3    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    (None, )

ASN- ()
uuid
10    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
8    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
8    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
8    138.201.63.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de
hal9000.redintelligence.net
4    138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de
hal900025.redintelligence.net
3    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
hal900012.redintelligence.net
4    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
5994599.fls.doubleclick.net
6    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
33 ifunny.co
ifunny.co — Cisco Umbrella Rank: 11801
static.ifunny.co — Cisco Umbrella Rank: 168747
img.ifunny.co — Cisco Umbrella Rank: 21641
geoip.ifunny.co — Cisco Umbrella Rank: 243947
imageproxy.ifunny.co — Cisco Umbrella Rank: 15372
394 KB
23 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 70120
201 KB
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
142 KB
15 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 31122
hal900025.redintelligence.net — Cisco Umbrella Rank: 253917
hal900012.redintelligence.net — Cisco Umbrella Rank: 230320
115 KB
8 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
7 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
7 KB
6 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14416
4 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 gstatic.com
fonts.gstatic.com
52 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
76 KB
2
function sub() { [native code] }.
32 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 9027
www.google.de — Cisco Umbrella Rank: 6342
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 smaato.net
prebid.ad.smaato.net — Cisco Umbrella Rank: 3853
904 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
49 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
74 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
15 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401
1 KB
128 19
Domain Requested by
15 static.ifunny.co ifunny.co
static.ifunny.co
12 pagead2.googlesyndication.com uuid
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
12 ifunny.co 1 redirects ifunny.co
static.ifunny.co
10 tpc.googlesyndication.com uuid
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
8 hal9000.redintelligence.net uuid
hal900025.redintelligence.net
hal900012.redintelligence.net
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
8 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
8 ib.adnxs.com 4 redirects static.ifunny.co
googleads.g.doubleclick.net
6 www.awin1.com uuid
5 googleads.g.doubleclick.net www.googleadservices.com
uuid
5 securepubads.g.doubleclick.net ifunny.co
securepubads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
4 5994599.fls.doubleclick.net 2 redirects ifunny.co
4 hal900025.redintelligence.net 1 redirects uuid
hal900025.redintelligence.net
3 hal900012.redintelligence.net hal9000.redintelligence.net
hal900012.redintelligence.net
3 www.google.com ifunny.co
uuid
tpc.googlesyndication.com
3 adservice.google.com securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
3 img.ifunny.co ifunny.co
2 fonts.googleapis.com hal900025.redintelligence.net
hal900012.redintelligence.net
2 www.googletagservices.com uuid
2 uuid securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 prebid.ad.smaato.net static.ifunny.co
2 www.youtube.com static.ifunny.co
www.youtube.com
2 geoip.ifunny.co static.ifunny.co
2 www.googletagmanager.com ifunny.co
www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.google.de ifunny.co
1 adservice.google.de securepubads.g.doubleclick.net
1 www.googleadservices.com www.googletagmanager.com
1 imageproxy.ifunny.co ifunny.co
1 cdn.jsdelivr.net ifunny.co
128 32

This site contains links to these domains. Also see Links.

Domain
app.appsflyer.com
www.pinterest.com
Subject Issuer Validity Valid
*.ifunny.co
Go Daddy Secure Certificate Authority - G2		 2021-08-23 -
2022-09-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
smaato.net
Sectigo ECC Organization Validation Secure Server CA		 2020-07-28 -
2022-10-04		 2 years crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
redintelligence.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://ifunny.co/
Frame ID: A128FB092523FEBE9BFC261498BF18E4
Requests: 60 HTTP requests in this frame

Frame: urn://uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
Frame ID: 5F44AE0FEB5BE27DF0256BBB640E099A
Requests: 15 HTTP requests in this frame

Frame: urn://uuid:d081cea3-37f9-d958-cba2-d95837f9d081
Frame ID: D641242AE18D44027E3F0D567A74B0F8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVZ0dF-B1koli07Sxm-9mUsy1w0Ho4caXKhe6s4q7v0gzjDCo9FgQR_Wnze-cQA_0_7jqK6BdymMijNvjOGFxy6TwJVPmPIZx25cOpovfbVz29eBxGZSIug7FaCZSxw2dHZVdA5VCcm6eXOGIyJXuZcg5lp1NNnN-dxJN3nJnw3yWALuTs
Frame ID: B171601DF88480F2F3B81EC3311B4B8E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUcYlW0QXOSwgE9dgrFn_o0qsr3hVihHLF50Bed1Jttef_kbURvg9ypTmYgwWVBKwgb5U1sEONnHMk-d1q9trGvJZhh2s286j3okSNfnOi9tclIQlm3untoB-VG27tUzyMJaXNzfDzE5soYHSP9yutCy05SfwCpvRGKIVR7Jcd_tH3BtWI
Frame ID: DA6F9F8BA62DC94A71E50373C1517898
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1DE54F30ADA15422443E95650CC8BE66
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4CF87C7D7779624E8A751FECCB50650D
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJeWvICEgfYCFcrd1Qod4P4DpA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8683384324784.997
Frame ID: 690BD9C4BC74ABE4EE5E1C88B771AB2E
Requests: 2 HTTP requests in this frame

Frame: https://hal900025.redintelligence.net/request_content.php?s=33203500018792900710584011871025&a=a8031e31
Frame ID: 3947DFEE9D6BF8FC6701183CB8CCFECB
Requests: 8 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNSYvICEgfYCFeTp5godKtUCPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6959954311138.259
Frame ID: 70C0D1427D7EC26DDE524729BF9D7697
Requests: 2 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=54117900021540200710584011871012&a=cb655710
Frame ID: 062B1059FBF2BBD4900F48251911C4C2
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8A8E50CCE18FF31FD064CBF3A6CC4494
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 466435BF741B485A83B9DF39052F7E12
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

iFunny - the best memes, video, gifs and funny pics in one place

Page URL History Show full URLs

  1. http://ifunny.co/ HTTP 301
    https://ifunny.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

128
Requests

89 %
HTTPS

48 %
IPv6

19
Domains

32
Subdomains

30
IPs

4
Countries

1186 kB
Transfer

6292 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ifunny.co/ HTTP 301
    https://ifunny.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDY-g9-zV0l1I9jC9uZG5Y&google_cver=1
Request Chain 72
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgtBfcmtno96gbtozSjk6wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHg4hX5Z34rk23CUv3k9Ks8&google_cver=1
Request Chain 73
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELjCu6pO43IIMz-XcMQ3rVU&google_cver=1
Request Chain 74
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg2NTI0MDI0NDY0MzM5NTEx
Request Chain 75
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDY-g9-zV0l1I9jC9uZG5Y&google_cver=1
Request Chain 76
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgtBfcmtno96gbtozSjk6wAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHg4hX5Z34rk23CUv3k9Ks8&google_cver=1
Request Chain 77
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELjCu6pO43IIMz-XcMQ3rVU&google_cver=1
Request Chain 78
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczODMwMTY3NTA0MzM4Mjc1Ng%3D%3D
Request Chain 84
  • https://hal900025.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=6bb5f11554&subid=&uid=b29204790a5d77fd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQ7fefEELYszCMI6DrATD97nwBo_g-IZT9aiLpMoM8C4QASD64NN0YJXikIKgB8gBCakCAmJZyC_5sj6oAwGqBPsBT9CyCrNp1nsq9p-DOsntMMdfXKw1lIVRsZ2zMI5WLTNMLCBVHJDLXFcgPI0d5c4_9zb_BF1Ogg1OcDmf239beTV8Bbt3aUsbU1TgU1VrZ5jKRsvdfGKqV3YUtNiC1RtrN6t3E4V3cKT_Zbm24iwSi8A9uaesSeL9GHtTziyADvnWxNjSNyqyiHsLHi1HBsmnZRVrnSH7lfkCUqO-jysaM1qriEyaq05qsRFY4YX1YF7O0z5wF6TDi_8fTF4H_cHDDAOx-XvgQO55vKt-2z6MD5-y31Tq7JIcTGsheBk-EFsBLyTgdyP8V7VLC34qleuZK0wSY_v_za6L6h_ABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9AjPwLo1Yh30QfCtTlHxcrJBlA%26sig%3DAOD64_1z9YYEcE-31CXsNy9YWQ1vuwYfaA%26client%3Dca-pub-5475785420405214%26dbm_c%3DAKAmf-BZmikJ_kmtGp9NnJgAX8IUK-RmFHViZ2N-pIUqsMlTzYEjJTXiEPVnlk6ZrLAdb507ep1CWH0pMekJFuQ-NP-pxf105rshCirTV4irmHrbzeSsycQWTZ7KJxtbYcfGZt8FH5UBYBJ2_sQhaQfbYH4LFGAFfA%26cry%3D1%26dbm_d%3DAKAmf-BH8Y9b31j7oiQTRsp7ErVTuMgdUvj4sAFArP8zYsK-NUevg_qbryVzRSf9nG-lw7IinfOXNm4VC5TTuYwO1eYkjwGQjORWP-CMgtXFrQA900LzQsGfyHPxq88w3XbCAc53p5zFn7TeV-UYOBIC8CRXgUAP2NNHwE50jxng99ER0V0FVcXh_-srU5dGXKA3mrf79aLbfR-CUYY5CfU4F8QW7owbdnO6xT4aAoZQkLBa_ZoJTOa3JCTfd1pK13zkFLncUmHgwBVOSXaJ3f0_-tAvuSAKZy7amWEllIuFmVfaxrFLTJNoJqHXRbmoDJlUhusJqQg-z4U2We-iyo7Bs_EP6KH1PiXC8aVgRDMS2THniGjX11-bLJTHXrHILMcBg5wFVIRh56n9K8TxNJ6SGtU0z-Iq9A%26adurl%3D&documentReferer=urn%3Auuid%3Ad081cea3-37f9-d958-cba2-d95837f9d081&ancestorOrigins=https%3A%2F%2Fifunny.co&random=2100745584072&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900025.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=6bb5f11554&subid=&uid=b29204790a5d77fd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQ7fefEELYszCMI6DrATD97nwBo_g-IZT9aiLpMoM8C4QASD64NN0YJXikIKgB8gBCakCAmJZyC_5sj6oAwGqBPsBT9CyCrNp1nsq9p-DOsntMMdfXKw1lIVRsZ2zMI5WLTNMLCBVHJDLXFcgPI0d5c4_9zb_BF1Ogg1OcDmf239beTV8Bbt3aUsbU1TgU1VrZ5jKRsvdfGKqV3YUtNiC1RtrN6t3E4V3cKT_Zbm24iwSi8A9uaesSeL9GHtTziyADvnWxNjSNyqyiHsLHi1HBsmnZRVrnSH7lfkCUqO-jysaM1qriEyaq05qsRFY4YX1YF7O0z5wF6TDi_8fTF4H_cHDDAOx-XvgQO55vKt-2z6MD5-y31Tq7JIcTGsheBk-EFsBLyTgdyP8V7VLC34qleuZK0wSY_v_za6L6h_ABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9AjPwLo1Yh30QfCtTlHxcrJBlA%26sig%3DAOD64_1z9YYEcE-31CXsNy9YWQ1vuwYfaA%26client%3Dca-pub-5475785420405214%26dbm_c%3DAKAmf-BZmikJ_kmtGp9NnJgAX8IUK-RmFHViZ2N-pIUqsMlTzYEjJTXiEPVnlk6ZrLAdb507ep1CWH0pMekJFuQ-NP-pxf105rshCirTV4irmHrbzeSsycQWTZ7KJxtbYcfGZt8FH5UBYBJ2_sQhaQfbYH4LFGAFfA%26cry%3D1%26dbm_d%3DAKAmf-BH8Y9b31j7oiQTRsp7ErVTuMgdUvj4sAFArP8zYsK-NUevg_qbryVzRSf9nG-lw7IinfOXNm4VC5TTuYwO1eYkjwGQjORWP-CMgtXFrQA900LzQsGfyHPxq88w3XbCAc53p5zFn7TeV-UYOBIC8CRXgUAP2NNHwE50jxng99ER0V0FVcXh_-srU5dGXKA3mrf79aLbfR-CUYY5CfU4F8QW7owbdnO6xT4aAoZQkLBa_ZoJTOa3JCTfd1pK13zkFLncUmHgwBVOSXaJ3f0_-tAvuSAKZy7amWEllIuFmVfaxrFLTJNoJqHXRbmoDJlUhusJqQg-z4U2We-iyo7Bs_EP6KH1PiXC8aVgRDMS2THniGjX11-bLJTHXrHILMcBg5wFVIRh56n9K8TxNJ6SGtU0z-Iq9A%26adurl%3D&documentReferer=urn%3Auuid%3Ad081cea3-37f9-d958-cba2-d95837f9d081&ancestorOrigins=https%3A%2F%2Fifunny.co&random=2100745584072&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 91
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8683384324784.997 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CJeWvICEgfYCFcrd1Qod4P4DpA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8683384324784.997
Request Chain 97
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6959954311138.259 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNSYvICEgfYCFeTp5godKtUCPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6959954311138.259

128 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ifunny.co/
Redirect Chain
  • http://ifunny.co/
  • https://ifunny.co/
132 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ifunny.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software
nginx /
Resource Hash
81263e59b9fc46c52f5dc961bc12a0b5697c8945d6d10b707f027406bed0a006
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 15 Feb 2022 06:00:27 GMT
content-type
text/html
vary
Accept-Encoding
cross-origin-resource-policy
same-origin
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=31536000; includeSubDomains
x-frame-options
DENY
x-content-type-options
nosniff
referrer-policy
same-origin
permissions-policy
accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
app-version
website_ifunny-release_website_v2_14.02.2022-120
access-control-allow-origin
https://ifunny.co
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
x-requested-with, x-csrf-token
access-control-expose-headers
x-requested-with, x-csrf-token
surrogate-control
no-store
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 15 Feb 2022 06:00:26 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://ifunny.co/
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
75bf3b156ab92b7bed613595b5265119099118d3a57d62297fc2575b187dacb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27168
x-xss-protection
0
server
sffe
etag
"1132 / 39 of 1000 / last-modified: 1644879984"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 15 Feb 2022 06:00:27 GMT
prebid.js
static.ifunny.co/dist/ifunny/assets/ 		219 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/prebid.js
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
751cdce6dd3a080789741ce6f5b49695042cc2cfff6c0a22548b1097b3e30aad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 21:48:50 GMT
content-encoding
gzip
last-modified
Wed, 22 Dec 2021 13:21:45 GMT
server
AmazonS3
age
807098
etag
W/"116c4fd0012bd62e01b1e67742015042"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
zzwgZ0RkMR3_afnwvQa-k3KqoousQ9UADUDwMTw96mYZS7iV7DJ42g==
45.2314633d.css
static.ifunny.co/dist/ifunny/assets/ 		37 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/45.2314633d.css
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9f9ba5bca130a17130e0c71e860a525080bee7b44f2691082e7516c9d48097ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 08:34:52 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 08:34:18 GMT
server
AmazonS3
age
77136
etag
W/"1df9d3e766c05cb01a7ba63f3cc5e5fa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
nk5EAMmJP_taz7LZVijr67jscjAli_vGV1dGOqPVnos5-JyKR5jqkg==
28.926f9a76.css
static.ifunny.co/dist/ifunny/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/28.926f9a76.css
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c50900e02ce94bb084241a78f25104aee388af23cee758b982af9e62e7c10bc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 01 Feb 2022 13:22:40 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 13:21:51 GMT
server
AmazonS3
age
1183068
etag
W/"7f2d1d58d2708a344c630cbddf79dd29"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
MLdmL3uGPsYnY9uv-kVYMqMJRU71taHnN1bA7dKnX8QEoLFeDmA1ng==
1.831a6969.css
static.ifunny.co/dist/ifunny/assets/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/1.831a6969.css
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e85bc0716c0ade84baaff9e903939d3e57425d47d8767fc70b672db767880757

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 08:34:52 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 08:34:17 GMT
server
AmazonS3
age
77136
etag
W/"1bd256a6f2053acda922f5f5423491e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
DJu8j-PUUJPZgz4lJES9tkmsPLYDg6hDbRaZf9kUj9nygNPKjxEW4Q==
46.74bbfb4f.css
static.ifunny.co/dist/ifunny/assets/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/46.74bbfb4f.css
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7acaa4e25d73d23db3e1d40bb567eb7ac6602b73eb31a27996abbc17ce7610d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 08:34:52 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 08:34:18 GMT
server
AmazonS3
age
77136
etag
W/"669c382c6ae4c5d40446e330302cae24"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
keMWOAW8xmLzFTGnsrL4EPa12kZjeAEeyYFJfsln6L3Cjo873n4sxA==
43a8c6526dfbb8d54632c4df6a6a57ca7feccd27152cfb8202f37845a9dcdcd6_3.webp
img.ifunny.co/images/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.ifunny.co/images/43a8c6526dfbb8d54632c4df6a6a57ca7feccd27152cfb8202f37845a9dcdcd6_3.webp
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7fe0f484607f4596fc08c251ee445d75818b970c9a72517b600a7a7000d4752e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 03:03:02 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 02:55:01 GMT
server
AmazonS3
age
10646
etag
"c47565ffebaebf184f4a63d08a491897"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
35340
x-amz-cf-id
M23zoxVdbYMG6bXQt4k6ROXLbrCdysrPuntSkinRd9-KRRxSdqw_Lg==
favicon.svg
ifunny.co/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ifunny.co/favicon.svg
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software
nginx /
Resource Hash
e325298ed4642401a2d3aeccac03e2eac71625e2009be3880ee1f751978457d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ifunny.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:00:27 GMT
last-modified
Mon, 14 Feb 2022 14:50:32 GMT
server
nginx
etag
W/"785-17ef8b6bac0"
content-type
image/svg+xml
cache-control
public, max-age=0
accept-ranges
bytes
content-length
1925
en.js
cdn.jsdelivr.net/npm/vuejs-datepicker@1.6.2/dist/locale/translations/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vuejs-datepicker@1.6.2/dist/locale/translations/en.js
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ee6cb7c61d8f2effbe552d50b7848f228c31c6554cbbeabaeac61361c4fc5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
119032
x-jsd-version
1.6.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19136-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"6a8-m+bZB9TwLSvPrZx/oVlPiGUv+uk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6ddc50e3cc746934-FRA
translations.6219c2cd.js
ifunny.co/locales/en/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ifunny.co/locales/en/translations.6219c2cd.js
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software
nginx /
Resource Hash
123ac86ef11dee26bfe00fccb1ebf2205885ea50304b91f235c17f8002b83fbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ifunny.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:00:27 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 14:50:32 GMT
server
nginx
etag
W/"3a9f-17ef8b6bac0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
runtime.a113a7ae.js
static.ifunny.co/dist/ifunny/assets/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/runtime.a113a7ae.js
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfcf4cdd3dbffc11a241ecc44945650f47f413a08faa52247e5120da3b9907ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 08:34:53 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 08:34:20 GMT
server
AmazonS3
age
77135
etag
W/"d3044b72804551f9b2fc6def53a40d58"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
pOUkLiEtiKMZ7_Ry1tLnDczTVT8-JOqS1rxHNmzgHo857S08urKA4g==
28.2cb8653d.js
static.ifunny.co/dist/ifunny/assets/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/28.2cb8653d.js
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19b89eddbad4bbcc11fb20f641041535ea3b5ec42f8fdb5298959a34f7e7c34e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 08:35:00 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 08:34:17 GMT
server
AmazonS3
age
77128
etag
W/"e7d5d3710ba57f09cd783494c72ba66d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
dA5d1oQDuEcG2ASl6KkNXO9Fv3g3Pm1qmJxhdIvz-9kiYszGLRqkeQ==
1.63e6a4f7.js
static.ifunny.co/dist/ifunny/assets/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/1.63e6a4f7.js
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
49fb33b615df74b726f12d68c646c5c773185016aa5dba24ef471355246219d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 08:34:53 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 08:34:17 GMT
server
AmazonS3
age
77135
etag
W/"c9e5952dedf51a1677f5a70f0ede5d04"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
2bT2MafiwzGBSJDyaUJNNMlgpOswsDPWD80X6Rkp93qA-xcyEh2vuA==
46.c8857bfb.js
static.ifunny.co/dist/ifunny/assets/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/46.c8857bfb.js
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
984e32207998881103dc2e43021b9ee4a2b12cd1ca05dd860d8e9e873045506d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 08:34:53 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 08:34:18 GMT
server
AmazonS3
age
77135
etag
W/"e042a3437ba980942b7fe9f7392d2aae"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
H01qmC6aRbZw8_4PBSa_kO2FywXe3irg0sraF6deRVKAiUlWpg7o3Q==
51.341fd334.js
static.ifunny.co/dist/ifunny/assets/ 		196 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/51.341fd334.js
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b1bfd9059cb1ca1e872b2087b47f775e5c5bdc73682709640805b0c10cc2bff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 08:34:53 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 08:34:18 GMT
server
AmazonS3
age
77135
etag
W/"42075e58f378d55230c18046a01b3374"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
ff89WeONIS3jqzxA_U8USAovucBMxabdPggAaE2VfjFxAbANygQTPw==
45.a6e30f40.js
static.ifunny.co/dist/ifunny/assets/ 		123 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/45.a6e30f40.js
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c000de90023905d2927090b2644839d199f9d916d5877bc2e0b5a841bbe6ad21

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 15:12:41 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 15:12:02 GMT
server
AmazonS3
age
53267
etag
W/"b6c97a3818d90f1a6db171407a6bc7c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
WZrqBSS-NtUNqpGUNPi8fK_8eHwuc_YE4gyrhCOM2oIYSbPw53xnOg==
js
www.googletagmanager.com/gtag/ 		97 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-877651770
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1d4d976dc948573d2b90ef12cbd704e632585dc739ad33e49179004e21f7d29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:00:27 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39543
x-xss-protection
0
expires
Tue, 15 Feb 2022 06:00:27 GMT
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/gif
ProximaNovaCond-black.41bffa25.woff2
static.ifunny.co/dist/ifunny/assets/fonts/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/fonts/ProximaNovaCond-black.41bffa25.woff2
Requested by
Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/45.2314633d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0be9e04c94f9e0d6b441af41d61e1c9df7db72aeabbbc31d3ebe922105ce457e

Request headers

Referer
https://static.ifunny.co/dist/ifunny/assets/45.2314633d.css
Origin
https://ifunny.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 16 Jan 2022 09:15:38 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
vary
Origin
age
2580290
x-cache
Hit from cloudfront
content-length
33216
last-modified
Wed, 22 Dec 2021 13:21:43 GMT
server
AmazonS3
etag
"213b99ecdbbab60a64b2349b8bee76df"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
application/font-woff
access-control-allow-origin
https://ifunny.co
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
oT08Pm_tTxjoiA2Q9HU-5oFvVJa2UzYQgjs0RumjSQ5m-Axw__Q14w==
ProximaNova-bold.96993396.woff2
static.ifunny.co/dist/ifunny/assets/fonts/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/fonts/ProximaNova-bold.96993396.woff2
Requested by
Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/45.2314633d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd0798af7f8b8d1b97a557a4ebb86c609fda290e9088bf70c04b51b919dce596

Request headers

Referer
https://static.ifunny.co/dist/ifunny/assets/45.2314633d.css
Origin
https://ifunny.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 02:38:50 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
vary
Origin
age
185067
x-cache
Hit from cloudfront
content-length
34068
last-modified
Wed, 22 Dec 2021 13:21:43 GMT
server
AmazonS3
etag
"86ec8c5111202d06723d9bb9c1fb4de1"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
application/font-woff
access-control-allow-origin
https://ifunny.co
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
JQZS0On-pnUojaLFpONCXYVWEVgWuwXsKlcNS33B2qMBIsl0jAF8rA==
ProximaNova-regular.8925f9bd.woff2
static.ifunny.co/dist/ifunny/assets/fonts/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/fonts/ProximaNova-regular.8925f9bd.woff2
Requested by
Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/45.2314633d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08a4dbce746a8b0f482404296cc2822dff339d2b013d6d527e38888566b401fa

Request headers

Referer
https://static.ifunny.co/dist/ifunny/assets/45.2314633d.css
Origin
https://ifunny.co
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 28 Jan 2022 05:22:23 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
vary
Origin
age
1557485
x-cache
Hit from cloudfront
content-length
34200
last-modified
Wed, 22 Dec 2021 13:21:43 GMT
server
AmazonS3
etag
"420ba9856d37fdb1de8472f1d498b23e"
access-control-max-age
3000
access-control-allow-methods
GET, PUT, POST, HEAD
content-type
application/font-woff
access-control-allow-origin
https://ifunny.co
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
x-amz-cf-id
qdNWuK4eSEPZrAkAqCRR88IyFrkvRBuI4g6YJThBdS8nfyMaN_Z0iQ==
pubads_impl_2022020901.js
securepubads.g.doubleclick.net/gpt/ 		357 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
8a4fd9dc6db644313269ca0055f0cef11c1361c8879480f45393332ae2c8e027
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 22:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122359
x-xss-protection
0
last-modified
Wed, 09 Feb 2022 09:36:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 14 Feb 2023 22:57:16 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		61 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ifunny.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
3c2808394430f411a74c3afe5866fcc4ffba512d30f61b4361910e302ad494cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 06:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65
x-xss-protection
0
expires
Tue, 15 Feb 2022 06:00:27 GMT
/
geoip.ifunny.co/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geoip.ifunny.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://ifunny.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Tue, 15 Feb 2022 06:00:28 GMT
content-type
text/plain
content-length
18
access-control-allow-origin
https://ifunny.co
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,PUT,POST,DELETE,HEAD,PATCH
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin
allow
HEAD,GET,OPTIONS
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/1.63e6a4f7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
823b1e920d6746ffc7d7b4521a9c79009928b96b0811809655ae827b3dfc7643
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires
Tue, 15 Feb 2022 06:00:27 GMT
dwh
ifunny.co/api/v1/ 		2 B
827 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ifunny.co/api/v1/dwh
Requested by
Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/45.a6e30f40.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept
application/json
Referer
https://ifunny.co/
x-csrf-token
0896d8fda7447dbfeb22a5406da734f4
x-requested-with
fetch
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/json

Response headers

date
Tue, 15 Feb 2022 06:00:27 GMT
x-content-type-options
nosniff
app-version
website_ifunny-release_website_v2_14.02.2022-120
surrogate-control
no-store
cross-origin-resource-policy
same-origin
content-length
2
pragma
no-cache
referrer-policy
same-origin
server
nginx
cross-origin-opener-policy
same-origin
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://ifunny.co
access-control-expose-headers
x-requested-with, x-csrf-token
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers
x-requested-with, x-csrf-token
expires
0
/
geoip.ifunny.co/ 		97 B
288 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geoip.ifunny.co/
Requested by
Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/45.a6e30f40.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software
nginx /
Resource Hash
2217380d4866744cd67af31372094d0138038190fab6ffd7277e41d4ccc4e769

Request headers

accept
application/json
Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://ifunny.co
date
Tue, 15 Feb 2022 06:00:28 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
application/json;charset=utf-8
47.f7504514.css
static.ifunny.co/dist/ifunny/assets/ 		746 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.ifunny.co/dist/ifunny/assets/47.f7504514.css
Requested by
Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/runtime.a113a7ae.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e59b9039edf5ac2810e6048e07192caff7b7393912650d0284c5a37ba4f5c3df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 08:34:53 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified
Mon, 14 Feb 2022 08:34:18 GMT
server
AmazonS3
age
77135
etag
"25849436115df4f539efea92b903914e"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=2592000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
746
x-amz-cf-id
R9lOEo8uU1MWbhfDra0Oyo_JCQdixWFBQVJxjz-v2DLSlQrjlsjt5Q==
e6425a642a709d79ca07fcf37774a26b6d4cebf9_0.webp
imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.ifunny.co/crop:square,resize:100x,quality:90/user_photos/e6425a642a709d79ca07fcf37774a26b6d4cebf9_0.webp
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.246.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-246-127.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
ccf047f1504394fc5f895636caba122c65e90ea2d2581c6da6a683e2c67f5c5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:32:45 GMT
via
1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
last-modified
Sun, 26 Sep 2021 01:24:59 GMT
server
nginx
age
59263
etag
"029ad02c190a049169b132ad23ffcf2d"
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, max-age=2592000
x-amz-cf-pop
DUS51-P1
content-length
5270
x-amz-cf-id
jae-Ux2YNx2bjZJUxOzMAxtyVhpCnUWtWjcO2fjqlCLm1ggmhWvRgA==
dwh
ifunny.co/api/v1/ 		2 B
827 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ifunny.co/api/v1/dwh
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ifunny.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Feb 2022 06:00:28 GMT
x-content-type-options
nosniff
app-version
website_ifunny-release_website_v2_14.02.2022-120
surrogate-control
no-store
cross-origin-resource-policy
same-origin
content-length
2
pragma
no-cache
referrer-policy
same-origin
server
nginx
cross-origin-opener-policy
same-origin
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://ifunny.co
access-control-expose-headers
x-requested-with, x-csrf-token
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers
x-requested-with, x-csrf-token
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:28 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e687c95c-cda5-4922-9ead-dbc714ed60e3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ifunny.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dwh
ifunny.co/api/v1/ 		2 B
827 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ifunny.co/api/v1/dwh
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ifunny.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Feb 2022 06:00:28 GMT
x-content-type-options
nosniff
app-version
website_ifunny-release_website_v2_14.02.2022-120
surrogate-control
no-store
cross-origin-resource-policy
same-origin
content-length
2
pragma
no-cache
referrer-policy
same-origin
server
nginx
cross-origin-opener-policy
same-origin
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://ifunny.co
access-control-expose-headers
x-requested-with, x-csrf-token
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers
x-requested-with, x-csrf-token
expires
0
prebid
prebid.ad.smaato.net/oapi/ 		0
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.33.40.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-40-108.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 15 Feb 2022 06:00:28 GMT
Server
SOMA
X-SMT-MESSAGE
GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin
https://ifunny.co
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-SMT-SessionId
f9fbe011-8aaa-4715-a314-b20dbe4c48e7
dwh
ifunny.co/api/v1/ 		2 B
827 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ifunny.co/api/v1/dwh
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ifunny.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Feb 2022 06:00:28 GMT
x-content-type-options
nosniff
app-version
website_ifunny-release_website_v2_14.02.2022-120
surrogate-control
no-store
cross-origin-resource-policy
same-origin
content-length
2
pragma
no-cache
referrer-policy
same-origin
server
nginx
cross-origin-opener-policy
same-origin
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://ifunny.co
access-control-expose-headers
x-requested-with, x-csrf-token
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers
x-requested-with, x-csrf-token
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:28 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
90d2628a-382b-4eda-857d-255cf772e1b4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ifunny.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dwh
ifunny.co/api/v1/ 		2 B
827 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ifunny.co/api/v1/dwh
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ifunny.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Feb 2022 06:00:28 GMT
x-content-type-options
nosniff
app-version
website_ifunny-release_website_v2_14.02.2022-120
surrogate-control
no-store
cross-origin-resource-policy
same-origin
content-length
2
pragma
no-cache
referrer-policy
same-origin
server
nginx
cross-origin-opener-policy
same-origin
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://ifunny.co
access-control-expose-headers
x-requested-with, x-csrf-token
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers
x-requested-with, x-csrf-token
expires
0
prebid
prebid.ad.smaato.net/oapi/ 		0
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.ad.smaato.net/oapi/prebid
Requested by
Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.33.40.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-40-108.eu-west-1.compute.amazonaws.com
Software
SOMA /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 15 Feb 2022 06:00:28 GMT
Server
SOMA
X-SMT-MESSAGE
GDPR inventory not enabled for Application. Please contact your Account Manager.
Access-Control-Allow-Origin
https://ifunny.co
Access-Control-Expose-Headers
X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-SMT-SessionId
5a9d4004-139b-42ce-9c00-383e2562a9e5
43a8c6526dfbb8d54632c4df6a6a57ca7feccd27152cfb8202f37845a9dcdcd6_1.mp4
img.ifunny.co/videos/ 		192 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://img.ifunny.co/videos/43a8c6526dfbb8d54632c4df6a6a57ca7feccd27152cfb8202f37845a9dcdcd6_1.mp4
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 15 Feb 2022 00:37:34 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 00:34:55 GMT
server
AmazonS3
age
19375
etag
"59fb4c23e7d9473ace5c54f2ff558c2f"
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 0-3723131/3723132
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
Content-Length
3723132
x-amz-cf-id
XjrCP4mZ84gzSXk_0AB2s9DukVRXPmpk7-3kwz-q4TasnvafZ66InQ==
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-877651770
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14879
x-xss-protection
0
server
cafe
etag
17635014576153706337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 15 Feb 2022 06:00:28 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-23094255-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-877651770
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2de941118ed9f8691b2fe25606e1ed3d39634ab204447e22148add3bdc4dfb17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:00:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36100
x-xss-protection
0
expires
Tue, 15 Feb 2022 06:00:28 GMT
www-widgetapi.js
www.youtube.com/s/player/41de1c08/www-widgetapi.vflset/ 		147 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/41de1c08/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
222559bf05f85983d3880e26e799d371aee27cf0c104b35454ba0c7f718cce35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 03:56:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
7468
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48571
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 01:15:23 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Feb 2023 03:56:00 GMT
43a8c6526dfbb8d54632c4df6a6a57ca7feccd27152cfb8202f37845a9dcdcd6_1.mp4
img.ifunny.co/videos/ 		3 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://img.ifunny.co/videos/43a8c6526dfbb8d54632c4df6a6a57ca7feccd27152cfb8202f37845a9dcdcd6_1.mp4
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.64.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-64-129.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range
bytes=196608-

Response headers

date
Tue, 15 Feb 2022 00:37:34 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 00:34:55 GMT
server
AmazonS3
age
19375
etag
"59fb4c23e7d9473ace5c54f2ff558c2f"
x-cache
Hit from cloudfront
content-type
video/mp4
Content-Range
bytes 196608-3723131/3723132
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
Content-Length
3526524
x-amz-cf-id
7dptxdYAEt-_BTYL9XDsSpUkvKu9l7ZWeMeoieHwsF9V6L8mn7I-Yw==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-23094255-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
1534
date
Tue, 15 Feb 2022 05:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 15 Feb 2022 07:34:54 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/877651770/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/877651770/?random=1644904828689&cv=9&fst=1644904828689&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fifunny.co%2F&tiba=iFunny%20-%20the%20best%20memes%2C%20video%2C%20gifs%20and%20funny%20pics%20in%20one%20place&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8692c8057398fe2881f39da4a81f1e5d6dd70d8827c6f01908305ef2c69f0c0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1058
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ifunny.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 06:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ifunny.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 06:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=765953607898558&correlator=1231529604365124&output=wbn&wbsu=d0aaa66a-e71a-4bfa-b63e-f244acf008b4&callback=googletag.wbn1&eid=31063224%2C31060545%2C31064539%2C31063878&output=wbn&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=1361489614%2Cifunny_web%2Cifunny_web_desktop_feed&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1644904828745&lmt=1644904828&dlt=1644904827363&idt=1154&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=4426&adks=1329812439&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fifunny.co%2F&vis=1&scr_x=0&scr_y=0&psz=580x696&msz=580x0&ga_vid=1726880152.1644904829&ga_sid=1644904829&ga_hid=2016059270&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9451
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
application/webbundle
access-control-allow-origin
https://ifunny.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
uuid:d0aaa66a-e71a-4bfa-b63e-f244acf008b4
/ 		546 B
672 B 		Script
General
Check archive.org
Download Go to
Full URL
urn:uuid:d0aaa66a-e71a-4bfa-b63e-f244acf008b4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1959151fed81e54be8ea93e89fde1beb8c3aeec81e7e9c18ed2bbe0cc399d5df
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
dwh
ifunny.co/api/v1/ 		2 B
827 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ifunny.co/api/v1/dwh
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ifunny.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Feb 2022 06:00:28 GMT
x-content-type-options
nosniff
app-version
website_ifunny-release_website_v2_14.02.2022-120
surrogate-control
no-store
cross-origin-resource-policy
same-origin
content-length
2
pragma
no-cache
referrer-policy
same-origin
server
nginx
cross-origin-opener-policy
same-origin
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://ifunny.co
access-control-expose-headers
x-requested-with, x-csrf-token
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers
x-requested-with, x-csrf-token
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		0
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=765953607898558&correlator=967846670761774&output=wbn&wbsu=bcbcf8d7-6374-4a95-9af9-e0e42814e4e9&callback=googletag.wbn2&eid=31063224%2C31060545%2C31064539%2C31063878&output=wbn&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=1361489614%2Cifunny_web%2Cifunny_web_desktop_feed&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1644904828755&lmt=1644904828&dlt=1644904827363&idt=1154&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=1267&adks=2144437091&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fifunny.co%2F&vis=1&scr_x=0&scr_y=0&psz=580x1026&msz=580x0&ga_vid=1726880152.1644904829&ga_sid=1644904829&ga_hid=2016059270&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9265
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
application/webbundle
access-control-allow-origin
https://ifunny.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
uuid:bcbcf8d7-6374-4a95-9af9-e0e42814e4e9
/ 		533 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
urn:uuid:bcbcf8d7-6374-4a95-9af9-e0e42814e4e9
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b33d59ce48490dc1354b63e45f04e4801ed1919923dc6ced162de77ba882e17a
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
dwh
ifunny.co/api/v1/ 		2 B
827 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ifunny.co/api/v1/dwh
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ifunny.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Feb 2022 06:00:28 GMT
x-content-type-options
nosniff
app-version
website_ifunny-release_website_v2_14.02.2022-120
surrogate-control
no-store
cross-origin-resource-policy
same-origin
content-length
2
pragma
no-cache
referrer-policy
same-origin
server
nginx
cross-origin-opener-policy
same-origin
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://ifunny.co
access-control-expose-headers
x-requested-with, x-csrf-token
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers
x-requested-with, x-csrf-token
expires
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2016059270&t=pageview&_s=1&dl=https%3A%2F%2Fifunny.co%2F&ul=en-us&de=UTF-8&dt=iFunny%20-%20the%20best%20memes%2C%20video%2C%20gifs%20and%20funny%20pics%20in%20one%20place&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=658446680&gjid=1880782462&cid=1726880152.1644904829&tid=UA-23094255-1&_gid=1722586497.1644904829&_r=1&gtm=2ou290&z=886134097
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ifunny.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/877651770/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/877651770/?random=1644904828689&cv=9&fst=1644904800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fifunny.co%2F&tiba=iFunny%20-%20the%20best%20memes%2C%20video%2C%20gifs%20and%20funny%20pics%20in%20one%20place&async=1&fmt=3&is_vtc=1&random=744035039&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/877651770/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/877651770/?random=1644904828689&cv=9&fst=1644904800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa290&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fifunny.co%2F&tiba=iFunny%20-%20the%20best%20memes%2C%20video%2C%20gifs%20and%20funny%20pics%20in%20one%20place&async=1&fmt=3&is_vtc=1&random=744035039&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-23094255-1&cid=1726880152.1644904829&jid=658446680&gjid=1880782462&_gid=1722586497.1644904829&_u=YAhAAUAAAAAAAC~&z=632195557
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 15 Feb 2022 06:00:28 GMT
content-type
text/plain
access-control-allow-origin
https://ifunny.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
/ Frame 5F44 		16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
urn:uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c164b12b3d6d7bc2b41ce98d86bca30ed04874d132a42686a24f01c96f209c72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Content-Type-Options
nosniff
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F44 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BgHdgDmASrJISWaHdcIXp4HWmOnrq57W0HSyQK8Qbk2uxW6W7lsiNUWuxA7xlRFLi0QGcXzZTOcfFicw1Jh6w2NHEmhp80M38TiCvUOLG29bw4QLU
Requested by
Host: uuid
URL: urn:uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 5F44 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/window_focus_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 05:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Mar 2022 05:56:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame 5F44 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06b89615824177c02fe88a115183da6905bd3bb4d5136997ca35a0bdfa86f422
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 05:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
399
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6395
x-xss-protection
0
server
cafe
etag
14935107822106690633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Mar 2022 05:53:50 GMT
l
www.google.com/ads/measurement/ Frame 5F44 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQI3bUdGvp6-jPal641uS8ZYSMzUI-95xR7nKTzqkFQS55vfGliPgWA-gTsgun4ZJwN6H2QAt1di6quVYMWyM-y-LpshQ
Requested by
Host: uuid
URL: urn:uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5F44 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: uuid
URL: urn:uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644842073869169"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 15 Feb 2022 06:00:29 GMT
uuid:d081cea3-37f9-d958-cba2-d95837f9d081
/ Frame D641 		16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
urn:uuid:d081cea3-37f9-d958-cba2-d95837f9d081
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol
URN
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0850f1edfc2a2621c5fe19351e8840545ad7810e0854e4fdc862fa70c5139d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Content-Type-Options
nosniff
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
pixel
googleads.g.doubleclick.net/xbbe/ Frame B171 		624 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVZ0dF-B1koli07Sxm-9mUsy1w0Ho4caXKhe6s4q7v0gzjDCo9FgQR_Wnze-cQA_0_7jqK6BdymMijNvjOGFxy6TwJVPmPIZx25cOpovfbVz29eBxGZSIug7FaCZSxw2dHZVdA5VCcm6eXOGIyJXuZcg5lp1NNnN-dxJN3nJnw3yWALuTs
Requested by
Host: uuid
URL: urn:uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 15 Feb 2022 06:00:29 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Feb 2022 06:00:29 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5F44 		25 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUnHM3KnraTD8avmQfLOO17jLxtYXwHcu7ujnHoBgWzdso2viJ2HvrTmzVAIQIfC9zGM7FvEwf4BqPdlXMn9rHT6bRD4FeETkKMeYcUsX5Ls1vSIpi0WFlrzcegBdvxdbVXJENSTUix6DgLikBci0Owk4hog&cry=1&dbm_d=AKAmf-CNBKYQe33UCAdKf0YjW2eJ6J1iCKE8EKNeet-SFHY26yiuN7yuJ2BHi3Vbctq5X7wEEYtQWolLeE2CZiO_EC9fxOpmdynZWclU7q7GtmLK2oE4VJI3YryVlPekpHOOaKeoMWczijG6R15G-YL72Ksj54XL9dSF-L27rkg_LG4_y2GJa98CTXUCanRMgw6IVNGjy2Hv6taipkJ9TGroUdxfc2CIXJBYC38RHjzigEmhefjHSYaHRGNw12rZUBQGJsUV8JjlvvicE-wT_nEJaGGvd4T4y8Pq5GOZxy8snxlnLNjHXPxA8RG0H0CTkBFlARw-hq-RRxpNrwqfEKr0qjKvAxx9EE4Cd7i5WI7nlg7q4Nd8zTFxijz52fpiz-LXfFPRide9xEVTRtjMdjPNqtTYN3Y1euZgE2TSwDwkzjXO0ofZ_KMd895gL3Mc7aohuTkuwvIwOTtEbvu8dWH9T_YvLYnyS-8APvKG_pUd82ilMq7Qj_b5COPjlpFLGy_XXOZ3Bg9B51o2kW0UMxrLeS__MlYX6jKDGiYHImO2a2AjTpwJZ_53g0E8pNfCzRSa_zxxHimwoDYy4qoOtD1Bgh_LR7LJDj533cCl_8MkhcIbvHTinfYxqUa59MLH3DL-MLBElpGT6Nw52DwNUnDqIwSJFs7IHoL2eczed2s4La-oFe3o6CHLKdDtB9TrW7KrXCurGoMvtfCssQTOgOQRazDUqnVnR276tHE_wySY-fcEI3dGunpKSWpD61lhwK1JM0Gkh_0jsqhOyGSME3jDjssuQQ1iTxiZpuWVhRItziIzLPV81DTRROugmeUi6-D8HH9pzkhY_gwGsQrKEUgXFlfQSPAsy6WK08Y6V8VEWo8KCcSgob0CZ6oITlpeRieVXSrFo8h1RxjV66lsW6Gw6Xzt7LRFdj_vgR7mThPIpqWTEbMzKndTUahn_Zs4a-98J1PMxCg5UuhVIIHPLXQgwHkGcA3K3ifTk7ehXhzpNJzmZqFZOTmBjwBoEQM14TDzcYm-56dq7RTtTQPDFSwc9kS8YiRmTZdWkQDkM3atxAJZTKAychZcIO1zjf2n8loOjMwQKtzDDNl94IDI9nb6zF41ajJwjYI1h-8_N5-QFaiOVgG_XDWcMymtVu8WfDFtndFuGN3aglR7S9U5rUF05i5WtX-WcE9gdOZZM1v46R-y-Ak1TLjzlmTJNEt2ej5CVmAGzLSMsnsdAXZJmVLpEAsCgc3mVITcPrVPFqci4bGpIWtEU-64Va1Q6C4I6pFxT_hSGEaMV23kBnDCwOilrQoAj0ZRMdcKDdb55gA72RsH9XTKbH01TrRQFMj-Yv-9eJ_KtYYtvU3mWVLGpRklhxkBMHDexkO8hrswQoINKdbE0xVPYCT0311n0Cf3Xz0SnlZhF8HwT8FOQ2rAJdBhr_yvNT1u-uEHbTWKYppu4ioK1X7DinFkPzAdG2hfL-3TVX0YulE-EDLBiN2qRNA9uQFn2rrpBOJH7TPFlROgE1nk3Dx9LremG-f6itIdPBmLjiQYPKx1KfVmiKtZ364eyiaDJX5tUM2uincQ6RRkkDayiu4I8Huy0gp08SVwGlGlfqnwZPm8sjOvox6uaDVRUV_A2iPwTCFDOxdTc17BQauSzdMZokfWVhH_lUp5XEpwwiOX8A6Ec2RcckkT0oy14Wzds3SuRlQh_T2uS5QGqx8N2g1i_U4Sq2N6-8n6qcvuF-STrtwihnzqE19nUoR9ydT-ZmvrbT69Cjx71WcjuxUXVfjr8zUB_bbbyzK64r0Wyf2IBVQ9yYhf7axuN4fLulrVK6QD381FYx_PFctExRRxbLFUwZaJWD5uFayW1l_JjlMfdB9LfQmijJ6A6ZkYzw7rK3949RTXaiQ6qTJPXCt8EUsdDUL-MSZRWlc5sHsP2fv7F5xvzsywYlAJpPupC7mDHqJ0GKeiljvKm43qBQfps0_93NKaWQm4n3fgojcgnwK93ZMTM7q5dgsh-YnUHd-TglalFIBYloaogDzufvOZXjJkn_IV4XSYui9DvXUHsxcTYddjrSe_H819_fw4HQxpQjoDlT4E1MxdcHqjgcVTxpE3oNUd6eL66J-pClwQ73E4THvRGPQjD86F2CYkPAg4jboUDz_Vbnk8tnO9CRSj-7SREfiXRKk55UjAnuKH2Q_5kF38pyU4ehPbCclbPKBeNeRffRnNtjSlT2ZFZXd_J1OleSB7Zqzx05hVN3nGeu3R4L9smsZq-w1yT_h1hQLoXZ51gpxUqQWS1sdhwCjAnuWAJABGh04GDvmZCaMmtbpADsDIvmKj8xDcG8X_pT2rDKe3N8krx0MSyIzdsr-EW1CkzKSDhOWvKZgqMC9DmmpCnKduInu_YMVuEsuJEscuNB3NeLGtfQpVyRDf2q7Z25ONH4l3HGTmxxMcbt3qs3ScTBWGdzmAPBlYD4i2EkeFE-OviLmoCWs1eh1jyI7LyTfZ0sa5_AxFal-g9IiCSzQkqXNX0CdPMa53tPuxQoHI56BFofcMQXurJGqH2PJt-0Y7S6VohoW_r9KT22qQA1HDmuy-rLPBS8I_QMt3Q_aJKwUgkQaD-6lTTcpPP6eHESxdmoIyTI6UhpGZIlhTCcOu8jwyZ6MWcRxd5kBz9u8xyYBqTGr2vqCWkQlst8U7jLgbXDnnYI7dmRtOw7VJNk8mJtDuy--9hpSR5Z3nwdNelTbkWrRt73zUR9mkznhtqDqqiaZ0NTMZd9PkeKnw00C67n4Oa9-fVPud2MBLyak70sZkflizxp1njOcDkAw8UooUacoEui4s2YBSvLWiCfiLajZtR2UHNNaDhNVYSganjRTQlFyQL4nbnB5HiN5oFbm3r5pDBqILJZEbv7cMXJdK1quNqNyPcHrtA0frcvW9VP36AxcAgjnNFlfEZa_EV6QlXYT07Ng60cWp-wx8lj85wV4lKzJT5NvSrE_qojm6aOBNYZH1A1lklPy09k_1AE5z3FezGVj8H_qjOEDlme-d-66gge7kfHzw-caZ1DIIOZeDIVKCYq_zrF2HMAWmscn8ezKbduXCbcnulft7nnFMiYKp3BLG2D7ztWKE_fuzeYGsKQe4c0I58g9ATmF_R5dALHB_mgV-rtxmhzuz5uVoxJHt&cid=CAASFeRow-eaYoC9jYtX0fKAfyQSOhUB3g&rfl=1%2Chttps%253A%252F%252Fifunny.co%242%2Curn%253Auuid%253Ab09d64bb-0692-0bdd-6414-0bdd0692b09d%240
Requested by
Host: uuid
URL: urn:uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
420fbd505becc0975bb7a7e46a65b87e24a2c76bf51870a9c0bb62624e02a3ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15394
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D641 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BkAPTLvAs983SIFejs1SJFJhYnj-xdMQgbxo_UgkycP7uhHlv7FFjUjBwk67Gxd3LNisfpTeWQXo1FFkyHp5UsaROuPYzfqxWDAB_0C_mQz548HKg
Requested by
Host: uuid
URL: urn:uuid:d081cea3-37f9-d958-cba2-d95837f9d081
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame D641 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/window_focus_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:d081cea3-37f9-d958-cba2-d95837f9d081
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 05:56:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Mar 2022 05:56:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D641 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: uuid
URL: urn:uuid:d081cea3-37f9-d958-cba2-d95837f9d081
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38569
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644842073869169"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 15 Feb 2022 06:00:29 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/ Frame D641 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220210/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: uuid
URL: urn:uuid:d081cea3-37f9-d958-cba2-d95837f9d081
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
06b89615824177c02fe88a115183da6905bd3bb4d5136997ca35a0bdfa86f422
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 05:53:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
399
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6395
x-xss-protection
0
server
cafe
etag
14935107822106690633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Mar 2022 05:53:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DA6F 		624 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUcYlW0QXOSwgE9dgrFn_o0qsr3hVihHLF50Bed1Jttef_kbURvg9ypTmYgwWVBKwgb5U1sEONnHMk-d1q9trGvJZhh2s286j3okSNfnOi9tclIQlm3untoB-VG27tUzyMJaXNzfDzE5soYHSP9yutCy05SfwCpvRGKIVR7Jcd_tH3BtWI
Requested by
Host: uuid
URL: urn:uuid:d081cea3-37f9-d958-cba2-d95837f9d081
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 15 Feb 2022 06:00:29 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Feb 2022 06:00:29 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D641 		25 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cy4BtM83JILsZiLmgreAs5GBOY8qMVcyt5RB6QR5K89Jt9OfFLdiPwYAK5vJD22vBMkBVG4K-0NgV6oMo2H3kemcWACjPI1AW1iasyNStEob6t8_ccKK5wWdT9gXPqoJiCJtZ6N7Pegoh6sHumu8TBRtcV6w&cry=1&dbm_d=AKAmf-Cw46Yvo9UeJz3PFmLMl20UknByuO8tUmVVyLZQA1dmwLsoLq8N2P2vlLlLv2PJlsA7dRPMbEOytWpl8Flu1oksVo1QHT3EeFK9E1jWVt2jvkhyBawLGC6jyxtXaCvG7vKMHG0X7XzGeeZDlDSvaa2HRPHtyTrF-e62lqljZLknDF_07VeMsgYqCw5hSa5QFva5vEsXCv7nIiMQAZ-db-ICQ0OkS3z-WfwGp85KOzn5QF6omsHuP65-Nlwx_CG8g4GJky8_YL6jHtaF0OXih-J6AMiK6qzOsMUVRIh7k4GBoMnsfFHb4Q57OhOrIx35rukvV_dTiniLIWUkD2VO94EvQ4ZKDnL6OEHtyV7O7YdPnPrGdGodCJUto_5iaHpguVGqQX2NnP1RlX4IpT9HH3Q2zG6j4nsEnKNY4Eh9HuJPiC1P65DiTPJY1J-1Yo9SVy_wy8md3CwCI3Y23Q6mITk6hU5e4-7FempGjPghos1TJ64IjlHmWjWqs4REE1tl4e6qolWvVELO41w59rP-1_4Q-odRVQWjhI-Y-H6gDrj4Y4mUhCHBM_yNZjyIEuKcvYSbJp1xH3iMHNOdIRgEUWrKZPs4ta77Dfz4LgVtsiHlubzuYa0AiFcFwgHdHWFO9OvVFTq-b3srssrMD2mzpEwmOs1B2QP2bELEjd3tyyrVUMo7BrM0qvRGUdc7814kVR38GVrYA_kvqke2yVHQE2gUN8fc9J0UJ3I7Zdtw_N7x6HBeDLgcSghJcuKAsFGFIVM86VX06uVHvCJqCTadwOti3svWXBvt1vGn3tKI0hMl8aP4j-3pgZoDWhukubLBG5ETGVceebGxXfI9wy0rP_GRIkgN-0KEps8YnjMguhJplO463iK2quz7Pf2IsS75p-1CGvbKRnlHDZEwtRjT5nERxhAn5A2vFE7Koabp_IkeL5y5A7zIu6qGgafmvecQ2DV-E-rdBwcoLPOUlbHZ9uBQ0_XIVPjuKhQOvDtX191saKnYDWDDo-hdlua3GDT7nyno8EUQqZM8oNSx3S6Kj4wj1GTfmsCK21hxjriz4afnd3wBgiz5a03vgvC9c4TbBfljrO-q565v6fAE4tzmTkawXwaPqq8LrLqwiqhWoFW3ruuP9UD3F_7tgxYSYERO9Pv62z9upgqE2zC4nn7HClLNtSrtHLKQj5ZVqgMxHCDXdoF4RMls5P3e_ECt-fIvj2XAbCMFPGwyrjywPf78bZ505g52QQSONikWjYYhmPCWONtXW1KXEYWAPgbGihwx8eyoa8Qr9fxC79HtCPpplNHEgUVYJnOpTe9cnYraMdAx70g8txe5ELLO-hsDQpTfihKHplnBkJY6oZjURBMP7J5egIV1Yt_aULkVKXUsJOopMU11GQUrpHXU8Ve0QK3X7YnC4IW4vzOPTpZIb7rnc2Gajesqu2jTT4aSiXlNObuAMhcH6qSw6F_0enI6Uh3c8usMbJ2LM4v55GRNwn6sMQuU9lrEKtDgjdxk_SwVPsYAkoc59Vua2l3JhE8Jl32yq61elSIHWK4xeYmItrSqrZjcSIliO8L1KCkDdV7F1rpvMxJSRmxTY2R3JmA-vCCtUWbz97njySlTcdksgLZIX3rm5poF947jVWDRb_gp06qPMBSfzDuoWz24NodqDUXDSwh7D5T3WhkZG_h83MQZDpPGinIeP2KGugm3kXaY7WzbBbG4_pTvPC9RVhnqu-biVYMIMYSK4WuVmT1ynSVkEY94xou4seInt6gZPOGhnAkNhHbqdorcACiagPmZGf2dbjCY9r1JxNKjswE0JKkKzKXhZQTF5viFgR-nAVo73YgXWApEuBOmqZG2qrmGn9OBX6eUOJQbBcmH7B9WJZE-B0QCXuUZ9794UJQNoGpyli5OWslepjYp8mFx1FoP0F6aS9bX8MjWEUGjaVS9HJ54mw6MC1m3e9dDn4mcSQWayCv7RWVeE46-D1kLoejScsaGeNazMryQOmKYTR0rH5oWmfC4P-vnYg2VZRAxV3oi1wG4kX4HfXa3zV-kgtdXiVflxi5JIsRU6j3tsLFeaS0CkLDbd4HjCVBWMhvjLjgaNkoMwpu85Rwjpm6whonjg-oW-iISVsE2-34UGI7pZFKt4WLp7mYgu3T9dCS3xwIHNPEVKkDocB5M3lfwtstRiua4Q4ZE2r1FIQ-eH6ae8f8C-ogb9VxYKNiEagrmBdEz6vmDv0z-J6ZWWEyrvHWBoV-vagH05pN5t7niHbPmmI_wgrvnfSDoAyAdWTWTvE8hqRn2f_NfMiqK2pPCPVGi0fkMPLgAya1iPWLQnKcuf_gEUsbh76p9CBsV3Q2Iqv3xvghjK65yUFJb7M9p4za4cMthEfIMqfyKjTkXoJv_PvuMblMOhBxB2KTNOj-yGp5TzykGkWD_7w-Cthk8_55c0Nmx1d_VIW66Yl3aVg-yZsppq_sewXIExaECRvenkOn31dRRZ5VS-XBO7DkrEK5huvW__bf-YeVCoaBjgZpxLMk0cbR7R64wMq4W0_yawy243H_ecHo2rp647wgaBRS8_IdZNapAxdUwbyRHH8Tih9kfW808D69LWUdRtll8MXrNPUTG7igEZaWNn_F6yFD0_MBkAX3fYo6MYF2PF5d0GmnXsKfp6rmRe6VaqzTvs38VnR79MWu1NRGMQgwm6Un8xRRr4L2T6-alPABaHIUCWxSbL5PIsYDUWJGqaJ8Dt-2YZlEag4wU3FpJ32rXWW6I4PlUclnp6b5gQn7c28nwhcqaXZYgsVfyWST_rgtkDCi1DkKLnWeXelgvsxBLiR5JTnAHIPGIINUdSl-UtI4lJhLbMNbPP0Flxc3MyJ2ACCMYyqKqwNQZpOy468zywnR7jHdHzuKSY9yC4eJ2CDfg0C1iQNez6DsimVtAzJEeDYpPx5lNJPZaSGbGMHs8aqr_d5Ot-aK6-j6ynF1UultIjD2aCImXJNPDhJA4hs7g6nYzLa3Yf4HlUDgHyYOAmYoz0ylKAkd-Xz9HzmIMu6s_g8HkvT2f6Sna96BgcoyL2Rj4GJLPl33qyhVdEG2AOvUwbgXX1Z7bdjQ1UGJclG3WHEnq3ia7HcLyrNlCb2FbCftseGQA4L9t-1Y&cid=CAASFeRo9AjPwLo1Yh30QfCtTlHxcrJBlA&rfl=1%2Chttps%253A%252F%252Fifunny.co%242%2Curn%253Auuid%253Ad081cea3-37f9-d958-cba2-d95837f9d081%240
Requested by
Host: uuid
URL: urn:uuid:d081cea3-37f9-d958-cba2-d95837f9d081
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0370bd7ba61456c388e934048e999c25b996999cb04a8b633b251cd8317021d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B171
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDY-g9-zV0l1I9jC9uZG5Y&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDY-g9-zV0l1I9jC9uZG5Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVZ0dF-B1koli07Sxm-9mUsy1w0Ho4caXKhe6s4q7v0gzjDCo9FgQR_Wnze-cQA_0_7jqK6BdymMijNvjOGFxy6TwJVPmPIZx25cOpovfbVz29eBxGZSIug7FaCZSxw2dHZVdA5VCcm6eXOGIyJXuZcg5lp1NNnN-dxJN3nJnw3yWALuTs
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 06:00:29 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDY-g9-zV0l1I9jC9uZG5Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B171
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgtBfcmtno96gbtozSjk6wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHg4hX5Z34rk23CUv3k9Ks8&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHg4hX5Z34rk23CUv3k9Ks8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVZ0dF-B1koli07Sxm-9mUsy1w0Ho4caXKhe6s4q7v0gzjDCo9FgQR_Wnze-cQA_0_7jqK6BdymMijNvjOGFxy6TwJVPmPIZx25cOpovfbVz29eBxGZSIug7FaCZSxw2dHZVdA5VCcm6eXOGIyJXuZcg5lp1NNnN-dxJN3nJnw3yWALuTs
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 06:00:29 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHg4hX5Z34rk23CUv3k9Ks8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B171
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELjCu6pO43IIMz-XcMQ3rVU&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELjCu6pO43IIMz-XcMQ3rVU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVZ0dF-B1koli07Sxm-9mUsy1w0Ho4caXKhe6s4q7v0gzjDCo9FgQR_Wnze-cQA_0_7jqK6BdymMijNvjOGFxy6TwJVPmPIZx25cOpovfbVz29eBxGZSIug7FaCZSxw2dHZVdA5VCcm6eXOGIyJXuZcg5lp1NNnN-dxJN3nJnw3yWALuTs
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f4dfc6fe-7f83-40fa-a145-149ced6e2f1a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELjCu6pO43IIMz-XcMQ3rVU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B171
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg2NTI0MDI0NDY0MzM5NTEx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg2NTI0MDI0NDY0MzM5NTEx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNVZ0dF-B1koli07Sxm-9mUsy1w0Ho4caXKhe6s4q7v0gzjDCo9FgQR_Wnze-cQA_0_7jqK6BdymMijNvjOGFxy6TwJVPmPIZx25cOpovfbVz29eBxGZSIug7FaCZSxw2dHZVdA5VCcm6eXOGIyJXuZcg5lp1NNnN-dxJN3nJnw3yWALuTs
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
3353272f-990c-41d8-b837-98a4400a3764
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg2NTI0MDI0NDY0MzM5NTEx
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DA6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDY-g9-zV0l1I9jC9uZG5Y&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDY-g9-zV0l1I9jC9uZG5Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUcYlW0QXOSwgE9dgrFn_o0qsr3hVihHLF50Bed1Jttef_kbURvg9ypTmYgwWVBKwgb5U1sEONnHMk-d1q9trGvJZhh2s286j3okSNfnOi9tclIQlm3untoB-VG27tUzyMJaXNzfDzE5soYHSP9yutCy05SfwCpvRGKIVR7Jcd_tH3BtWI
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 06:00:29 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJDY-g9-zV0l1I9jC9uZG5Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DA6F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgtBfcmtno96gbtozSjk6wAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHg4hX5Z34rk23CUv3k9Ks8&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHg4hX5Z34rk23CUv3k9Ks8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUcYlW0QXOSwgE9dgrFn_o0qsr3hVihHLF50Bed1Jttef_kbURvg9ypTmYgwWVBKwgb5U1sEONnHMk-d1q9trGvJZhh2s286j3okSNfnOi9tclIQlm3untoB-VG27tUzyMJaXNzfDzE5soYHSP9yutCy05SfwCpvRGKIVR7Jcd_tH3BtWI
Protocol
HTTP/1.1
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 15 Feb 2022 06:00:29 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHg4hX5Z34rk23CUv3k9Ks8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DA6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELjCu6pO43IIMz-XcMQ3rVU&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELjCu6pO43IIMz-XcMQ3rVU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUcYlW0QXOSwgE9dgrFn_o0qsr3hVihHLF50Bed1Jttef_kbURvg9ypTmYgwWVBKwgb5U1sEONnHMk-d1q9trGvJZhh2s286j3okSNfnOi9tclIQlm3untoB-VG27tUzyMJaXNzfDzE5soYHSP9yutCy05SfwCpvRGKIVR7Jcd_tH3BtWI
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
dc73a7b0-d4d7-4312-a630-a76fe1c36f55
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELjCu6pO43IIMz-XcMQ3rVU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DA6F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczODMwMTY3NTA0MzM4Mjc1Ng%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczODMwMTY3NTA0MzM4Mjc1Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYj6_ClQEwAQ&v=APEucNUcYlW0QXOSwgE9dgrFn_o0qsr3hVihHLF50Bed1Jttef_kbURvg9ypTmYgwWVBKwgb5U1sEONnHMk-d1q9trGvJZhh2s286j3okSNfnOi9tclIQlm3untoB-VG27tUzyMJaXNzfDzE5soYHSP9yutCy05SfwCpvRGKIVR7Jcd_tH3BtWI
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
46321a09-a666-447c-a8cf-8bc35c944ad4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTczODMwMTY3NTA0MzM4Mjc1Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220210/r20110914/ Frame D641 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220210/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cy4BtM83JILsZiLmgreAs5GBOY8qMVcyt5RB6QR5K89Jt9OfFLdiPwYAK5vJD22vBMkBVG4K-0NgV6oMo2H3kemcWACjPI1AW1iasyNStEob6t8_ccKK5wWdT9gXPqoJiCJtZ6N7Pegoh6sHumu8TBRtcV6w&cry=1&dbm_d=AKAmf-Cw46Yvo9UeJz3PFmLMl20UknByuO8tUmVVyLZQA1dmwLsoLq8N2P2vlLlLv2PJlsA7dRPMbEOytWpl8Flu1oksVo1QHT3EeFK9E1jWVt2jvkhyBawLGC6jyxtXaCvG7vKMHG0X7XzGeeZDlDSvaa2HRPHtyTrF-e62lqljZLknDF_07VeMsgYqCw5hSa5QFva5vEsXCv7nIiMQAZ-db-ICQ0OkS3z-WfwGp85KOzn5QF6omsHuP65-Nlwx_CG8g4GJky8_YL6jHtaF0OXih-J6AMiK6qzOsMUVRIh7k4GBoMnsfFHb4Q57OhOrIx35rukvV_dTiniLIWUkD2VO94EvQ4ZKDnL6OEHtyV7O7YdPnPrGdGodCJUto_5iaHpguVGqQX2NnP1RlX4IpT9HH3Q2zG6j4nsEnKNY4Eh9HuJPiC1P65DiTPJY1J-1Yo9SVy_wy8md3CwCI3Y23Q6mITk6hU5e4-7FempGjPghos1TJ64IjlHmWjWqs4REE1tl4e6qolWvVELO41w59rP-1_4Q-odRVQWjhI-Y-H6gDrj4Y4mUhCHBM_yNZjyIEuKcvYSbJp1xH3iMHNOdIRgEUWrKZPs4ta77Dfz4LgVtsiHlubzuYa0AiFcFwgHdHWFO9OvVFTq-b3srssrMD2mzpEwmOs1B2QP2bELEjd3tyyrVUMo7BrM0qvRGUdc7814kVR38GVrYA_kvqke2yVHQE2gUN8fc9J0UJ3I7Zdtw_N7x6HBeDLgcSghJcuKAsFGFIVM86VX06uVHvCJqCTadwOti3svWXBvt1vGn3tKI0hMl8aP4j-3pgZoDWhukubLBG5ETGVceebGxXfI9wy0rP_GRIkgN-0KEps8YnjMguhJplO463iK2quz7Pf2IsS75p-1CGvbKRnlHDZEwtRjT5nERxhAn5A2vFE7Koabp_IkeL5y5A7zIu6qGgafmvecQ2DV-E-rdBwcoLPOUlbHZ9uBQ0_XIVPjuKhQOvDtX191saKnYDWDDo-hdlua3GDT7nyno8EUQqZM8oNSx3S6Kj4wj1GTfmsCK21hxjriz4afnd3wBgiz5a03vgvC9c4TbBfljrO-q565v6fAE4tzmTkawXwaPqq8LrLqwiqhWoFW3ruuP9UD3F_7tgxYSYERO9Pv62z9upgqE2zC4nn7HClLNtSrtHLKQj5ZVqgMxHCDXdoF4RMls5P3e_ECt-fIvj2XAbCMFPGwyrjywPf78bZ505g52QQSONikWjYYhmPCWONtXW1KXEYWAPgbGihwx8eyoa8Qr9fxC79HtCPpplNHEgUVYJnOpTe9cnYraMdAx70g8txe5ELLO-hsDQpTfihKHplnBkJY6oZjURBMP7J5egIV1Yt_aULkVKXUsJOopMU11GQUrpHXU8Ve0QK3X7YnC4IW4vzOPTpZIb7rnc2Gajesqu2jTT4aSiXlNObuAMhcH6qSw6F_0enI6Uh3c8usMbJ2LM4v55GRNwn6sMQuU9lrEKtDgjdxk_SwVPsYAkoc59Vua2l3JhE8Jl32yq61elSIHWK4xeYmItrSqrZjcSIliO8L1KCkDdV7F1rpvMxJSRmxTY2R3JmA-vCCtUWbz97njySlTcdksgLZIX3rm5poF947jVWDRb_gp06qPMBSfzDuoWz24NodqDUXDSwh7D5T3WhkZG_h83MQZDpPGinIeP2KGugm3kXaY7WzbBbG4_pTvPC9RVhnqu-biVYMIMYSK4WuVmT1ynSVkEY94xou4seInt6gZPOGhnAkNhHbqdorcACiagPmZGf2dbjCY9r1JxNKjswE0JKkKzKXhZQTF5viFgR-nAVo73YgXWApEuBOmqZG2qrmGn9OBX6eUOJQbBcmH7B9WJZE-B0QCXuUZ9794UJQNoGpyli5OWslepjYp8mFx1FoP0F6aS9bX8MjWEUGjaVS9HJ54mw6MC1m3e9dDn4mcSQWayCv7RWVeE46-D1kLoejScsaGeNazMryQOmKYTR0rH5oWmfC4P-vnYg2VZRAxV3oi1wG4kX4HfXa3zV-kgtdXiVflxi5JIsRU6j3tsLFeaS0CkLDbd4HjCVBWMhvjLjgaNkoMwpu85Rwjpm6whonjg-oW-iISVsE2-34UGI7pZFKt4WLp7mYgu3T9dCS3xwIHNPEVKkDocB5M3lfwtstRiua4Q4ZE2r1FIQ-eH6ae8f8C-ogb9VxYKNiEagrmBdEz6vmDv0z-J6ZWWEyrvHWBoV-vagH05pN5t7niHbPmmI_wgrvnfSDoAyAdWTWTvE8hqRn2f_NfMiqK2pPCPVGi0fkMPLgAya1iPWLQnKcuf_gEUsbh76p9CBsV3Q2Iqv3xvghjK65yUFJb7M9p4za4cMthEfIMqfyKjTkXoJv_PvuMblMOhBxB2KTNOj-yGp5TzykGkWD_7w-Cthk8_55c0Nmx1d_VIW66Yl3aVg-yZsppq_sewXIExaECRvenkOn31dRRZ5VS-XBO7DkrEK5huvW__bf-YeVCoaBjgZpxLMk0cbR7R64wMq4W0_yawy243H_ecHo2rp647wgaBRS8_IdZNapAxdUwbyRHH8Tih9kfW808D69LWUdRtll8MXrNPUTG7igEZaWNn_F6yFD0_MBkAX3fYo6MYF2PF5d0GmnXsKfp6rmRe6VaqzTvs38VnR79MWu1NRGMQgwm6Un8xRRr4L2T6-alPABaHIUCWxSbL5PIsYDUWJGqaJ8Dt-2YZlEag4wU3FpJ32rXWW6I4PlUclnp6b5gQn7c28nwhcqaXZYgsVfyWST_rgtkDCi1DkKLnWeXelgvsxBLiR5JTnAHIPGIINUdSl-UtI4lJhLbMNbPP0Flxc3MyJ2ACCMYyqKqwNQZpOy468zywnR7jHdHzuKSY9yC4eJ2CDfg0C1iQNez6DsimVtAzJEeDYpPx5lNJPZaSGbGMHs8aqr_d5Ot-aK6-j6ynF1UultIjD2aCImXJNPDhJA4hs7g6nYzLa3Yf4HlUDgHyYOAmYoz0ylKAkd-Xz9HzmIMu6s_g8HkvT2f6Sna96BgcoyL2Rj4GJLPl33qyhVdEG2AOvUwbgXX1Z7bdjQ1UGJclG3WHEnq3ia7HcLyrNlCb2FbCftseGQA4L9t-1Y&cid=CAASFeRo9AjPwLo1Yh30QfCtTlHxcrJBlA&rfl=1%2Chttps%253A%252F%252Fifunny.co%242%2Curn%253Auuid%253Ad081cea3-37f9-d958-cba2-d95837f9d081%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1fc1430cd75c53c33175084b982a96bf011411382359e98c9c327f7c229acae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 05:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9601
x-xss-protection
0
server
cafe
etag
14683223144942375712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Mar 2022 05:57:41 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D641 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cy4BtM83JILsZiLmgreAs5GBOY8qMVcyt5RB6QR5K89Jt9OfFLdiPwYAK5vJD22vBMkBVG4K-0NgV6oMo2H3kemcWACjPI1AW1iasyNStEob6t8_ccKK5wWdT9gXPqoJiCJtZ6N7Pegoh6sHumu8TBRtcV6w&cry=1&dbm_d=AKAmf-Cw46Yvo9UeJz3PFmLMl20UknByuO8tUmVVyLZQA1dmwLsoLq8N2P2vlLlLv2PJlsA7dRPMbEOytWpl8Flu1oksVo1QHT3EeFK9E1jWVt2jvkhyBawLGC6jyxtXaCvG7vKMHG0X7XzGeeZDlDSvaa2HRPHtyTrF-e62lqljZLknDF_07VeMsgYqCw5hSa5QFva5vEsXCv7nIiMQAZ-db-ICQ0OkS3z-WfwGp85KOzn5QF6omsHuP65-Nlwx_CG8g4GJky8_YL6jHtaF0OXih-J6AMiK6qzOsMUVRIh7k4GBoMnsfFHb4Q57OhOrIx35rukvV_dTiniLIWUkD2VO94EvQ4ZKDnL6OEHtyV7O7YdPnPrGdGodCJUto_5iaHpguVGqQX2NnP1RlX4IpT9HH3Q2zG6j4nsEnKNY4Eh9HuJPiC1P65DiTPJY1J-1Yo9SVy_wy8md3CwCI3Y23Q6mITk6hU5e4-7FempGjPghos1TJ64IjlHmWjWqs4REE1tl4e6qolWvVELO41w59rP-1_4Q-odRVQWjhI-Y-H6gDrj4Y4mUhCHBM_yNZjyIEuKcvYSbJp1xH3iMHNOdIRgEUWrKZPs4ta77Dfz4LgVtsiHlubzuYa0AiFcFwgHdHWFO9OvVFTq-b3srssrMD2mzpEwmOs1B2QP2bELEjd3tyyrVUMo7BrM0qvRGUdc7814kVR38GVrYA_kvqke2yVHQE2gUN8fc9J0UJ3I7Zdtw_N7x6HBeDLgcSghJcuKAsFGFIVM86VX06uVHvCJqCTadwOti3svWXBvt1vGn3tKI0hMl8aP4j-3pgZoDWhukubLBG5ETGVceebGxXfI9wy0rP_GRIkgN-0KEps8YnjMguhJplO463iK2quz7Pf2IsS75p-1CGvbKRnlHDZEwtRjT5nERxhAn5A2vFE7Koabp_IkeL5y5A7zIu6qGgafmvecQ2DV-E-rdBwcoLPOUlbHZ9uBQ0_XIVPjuKhQOvDtX191saKnYDWDDo-hdlua3GDT7nyno8EUQqZM8oNSx3S6Kj4wj1GTfmsCK21hxjriz4afnd3wBgiz5a03vgvC9c4TbBfljrO-q565v6fAE4tzmTkawXwaPqq8LrLqwiqhWoFW3ruuP9UD3F_7tgxYSYERO9Pv62z9upgqE2zC4nn7HClLNtSrtHLKQj5ZVqgMxHCDXdoF4RMls5P3e_ECt-fIvj2XAbCMFPGwyrjywPf78bZ505g52QQSONikWjYYhmPCWONtXW1KXEYWAPgbGihwx8eyoa8Qr9fxC79HtCPpplNHEgUVYJnOpTe9cnYraMdAx70g8txe5ELLO-hsDQpTfihKHplnBkJY6oZjURBMP7J5egIV1Yt_aULkVKXUsJOopMU11GQUrpHXU8Ve0QK3X7YnC4IW4vzOPTpZIb7rnc2Gajesqu2jTT4aSiXlNObuAMhcH6qSw6F_0enI6Uh3c8usMbJ2LM4v55GRNwn6sMQuU9lrEKtDgjdxk_SwVPsYAkoc59Vua2l3JhE8Jl32yq61elSIHWK4xeYmItrSqrZjcSIliO8L1KCkDdV7F1rpvMxJSRmxTY2R3JmA-vCCtUWbz97njySlTcdksgLZIX3rm5poF947jVWDRb_gp06qPMBSfzDuoWz24NodqDUXDSwh7D5T3WhkZG_h83MQZDpPGinIeP2KGugm3kXaY7WzbBbG4_pTvPC9RVhnqu-biVYMIMYSK4WuVmT1ynSVkEY94xou4seInt6gZPOGhnAkNhHbqdorcACiagPmZGf2dbjCY9r1JxNKjswE0JKkKzKXhZQTF5viFgR-nAVo73YgXWApEuBOmqZG2qrmGn9OBX6eUOJQbBcmH7B9WJZE-B0QCXuUZ9794UJQNoGpyli5OWslepjYp8mFx1FoP0F6aS9bX8MjWEUGjaVS9HJ54mw6MC1m3e9dDn4mcSQWayCv7RWVeE46-D1kLoejScsaGeNazMryQOmKYTR0rH5oWmfC4P-vnYg2VZRAxV3oi1wG4kX4HfXa3zV-kgtdXiVflxi5JIsRU6j3tsLFeaS0CkLDbd4HjCVBWMhvjLjgaNkoMwpu85Rwjpm6whonjg-oW-iISVsE2-34UGI7pZFKt4WLp7mYgu3T9dCS3xwIHNPEVKkDocB5M3lfwtstRiua4Q4ZE2r1FIQ-eH6ae8f8C-ogb9VxYKNiEagrmBdEz6vmDv0z-J6ZWWEyrvHWBoV-vagH05pN5t7niHbPmmI_wgrvnfSDoAyAdWTWTvE8hqRn2f_NfMiqK2pPCPVGi0fkMPLgAya1iPWLQnKcuf_gEUsbh76p9CBsV3Q2Iqv3xvghjK65yUFJb7M9p4za4cMthEfIMqfyKjTkXoJv_PvuMblMOhBxB2KTNOj-yGp5TzykGkWD_7w-Cthk8_55c0Nmx1d_VIW66Yl3aVg-yZsppq_sewXIExaECRvenkOn31dRRZ5VS-XBO7DkrEK5huvW__bf-YeVCoaBjgZpxLMk0cbR7R64wMq4W0_yawy243H_ecHo2rp647wgaBRS8_IdZNapAxdUwbyRHH8Tih9kfW808D69LWUdRtll8MXrNPUTG7igEZaWNn_F6yFD0_MBkAX3fYo6MYF2PF5d0GmnXsKfp6rmRe6VaqzTvs38VnR79MWu1NRGMQgwm6Un8xRRr4L2T6-alPABaHIUCWxSbL5PIsYDUWJGqaJ8Dt-2YZlEag4wU3FpJ32rXWW6I4PlUclnp6b5gQn7c28nwhcqaXZYgsVfyWST_rgtkDCi1DkKLnWeXelgvsxBLiR5JTnAHIPGIINUdSl-UtI4lJhLbMNbPP0Flxc3MyJ2ACCMYyqKqwNQZpOy468zywnR7jHdHzuKSY9yC4eJ2CDfg0C1iQNez6DsimVtAzJEeDYpPx5lNJPZaSGbGMHs8aqr_d5Ot-aK6-j6ynF1UultIjD2aCImXJNPDhJA4hs7g6nYzLa3Yf4HlUDgHyYOAmYoz0ylKAkd-Xz9HzmIMu6s_g8HkvT2f6Sna96BgcoyL2Rj4GJLPl33qyhVdEG2AOvUwbgXX1Z7bdjQ1UGJclG3WHEnq3ia7HcLyrNlCb2FbCftseGQA4L9t-1Y&cid=CAASFeRo9AjPwLo1Yh30QfCtTlHxcrJBlA&rfl=1%2Chttps%253A%252F%252Fifunny.co%242%2Curn%253Auuid%253Ad081cea3-37f9-d958-cba2-d95837f9d081%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 23:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Feb 2023 23:59:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220210/r20110914/ Frame 5F44 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220210/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUnHM3KnraTD8avmQfLOO17jLxtYXwHcu7ujnHoBgWzdso2viJ2HvrTmzVAIQIfC9zGM7FvEwf4BqPdlXMn9rHT6bRD4FeETkKMeYcUsX5Ls1vSIpi0WFlrzcegBdvxdbVXJENSTUix6DgLikBci0Owk4hog&cry=1&dbm_d=AKAmf-CNBKYQe33UCAdKf0YjW2eJ6J1iCKE8EKNeet-SFHY26yiuN7yuJ2BHi3Vbctq5X7wEEYtQWolLeE2CZiO_EC9fxOpmdynZWclU7q7GtmLK2oE4VJI3YryVlPekpHOOaKeoMWczijG6R15G-YL72Ksj54XL9dSF-L27rkg_LG4_y2GJa98CTXUCanRMgw6IVNGjy2Hv6taipkJ9TGroUdxfc2CIXJBYC38RHjzigEmhefjHSYaHRGNw12rZUBQGJsUV8JjlvvicE-wT_nEJaGGvd4T4y8Pq5GOZxy8snxlnLNjHXPxA8RG0H0CTkBFlARw-hq-RRxpNrwqfEKr0qjKvAxx9EE4Cd7i5WI7nlg7q4Nd8zTFxijz52fpiz-LXfFPRide9xEVTRtjMdjPNqtTYN3Y1euZgE2TSwDwkzjXO0ofZ_KMd895gL3Mc7aohuTkuwvIwOTtEbvu8dWH9T_YvLYnyS-8APvKG_pUd82ilMq7Qj_b5COPjlpFLGy_XXOZ3Bg9B51o2kW0UMxrLeS__MlYX6jKDGiYHImO2a2AjTpwJZ_53g0E8pNfCzRSa_zxxHimwoDYy4qoOtD1Bgh_LR7LJDj533cCl_8MkhcIbvHTinfYxqUa59MLH3DL-MLBElpGT6Nw52DwNUnDqIwSJFs7IHoL2eczed2s4La-oFe3o6CHLKdDtB9TrW7KrXCurGoMvtfCssQTOgOQRazDUqnVnR276tHE_wySY-fcEI3dGunpKSWpD61lhwK1JM0Gkh_0jsqhOyGSME3jDjssuQQ1iTxiZpuWVhRItziIzLPV81DTRROugmeUi6-D8HH9pzkhY_gwGsQrKEUgXFlfQSPAsy6WK08Y6V8VEWo8KCcSgob0CZ6oITlpeRieVXSrFo8h1RxjV66lsW6Gw6Xzt7LRFdj_vgR7mThPIpqWTEbMzKndTUahn_Zs4a-98J1PMxCg5UuhVIIHPLXQgwHkGcA3K3ifTk7ehXhzpNJzmZqFZOTmBjwBoEQM14TDzcYm-56dq7RTtTQPDFSwc9kS8YiRmTZdWkQDkM3atxAJZTKAychZcIO1zjf2n8loOjMwQKtzDDNl94IDI9nb6zF41ajJwjYI1h-8_N5-QFaiOVgG_XDWcMymtVu8WfDFtndFuGN3aglR7S9U5rUF05i5WtX-WcE9gdOZZM1v46R-y-Ak1TLjzlmTJNEt2ej5CVmAGzLSMsnsdAXZJmVLpEAsCgc3mVITcPrVPFqci4bGpIWtEU-64Va1Q6C4I6pFxT_hSGEaMV23kBnDCwOilrQoAj0ZRMdcKDdb55gA72RsH9XTKbH01TrRQFMj-Yv-9eJ_KtYYtvU3mWVLGpRklhxkBMHDexkO8hrswQoINKdbE0xVPYCT0311n0Cf3Xz0SnlZhF8HwT8FOQ2rAJdBhr_yvNT1u-uEHbTWKYppu4ioK1X7DinFkPzAdG2hfL-3TVX0YulE-EDLBiN2qRNA9uQFn2rrpBOJH7TPFlROgE1nk3Dx9LremG-f6itIdPBmLjiQYPKx1KfVmiKtZ364eyiaDJX5tUM2uincQ6RRkkDayiu4I8Huy0gp08SVwGlGlfqnwZPm8sjOvox6uaDVRUV_A2iPwTCFDOxdTc17BQauSzdMZokfWVhH_lUp5XEpwwiOX8A6Ec2RcckkT0oy14Wzds3SuRlQh_T2uS5QGqx8N2g1i_U4Sq2N6-8n6qcvuF-STrtwihnzqE19nUoR9ydT-ZmvrbT69Cjx71WcjuxUXVfjr8zUB_bbbyzK64r0Wyf2IBVQ9yYhf7axuN4fLulrVK6QD381FYx_PFctExRRxbLFUwZaJWD5uFayW1l_JjlMfdB9LfQmijJ6A6ZkYzw7rK3949RTXaiQ6qTJPXCt8EUsdDUL-MSZRWlc5sHsP2fv7F5xvzsywYlAJpPupC7mDHqJ0GKeiljvKm43qBQfps0_93NKaWQm4n3fgojcgnwK93ZMTM7q5dgsh-YnUHd-TglalFIBYloaogDzufvOZXjJkn_IV4XSYui9DvXUHsxcTYddjrSe_H819_fw4HQxpQjoDlT4E1MxdcHqjgcVTxpE3oNUd6eL66J-pClwQ73E4THvRGPQjD86F2CYkPAg4jboUDz_Vbnk8tnO9CRSj-7SREfiXRKk55UjAnuKH2Q_5kF38pyU4ehPbCclbPKBeNeRffRnNtjSlT2ZFZXd_J1OleSB7Zqzx05hVN3nGeu3R4L9smsZq-w1yT_h1hQLoXZ51gpxUqQWS1sdhwCjAnuWAJABGh04GDvmZCaMmtbpADsDIvmKj8xDcG8X_pT2rDKe3N8krx0MSyIzdsr-EW1CkzKSDhOWvKZgqMC9DmmpCnKduInu_YMVuEsuJEscuNB3NeLGtfQpVyRDf2q7Z25ONH4l3HGTmxxMcbt3qs3ScTBWGdzmAPBlYD4i2EkeFE-OviLmoCWs1eh1jyI7LyTfZ0sa5_AxFal-g9IiCSzQkqXNX0CdPMa53tPuxQoHI56BFofcMQXurJGqH2PJt-0Y7S6VohoW_r9KT22qQA1HDmuy-rLPBS8I_QMt3Q_aJKwUgkQaD-6lTTcpPP6eHESxdmoIyTI6UhpGZIlhTCcOu8jwyZ6MWcRxd5kBz9u8xyYBqTGr2vqCWkQlst8U7jLgbXDnnYI7dmRtOw7VJNk8mJtDuy--9hpSR5Z3nwdNelTbkWrRt73zUR9mkznhtqDqqiaZ0NTMZd9PkeKnw00C67n4Oa9-fVPud2MBLyak70sZkflizxp1njOcDkAw8UooUacoEui4s2YBSvLWiCfiLajZtR2UHNNaDhNVYSganjRTQlFyQL4nbnB5HiN5oFbm3r5pDBqILJZEbv7cMXJdK1quNqNyPcHrtA0frcvW9VP36AxcAgjnNFlfEZa_EV6QlXYT07Ng60cWp-wx8lj85wV4lKzJT5NvSrE_qojm6aOBNYZH1A1lklPy09k_1AE5z3FezGVj8H_qjOEDlme-d-66gge7kfHzw-caZ1DIIOZeDIVKCYq_zrF2HMAWmscn8ezKbduXCbcnulft7nnFMiYKp3BLG2D7ztWKE_fuzeYGsKQe4c0I58g9ATmF_R5dALHB_mgV-rtxmhzuz5uVoxJHt&cid=CAASFeRow-eaYoC9jYtX0fKAfyQSOhUB3g&rfl=1%2Chttps%253A%252F%252Fifunny.co%242%2Curn%253Auuid%253Ab09d64bb-0692-0bdd-6414-0bdd0692b09d%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1fc1430cd75c53c33175084b982a96bf011411382359e98c9c327f7c229acae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 05:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
168
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9601
x-xss-protection
0
server
cafe
etag
14683223144942375712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 01 Mar 2022 05:57:41 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5F44 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUnHM3KnraTD8avmQfLOO17jLxtYXwHcu7ujnHoBgWzdso2viJ2HvrTmzVAIQIfC9zGM7FvEwf4BqPdlXMn9rHT6bRD4FeETkKMeYcUsX5Ls1vSIpi0WFlrzcegBdvxdbVXJENSTUix6DgLikBci0Owk4hog&cry=1&dbm_d=AKAmf-CNBKYQe33UCAdKf0YjW2eJ6J1iCKE8EKNeet-SFHY26yiuN7yuJ2BHi3Vbctq5X7wEEYtQWolLeE2CZiO_EC9fxOpmdynZWclU7q7GtmLK2oE4VJI3YryVlPekpHOOaKeoMWczijG6R15G-YL72Ksj54XL9dSF-L27rkg_LG4_y2GJa98CTXUCanRMgw6IVNGjy2Hv6taipkJ9TGroUdxfc2CIXJBYC38RHjzigEmhefjHSYaHRGNw12rZUBQGJsUV8JjlvvicE-wT_nEJaGGvd4T4y8Pq5GOZxy8snxlnLNjHXPxA8RG0H0CTkBFlARw-hq-RRxpNrwqfEKr0qjKvAxx9EE4Cd7i5WI7nlg7q4Nd8zTFxijz52fpiz-LXfFPRide9xEVTRtjMdjPNqtTYN3Y1euZgE2TSwDwkzjXO0ofZ_KMd895gL3Mc7aohuTkuwvIwOTtEbvu8dWH9T_YvLYnyS-8APvKG_pUd82ilMq7Qj_b5COPjlpFLGy_XXOZ3Bg9B51o2kW0UMxrLeS__MlYX6jKDGiYHImO2a2AjTpwJZ_53g0E8pNfCzRSa_zxxHimwoDYy4qoOtD1Bgh_LR7LJDj533cCl_8MkhcIbvHTinfYxqUa59MLH3DL-MLBElpGT6Nw52DwNUnDqIwSJFs7IHoL2eczed2s4La-oFe3o6CHLKdDtB9TrW7KrXCurGoMvtfCssQTOgOQRazDUqnVnR276tHE_wySY-fcEI3dGunpKSWpD61lhwK1JM0Gkh_0jsqhOyGSME3jDjssuQQ1iTxiZpuWVhRItziIzLPV81DTRROugmeUi6-D8HH9pzkhY_gwGsQrKEUgXFlfQSPAsy6WK08Y6V8VEWo8KCcSgob0CZ6oITlpeRieVXSrFo8h1RxjV66lsW6Gw6Xzt7LRFdj_vgR7mThPIpqWTEbMzKndTUahn_Zs4a-98J1PMxCg5UuhVIIHPLXQgwHkGcA3K3ifTk7ehXhzpNJzmZqFZOTmBjwBoEQM14TDzcYm-56dq7RTtTQPDFSwc9kS8YiRmTZdWkQDkM3atxAJZTKAychZcIO1zjf2n8loOjMwQKtzDDNl94IDI9nb6zF41ajJwjYI1h-8_N5-QFaiOVgG_XDWcMymtVu8WfDFtndFuGN3aglR7S9U5rUF05i5WtX-WcE9gdOZZM1v46R-y-Ak1TLjzlmTJNEt2ej5CVmAGzLSMsnsdAXZJmVLpEAsCgc3mVITcPrVPFqci4bGpIWtEU-64Va1Q6C4I6pFxT_hSGEaMV23kBnDCwOilrQoAj0ZRMdcKDdb55gA72RsH9XTKbH01TrRQFMj-Yv-9eJ_KtYYtvU3mWVLGpRklhxkBMHDexkO8hrswQoINKdbE0xVPYCT0311n0Cf3Xz0SnlZhF8HwT8FOQ2rAJdBhr_yvNT1u-uEHbTWKYppu4ioK1X7DinFkPzAdG2hfL-3TVX0YulE-EDLBiN2qRNA9uQFn2rrpBOJH7TPFlROgE1nk3Dx9LremG-f6itIdPBmLjiQYPKx1KfVmiKtZ364eyiaDJX5tUM2uincQ6RRkkDayiu4I8Huy0gp08SVwGlGlfqnwZPm8sjOvox6uaDVRUV_A2iPwTCFDOxdTc17BQauSzdMZokfWVhH_lUp5XEpwwiOX8A6Ec2RcckkT0oy14Wzds3SuRlQh_T2uS5QGqx8N2g1i_U4Sq2N6-8n6qcvuF-STrtwihnzqE19nUoR9ydT-ZmvrbT69Cjx71WcjuxUXVfjr8zUB_bbbyzK64r0Wyf2IBVQ9yYhf7axuN4fLulrVK6QD381FYx_PFctExRRxbLFUwZaJWD5uFayW1l_JjlMfdB9LfQmijJ6A6ZkYzw7rK3949RTXaiQ6qTJPXCt8EUsdDUL-MSZRWlc5sHsP2fv7F5xvzsywYlAJpPupC7mDHqJ0GKeiljvKm43qBQfps0_93NKaWQm4n3fgojcgnwK93ZMTM7q5dgsh-YnUHd-TglalFIBYloaogDzufvOZXjJkn_IV4XSYui9DvXUHsxcTYddjrSe_H819_fw4HQxpQjoDlT4E1MxdcHqjgcVTxpE3oNUd6eL66J-pClwQ73E4THvRGPQjD86F2CYkPAg4jboUDz_Vbnk8tnO9CRSj-7SREfiXRKk55UjAnuKH2Q_5kF38pyU4ehPbCclbPKBeNeRffRnNtjSlT2ZFZXd_J1OleSB7Zqzx05hVN3nGeu3R4L9smsZq-w1yT_h1hQLoXZ51gpxUqQWS1sdhwCjAnuWAJABGh04GDvmZCaMmtbpADsDIvmKj8xDcG8X_pT2rDKe3N8krx0MSyIzdsr-EW1CkzKSDhOWvKZgqMC9DmmpCnKduInu_YMVuEsuJEscuNB3NeLGtfQpVyRDf2q7Z25ONH4l3HGTmxxMcbt3qs3ScTBWGdzmAPBlYD4i2EkeFE-OviLmoCWs1eh1jyI7LyTfZ0sa5_AxFal-g9IiCSzQkqXNX0CdPMa53tPuxQoHI56BFofcMQXurJGqH2PJt-0Y7S6VohoW_r9KT22qQA1HDmuy-rLPBS8I_QMt3Q_aJKwUgkQaD-6lTTcpPP6eHESxdmoIyTI6UhpGZIlhTCcOu8jwyZ6MWcRxd5kBz9u8xyYBqTGr2vqCWkQlst8U7jLgbXDnnYI7dmRtOw7VJNk8mJtDuy--9hpSR5Z3nwdNelTbkWrRt73zUR9mkznhtqDqqiaZ0NTMZd9PkeKnw00C67n4Oa9-fVPud2MBLyak70sZkflizxp1njOcDkAw8UooUacoEui4s2YBSvLWiCfiLajZtR2UHNNaDhNVYSganjRTQlFyQL4nbnB5HiN5oFbm3r5pDBqILJZEbv7cMXJdK1quNqNyPcHrtA0frcvW9VP36AxcAgjnNFlfEZa_EV6QlXYT07Ng60cWp-wx8lj85wV4lKzJT5NvSrE_qojm6aOBNYZH1A1lklPy09k_1AE5z3FezGVj8H_qjOEDlme-d-66gge7kfHzw-caZ1DIIOZeDIVKCYq_zrF2HMAWmscn8ezKbduXCbcnulft7nnFMiYKp3BLG2D7ztWKE_fuzeYGsKQe4c0I58g9ATmF_R5dALHB_mgV-rtxmhzuz5uVoxJHt&cid=CAASFeRow-eaYoC9jYtX0fKAfyQSOhUB3g&rfl=1%2Chttps%253A%252F%252Fifunny.co%242%2Curn%253Auuid%253Ab09d64bb-0692-0bdd-6414-0bdd0692b09d%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 12 Feb 2022 23:59:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Feb 2023 23:59:56 GMT
hjtkt1t9m63l
hal9000.redintelligence.net/zone/ Frame D641 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQ7fefEELYszCMI6DrATD97nwBo_g-IZT9aiLpMoM8C4QASD64NN0YJXikIKgB8gBCakCAmJZyC_5sj6oAwGqBPsBT9CyCrNp1nsq9p-DOsntMMdfXKw1lIVRsZ2zMI5WLTNMLCBVHJDLXFcgPI0d5c4_9zb_BF1Ogg1OcDmf239beTV8Bbt3aUsbU1TgU1VrZ5jKRsvdfGKqV3YUtNiC1RtrN6t3E4V3cKT_Zbm24iwSi8A9uaesSeL9GHtTziyADvnWxNjSNyqyiHsLHi1HBsmnZRVrnSH7lfkCUqO-jysaM1qriEyaq05qsRFY4YX1YF7O0z5wF6TDi_8fTF4H_cHDDAOx-XvgQO55vKt-2z6MD5-y31Tq7JIcTGsheBk-EFsBLyTgdyP8V7VLC34qleuZK0wSY_v_za6L6h_ABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9AjPwLo1Yh30QfCtTlHxcrJBlA%26sig%3DAOD64_1z9YYEcE-31CXsNy9YWQ1vuwYfaA%26client%3Dca-pub-5475785420405214%26dbm_c%3DAKAmf-BZmikJ_kmtGp9NnJgAX8IUK-RmFHViZ2N-pIUqsMlTzYEjJTXiEPVnlk6ZrLAdb507ep1CWH0pMekJFuQ-NP-pxf105rshCirTV4irmHrbzeSsycQWTZ7KJxtbYcfGZt8FH5UBYBJ2_sQhaQfbYH4LFGAFfA%26cry%3D1%26dbm_d%3DAKAmf-BH8Y9b31j7oiQTRsp7ErVTuMgdUvj4sAFArP8zYsK-NUevg_qbryVzRSf9nG-lw7IinfOXNm4VC5TTuYwO1eYkjwGQjORWP-CMgtXFrQA900LzQsGfyHPxq88w3XbCAc53p5zFn7TeV-UYOBIC8CRXgUAP2NNHwE50jxng99ER0V0FVcXh_-srU5dGXKA3mrf79aLbfR-CUYY5CfU4F8QW7owbdnO6xT4aAoZQkLBa_ZoJTOa3JCTfd1pK13zkFLncUmHgwBVOSXaJ3f0_-tAvuSAKZy7amWEllIuFmVfaxrFLTJNoJqHXRbmoDJlUhusJqQg-z4U2We-iyo7Bs_EP6KH1PiXC8aVgRDMS2THniGjX11-bLJTHXrHILMcBg5wFVIRh56n9K8TxNJ6SGtU0z-Iq9A%26adurl%3D
Requested by
Host: uuid
URL: urn:uuid:d081cea3-37f9-d958-cba2-d95837f9d081
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1e8425b8d15bda7d9bd16f5d0b107be1b18266a861f1fe55c9c044858aa61dc2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 06:00:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3881
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
request.php
hal900025.redintelligence.net/ Frame D641
Redirect Chain
  • https://hal900025.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=6bb5f11554&subid=&uid=b29204790a5d77fd&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900025.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=6bb5f11554&subid=&uid=b29204790a5d77fd&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=6bb5f11554&subid=&uid=b29204790a5d77fd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQ7fefEELYszCMI6DrATD97nwBo_g-IZT9aiLpMoM8C4QASD64NN0YJXikIKgB8gBCakCAmJZyC_5sj6oAwGqBPsBT9CyCrNp1nsq9p-DOsntMMdfXKw1lIVRsZ2zMI5WLTNMLCBVHJDLXFcgPI0d5c4_9zb_BF1Ogg1OcDmf239beTV8Bbt3aUsbU1TgU1VrZ5jKRsvdfGKqV3YUtNiC1RtrN6t3E4V3cKT_Zbm24iwSi8A9uaesSeL9GHtTziyADvnWxNjSNyqyiHsLHi1HBsmnZRVrnSH7lfkCUqO-jysaM1qriEyaq05qsRFY4YX1YF7O0z5wF6TDi_8fTF4H_cHDDAOx-XvgQO55vKt-2z6MD5-y31Tq7JIcTGsheBk-EFsBLyTgdyP8V7VLC34qleuZK0wSY_v_za6L6h_ABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9AjPwLo1Yh30QfCtTlHxcrJBlA%26sig%3DAOD64_1z9YYEcE-31CXsNy9YWQ1vuwYfaA%26client%3Dca-pub-5475785420405214%26dbm_c%3DAKAmf-BZmikJ_kmtGp9NnJgAX8IUK-RmFHViZ2N-pIUqsMlTzYEjJTXiEPVnlk6ZrLAdb507ep1CWH0pMekJFuQ-NP-pxf105rshCirTV4irmHrbzeSsycQWTZ7KJxtbYcfGZt8FH5UBYBJ2_sQhaQfbYH4LFGAFfA%26cry%3D1%26dbm_d%3DAKAmf-BH8Y9b31j7oiQTRsp7ErVTuMgdUvj4sAFArP8zYsK-NUevg_qbryVzRSf9nG-lw7IinfOXNm4VC5TTuYwO1eYkjwGQjORWP-CMgtXFrQA900LzQsGfyHPxq88w3XbCAc53p5zFn7TeV-UYOBIC8CRXgUAP2NNHwE50jxng99ER0V0FVcXh_-srU5dGXKA3mrf79aLbfR-CUYY5CfU4F8QW7owbdnO6xT4aAoZQkLBa_ZoJTOa3JCTfd1pK13zkFLncUmHgwBVOSXaJ3f0_-tAvuSAKZy7amWEllIuFmVfaxrFLTJNoJqHXRbmoDJlUhusJqQg-z4U2We-iyo7Bs_EP6KH1PiXC8aVgRDMS2THniGjX11-bLJTHXrHILMcBg5wFVIRh56n9K8TxNJ6SGtU0z-Iq9A%26adurl%3D&documentReferer=urn%3Auuid%3Ad081cea3-37f9-d958-cba2-d95837f9d081&ancestorOrigins=https%3A%2F%2Fifunny.co&random=2100745584072&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: uuid
URL: urn:uuid:d081cea3-37f9-d958-cba2-d95837f9d081
Protocol
HTTP/1.1
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e4c954fa61b02c3847f59ac9b5767f7dd987d1779b110ec61a17c8cca93420af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
33203500018792900710584011871025
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1040
Expires
Tue, 15 Feb 2022 06:00:29 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=6bb5f11554&subid=&uid=b29204790a5d77fd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQ7fefEELYszCMI6DrATD97nwBo_g-IZT9aiLpMoM8C4QASD64NN0YJXikIKgB8gBCakCAmJZyC_5sj6oAwGqBPsBT9CyCrNp1nsq9p-DOsntMMdfXKw1lIVRsZ2zMI5WLTNMLCBVHJDLXFcgPI0d5c4_9zb_BF1Ogg1OcDmf239beTV8Bbt3aUsbU1TgU1VrZ5jKRsvdfGKqV3YUtNiC1RtrN6t3E4V3cKT_Zbm24iwSi8A9uaesSeL9GHtTziyADvnWxNjSNyqyiHsLHi1HBsmnZRVrnSH7lfkCUqO-jysaM1qriEyaq05qsRFY4YX1YF7O0z5wF6TDi_8fTF4H_cHDDAOx-XvgQO55vKt-2z6MD5-y31Tq7JIcTGsheBk-EFsBLyTgdyP8V7VLC34qleuZK0wSY_v_za6L6h_ABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9AjPwLo1Yh30QfCtTlHxcrJBlA%26sig%3DAOD64_1z9YYEcE-31CXsNy9YWQ1vuwYfaA%26client%3Dca-pub-5475785420405214%26dbm_c%3DAKAmf-BZmikJ_kmtGp9NnJgAX8IUK-RmFHViZ2N-pIUqsMlTzYEjJTXiEPVnlk6ZrLAdb507ep1CWH0pMekJFuQ-NP-pxf105rshCirTV4irmHrbzeSsycQWTZ7KJxtbYcfGZt8FH5UBYBJ2_sQhaQfbYH4LFGAFfA%26cry%3D1%26dbm_d%3DAKAmf-BH8Y9b31j7oiQTRsp7ErVTuMgdUvj4sAFArP8zYsK-NUevg_qbryVzRSf9nG-lw7IinfOXNm4VC5TTuYwO1eYkjwGQjORWP-CMgtXFrQA900LzQsGfyHPxq88w3XbCAc53p5zFn7TeV-UYOBIC8CRXgUAP2NNHwE50jxng99ER0V0FVcXh_-srU5dGXKA3mrf79aLbfR-CUYY5CfU4F8QW7owbdnO6xT4aAoZQkLBa_ZoJTOa3JCTfd1pK13zkFLncUmHgwBVOSXaJ3f0_-tAvuSAKZy7amWEllIuFmVfaxrFLTJNoJqHXRbmoDJlUhusJqQg-z4U2We-iyo7Bs_EP6KH1PiXC8aVgRDMS2THniGjX11-bLJTHXrHILMcBg5wFVIRh56n9K8TxNJ6SGtU0z-Iq9A%26adurl%3D&documentReferer=urn%3Auuid%3Ad081cea3-37f9-d958-cba2-d95837f9d081&ancestorOrigins=https%3A%2F%2Fifunny.co&random=2100745584072&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Tue, 15 Feb 2022 06:00:29 +0100
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1DE5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Feb 2022 01:16:16 GMT
expires
Mon, 13 Feb 2023 01:16:16 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
189853
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4CF8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Feb 2022 01:16:16 GMT
expires
Mon, 13 Feb 2023 01:16:16 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
189853
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hjtkt1t9m63l
hal9000.redintelligence.net/zone/ Frame 5F44 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU7u1fEELYt2TMIaQrASR9J6wBY_g-IZT9aiLpMoM8C4QASD64NN0YJXikIKgB8gBCakCTdMrEIr3sj6oAwGqBIECT9DWR4p5eSMEZMx5tnUr4ogHxnAhF1HzhnE7yF9u3T2PeSwrrQwFuwvsTVXGcZYXVaIykCdqG-5e-g6ZDxhbfoTIuQoA_nFWjRJaaFmJi9hC_e45Umf6SzEH0cnKonKoJmOQC3Ep6ugFxtnbLTKPDaZGljtjYMrjBPGeV5G9NJwAOsY36ol9ijrKoERV7kDccYw_jvoVeyQa-ApdshPVeL6oNivusYr4fxOGO5mPwgO1tzjdnaYFxD4eGt0JspAW9oyukyHy2Na28lLbLtEycwmDrmNXNjY_UH3RXl4rsiNxx8ZeMzbVacdSU1HUwVVugsCpw2K1CAkzaCeHnQOUohXABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRow-eaYoC9jYtX0fKAfyQSOhUB3g%26sig%3DAOD64_1q6mC2KtzGNrF6K5Q0bcsf0ZddSg%26client%3Dca-pub-5475785420405214%26dbm_c%3DAKAmf-DZC2dyDACBKFdQQSHQuPP2Wdxnf-heV7TnozfHbr0i9kWBiDp67EBnyNwl2v9Ekof46iouRL-c_s1cEHYjzDsL5Ga_hoPgUidJ4V3_QNYZjT9zifROetnJlnjx0tSrrIH6SlihYbNbqKxCYkX5tHiO0tiu1g%26cry%3D1%26dbm_d%3DAKAmf-DYiJ9EB97_b1f27JQm-EzhhAh7cZGn9xHKMp1J-N2DHTVKUolXQx7CYDxKNejEVjrB4Ciq3ZGrmZmd9zl8dN2ZbCt6VtrGughmFvMC3RhVvKWa3eSG-9XCnNlvugcOJPKJU231UsG2nITKttXbbglSc2_AzYOpKWkZBgEWalQMOgq1HHdm0AUU-4TH-5ljEr2rM-Z41uChoTf44_nKsNP-NaDcUJDzTp-L2ite5kQnE56lcOp0rHQQWj9O5bttFmNHY8yDQ3TDAilR9eyzOVjyKUxf7PZleM0JDDz619AFMuNEbns06WCkfiLICG__5jGux7dZ6X60YPNjfq6S0s5ORWQc1E85MBGpBsjJs7yvS_H373mAEnwtsvlDhnqXgEPEkJ8Gm2EJTmBOHfaBsjNSZIU6fg%26adurl%3D
Requested by
Host: uuid
URL: urn:uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
1ad2c6c994c610ea48a727e2ea4b7496fac84cad20d613294b8f0e5a847c84ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 06:00:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3885
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
request.php
hal900012.redintelligence.net/ Frame 5F44 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=3e68b9a325&subid=&uid=4af32deff32c129d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU7u1fEELYt2TMIaQrASR9J6wBY_g-IZT9aiLpMoM8C4QASD64NN0YJXikIKgB8gBCakCTdMrEIr3sj6oAwGqBIECT9DWR4p5eSMEZMx5tnUr4ogHxnAhF1HzhnE7yF9u3T2PeSwrrQwFuwvsTVXGcZYXVaIykCdqG-5e-g6ZDxhbfoTIuQoA_nFWjRJaaFmJi9hC_e45Umf6SzEH0cnKonKoJmOQC3Ep6ugFxtnbLTKPDaZGljtjYMrjBPGeV5G9NJwAOsY36ol9ijrKoERV7kDccYw_jvoVeyQa-ApdshPVeL6oNivusYr4fxOGO5mPwgO1tzjdnaYFxD4eGt0JspAW9oyukyHy2Na28lLbLtEycwmDrmNXNjY_UH3RXl4rsiNxx8ZeMzbVacdSU1HUwVVugsCpw2K1CAkzaCeHnQOUohXABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRow-eaYoC9jYtX0fKAfyQSOhUB3g%26sig%3DAOD64_1q6mC2KtzGNrF6K5Q0bcsf0ZddSg%26client%3Dca-pub-5475785420405214%26dbm_c%3DAKAmf-DZC2dyDACBKFdQQSHQuPP2Wdxnf-heV7TnozfHbr0i9kWBiDp67EBnyNwl2v9Ekof46iouRL-c_s1cEHYjzDsL5Ga_hoPgUidJ4V3_QNYZjT9zifROetnJlnjx0tSrrIH6SlihYbNbqKxCYkX5tHiO0tiu1g%26cry%3D1%26dbm_d%3DAKAmf-DYiJ9EB97_b1f27JQm-EzhhAh7cZGn9xHKMp1J-N2DHTVKUolXQx7CYDxKNejEVjrB4Ciq3ZGrmZmd9zl8dN2ZbCt6VtrGughmFvMC3RhVvKWa3eSG-9XCnNlvugcOJPKJU231UsG2nITKttXbbglSc2_AzYOpKWkZBgEWalQMOgq1HHdm0AUU-4TH-5ljEr2rM-Z41uChoTf44_nKsNP-NaDcUJDzTp-L2ite5kQnE56lcOp0rHQQWj9O5bttFmNHY8yDQ3TDAilR9eyzOVjyKUxf7PZleM0JDDz619AFMuNEbns06WCkfiLICG__5jGux7dZ6X60YPNjfq6S0s5ORWQc1E85MBGpBsjJs7yvS_H373mAEnwtsvlDhnqXgEPEkJ8Gm2EJTmBOHfaBsjNSZIU6fg%26adurl%3D&documentReferer=urn%3Auuid%3Ab09d64bb-0692-0bdd-6414-0bdd0692b09d&ancestorOrigins=https%3A%2F%2Fifunny.co&random=8922755339200&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/hjtkt1t9m63l?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU7u1fEELYt2TMIaQrASR9J6wBY_g-IZT9aiLpMoM8C4QASD64NN0YJXikIKgB8gBCakCTdMrEIr3sj6oAwGqBIECT9DWR4p5eSMEZMx5tnUr4ogHxnAhF1HzhnE7yF9u3T2PeSwrrQwFuwvsTVXGcZYXVaIykCdqG-5e-g6ZDxhbfoTIuQoA_nFWjRJaaFmJi9hC_e45Umf6SzEH0cnKonKoJmOQC3Ep6ugFxtnbLTKPDaZGljtjYMrjBPGeV5G9NJwAOsY36ol9ijrKoERV7kDccYw_jvoVeyQa-ApdshPVeL6oNivusYr4fxOGO5mPwgO1tzjdnaYFxD4eGt0JspAW9oyukyHy2Na28lLbLtEycwmDrmNXNjY_UH3RXl4rsiNxx8ZeMzbVacdSU1HUwVVugsCpw2K1CAkzaCeHnQOUohXABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRow-eaYoC9jYtX0fKAfyQSOhUB3g%26sig%3DAOD64_1q6mC2KtzGNrF6K5Q0bcsf0ZddSg%26client%3Dca-pub-5475785420405214%26dbm_c%3DAKAmf-DZC2dyDACBKFdQQSHQuPP2Wdxnf-heV7TnozfHbr0i9kWBiDp67EBnyNwl2v9Ekof46iouRL-c_s1cEHYjzDsL5Ga_hoPgUidJ4V3_QNYZjT9zifROetnJlnjx0tSrrIH6SlihYbNbqKxCYkX5tHiO0tiu1g%26cry%3D1%26dbm_d%3DAKAmf-DYiJ9EB97_b1f27JQm-EzhhAh7cZGn9xHKMp1J-N2DHTVKUolXQx7CYDxKNejEVjrB4Ciq3ZGrmZmd9zl8dN2ZbCt6VtrGughmFvMC3RhVvKWa3eSG-9XCnNlvugcOJPKJU231UsG2nITKttXbbglSc2_AzYOpKWkZBgEWalQMOgq1HHdm0AUU-4TH-5ljEr2rM-Z41uChoTf44_nKsNP-NaDcUJDzTp-L2ite5kQnE56lcOp0rHQQWj9O5bttFmNHY8yDQ3TDAilR9eyzOVjyKUxf7PZleM0JDDz619AFMuNEbns06WCkfiLICG__5jGux7dZ6X60YPNjfq6S0s5ORWQc1E85MBGpBsjJs7yvS_H373mAEnwtsvlDhnqXgEPEkJ8Gm2EJTmBOHfaBsjNSZIU6fg%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
f4e090c830beaa69ad6de77b6aed740191947b7bee218151ad5b9b58062d7ba9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
54117900021540200710584011871012
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1039
Expires
Tue, 15 Feb 2022 06:00:29 +0100
-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
pagead2.googlesyndication.com/bg/ Frame 1DE5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 19:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
36606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13554
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 19:50:23 GMT
-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
pagead2.googlesyndication.com/bg/ Frame 4CF8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 19:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
36606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13554
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 19:50:23 GMT
activityi;dc_pre=CJeWvICEgfYCFcrd1Qod4P4DpA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8683384324784.997
5994599.fls.doubleclick.net/ Frame 690B
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8683384324784.997?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CJeWvICEgfYCFcrd1Qod4P4DpA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8683384324784.997?
391 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJeWvICEgfYCFcrd1Qod4P4DpA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8683384324784.997?
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
5f69eec589fc45efd2c6326041de1ed467ce1091a4fa7c96b13100b482b5f15a
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 15 Feb 2022 06:00:29 GMT
expires
Tue, 15 Feb 2022 06:00:29 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 15 Feb 2022 06:00:29 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJeWvICEgfYCFcrd1Qod4P4DpA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8683384324784.997?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900025.redintelligence.net/ Frame 3947 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/request_content.php?s=33203500018792900710584011871025&a=a8031e31
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=6bb5f11554&subid=&uid=b29204790a5d77fd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQ7fefEELYszCMI6DrATD97nwBo_g-IZT9aiLpMoM8C4QASD64NN0YJXikIKgB8gBCakCAmJZyC_5sj6oAwGqBPsBT9CyCrNp1nsq9p-DOsntMMdfXKw1lIVRsZ2zMI5WLTNMLCBVHJDLXFcgPI0d5c4_9zb_BF1Ogg1OcDmf239beTV8Bbt3aUsbU1TgU1VrZ5jKRsvdfGKqV3YUtNiC1RtrN6t3E4V3cKT_Zbm24iwSi8A9uaesSeL9GHtTziyADvnWxNjSNyqyiHsLHi1HBsmnZRVrnSH7lfkCUqO-jysaM1qriEyaq05qsRFY4YX1YF7O0z5wF6TDi_8fTF4H_cHDDAOx-XvgQO55vKt-2z6MD5-y31Tq7JIcTGsheBk-EFsBLyTgdyP8V7VLC34qleuZK0wSY_v_za6L6h_ABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRo9AjPwLo1Yh30QfCtTlHxcrJBlA%26sig%3DAOD64_1z9YYEcE-31CXsNy9YWQ1vuwYfaA%26client%3Dca-pub-5475785420405214%26dbm_c%3DAKAmf-BZmikJ_kmtGp9NnJgAX8IUK-RmFHViZ2N-pIUqsMlTzYEjJTXiEPVnlk6ZrLAdb507ep1CWH0pMekJFuQ-NP-pxf105rshCirTV4irmHrbzeSsycQWTZ7KJxtbYcfGZt8FH5UBYBJ2_sQhaQfbYH4LFGAFfA%26cry%3D1%26dbm_d%3DAKAmf-BH8Y9b31j7oiQTRsp7ErVTuMgdUvj4sAFArP8zYsK-NUevg_qbryVzRSf9nG-lw7IinfOXNm4VC5TTuYwO1eYkjwGQjORWP-CMgtXFrQA900LzQsGfyHPxq88w3XbCAc53p5zFn7TeV-UYOBIC8CRXgUAP2NNHwE50jxng99ER0V0FVcXh_-srU5dGXKA3mrf79aLbfR-CUYY5CfU4F8QW7owbdnO6xT4aAoZQkLBa_ZoJTOa3JCTfd1pK13zkFLncUmHgwBVOSXaJ3f0_-tAvuSAKZy7amWEllIuFmVfaxrFLTJNoJqHXRbmoDJlUhusJqQg-z4U2We-iyo7Bs_EP6KH1PiXC8aVgRDMS2THniGjX11-bLJTHXrHILMcBg5wFVIRh56n9K8TxNJ6SGtU0z-Iq9A%26adurl%3D&documentReferer=urn%3Auuid%3Ad081cea3-37f9-d958-cba2-d95837f9d081&ancestorOrigins=https%3A%2F%2Fifunny.co&random=2100745584072&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f63b0867e519bc4790d7eda9e0cf5d54b9db0448ca2a409486e1d44b4ebb23f6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 15 Feb 2022 06:00:29 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 15 Feb 2022 06:00:29 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2034
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame D641 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=33203500018792900710584011871025&pv=1
Requested by
Host: uuid
URL: urn:uuid:d081cea3-37f9-d958-cba2-d95837f9d081
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame D641 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2601049&v=18332&q=376776&r=296283&pref1=33203500018792900710584011871025&pv=1
Requested by
Host: uuid
URL: urn:uuid:d081cea3-37f9-d958-cba2-d95837f9d081
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame D641 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=33203500018792900710584011871025&pv=1
Requested by
Host: uuid
URL: urn:uuid:d081cea3-37f9-d958-cba2-d95837f9d081
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
truncated
/ Frame D641 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c77a219ec0a4a3e629bf72efb808b74be7d69ceecb4e0e4190af614eb06ea229

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
activityi;dc_pre=CNSYvICEgfYCFeTp5godKtUCPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6959954311138.259
5994599.fls.doubleclick.net/ Frame 70C0
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6959954311138.259?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CNSYvICEgfYCFeTp5godKtUCPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6959954311138.259?
391 B
343 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNSYvICEgfYCFeTp5godKtUCPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6959954311138.259?
Requested by
Host: ifunny.co
URL: https://ifunny.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
3ce475a83683ee10ad55664557fa4481f7b5c17fddd2b868486eb78113d9e568
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 15 Feb 2022 06:00:29 GMT
expires
Tue, 15 Feb 2022 06:00:29 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
320
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 15 Feb 2022 06:00:29 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CNSYvICEgfYCFeTp5godKtUCPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6959954311138.259?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900012.redintelligence.net/ Frame 062B 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request_content.php?s=54117900021540200710584011871012&a=cb655710
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=hjtkt1t9m63l&nw=20&renderingType=javascript&namespace=3e68b9a325&subid=&uid=4af32deff32c129d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCU7u1fEELYt2TMIaQrASR9J6wBY_g-IZT9aiLpMoM8C4QASD64NN0YJXikIKgB8gBCakCTdMrEIr3sj6oAwGqBIECT9DWR4p5eSMEZMx5tnUr4ogHxnAhF1HzhnE7yF9u3T2PeSwrrQwFuwvsTVXGcZYXVaIykCdqG-5e-g6ZDxhbfoTIuQoA_nFWjRJaaFmJi9hC_e45Umf6SzEH0cnKonKoJmOQC3Ep6ugFxtnbLTKPDaZGljtjYMrjBPGeV5G9NJwAOsY36ol9ijrKoERV7kDccYw_jvoVeyQa-ApdshPVeL6oNivusYr4fxOGO5mPwgO1tzjdnaYFxD4eGt0JspAW9oyukyHy2Na28lLbLtEycwmDrmNXNjY_UH3RXl4rsiNxx8ZeMzbVacdSU1HUwVVugsCpw2K1CAkzaCeHnQOUohXABLvxqMDPAeAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbAT3JnrDdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRow-eaYoC9jYtX0fKAfyQSOhUB3g%26sig%3DAOD64_1q6mC2KtzGNrF6K5Q0bcsf0ZddSg%26client%3Dca-pub-5475785420405214%26dbm_c%3DAKAmf-DZC2dyDACBKFdQQSHQuPP2Wdxnf-heV7TnozfHbr0i9kWBiDp67EBnyNwl2v9Ekof46iouRL-c_s1cEHYjzDsL5Ga_hoPgUidJ4V3_QNYZjT9zifROetnJlnjx0tSrrIH6SlihYbNbqKxCYkX5tHiO0tiu1g%26cry%3D1%26dbm_d%3DAKAmf-DYiJ9EB97_b1f27JQm-EzhhAh7cZGn9xHKMp1J-N2DHTVKUolXQx7CYDxKNejEVjrB4Ciq3ZGrmZmd9zl8dN2ZbCt6VtrGughmFvMC3RhVvKWa3eSG-9XCnNlvugcOJPKJU231UsG2nITKttXbbglSc2_AzYOpKWkZBgEWalQMOgq1HHdm0AUU-4TH-5ljEr2rM-Z41uChoTf44_nKsNP-NaDcUJDzTp-L2ite5kQnE56lcOp0rHQQWj9O5bttFmNHY8yDQ3TDAilR9eyzOVjyKUxf7PZleM0JDDz619AFMuNEbns06WCkfiLICG__5jGux7dZ6X60YPNjfq6S0s5ORWQc1E85MBGpBsjJs7yvS_H373mAEnwtsvlDhnqXgEPEkJ8Gm2EJTmBOHfaBsjNSZIU6fg%26adurl%3D&documentReferer=urn%3Auuid%3Ab09d64bb-0692-0bdd-6414-0bdd0692b09d&ancestorOrigins=https%3A%2F%2Fifunny.co&random=8922755339200&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
937ca5e2bedc9382577fbb7554aa45f85088ba1d91a4cfb96e5aa89a63379b05

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 15 Feb 2022 06:00:29 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 15 Feb 2022 06:00:29 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2019
Connection
close
Content-Type
text/html; charset=utf-8
cshow.php
www.awin1.com/ Frame 5F44 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2874697&v=22610&q=408799&r=296283&pref1=54117900021540200710584011871012&pv=1
Requested by
Host: uuid
URL: urn:uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame 5F44 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2601050&v=18332&q=376776&r=296283&pref1=54117900021540200710584011871012&pv=1
Requested by
Host: uuid
URL: urn:uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame 5F44 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=54117900021540200710584011871012&pv=1
Requested by
Host: uuid
URL: urn:uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 15 Feb 2022 06:00:29 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
truncated
/ Frame 5F44 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0df82887d9cfcf460959ff21a619c83ceddccb6a5ab72036e7f92983237ea9e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 3947 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=33203500018792900710584011871025&a=a8031e31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 05:22:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Feb 2022 06:00:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Feb 2022 06:00:29 GMT
/
hal9000.redintelligence.net/scale/ Frame 3947 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=33203500018792900710584011871025&a=a8031e31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a4d1c458c3a21c68d616258b3f7e52402a0270c929719ab0b2e11176655a8fb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 06:00:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16816
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3947 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=33203500018792900710584011871025&a=a8031e31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
63c5b0ddd19f5b0d96605586f41563a3a49e6160e54364c9f6e7251769687de7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 06:00:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15246
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3947 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=33203500018792900710584011871025&a=a8031e31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
fb00f6d83f7fe6c657d029a26fabef1da16c128a16e61c92091596bc575e6a91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 06:00:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16853
Vary
Accept-Encoding
Content-Type
image/png
css
fonts.googleapis.com/ Frame 062B 		4 KB
722 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=54117900021540200710584011871012&a=cb655710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 04:38:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 15 Feb 2022 06:00:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Feb 2022 06:00:29 GMT
/
hal9000.redintelligence.net/scale/ Frame 062B 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59171/creativesup/vega-1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=54117900021540200710584011871012&a=cb655710
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a4d1c458c3a21c68d616258b3f7e52402a0270c929719ab0b2e11176655a8fb5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 06:00:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16816
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 062B 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52343/creativesup/1200x627_2.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=54117900021540200710584011871012&a=cb655710
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
63c5b0ddd19f5b0d96605586f41563a3a49e6160e54364c9f6e7251769687de7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 06:00:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15246
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 062B 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=54117900021540200710584011871012&a=cb655710
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
fb00f6d83f7fe6c657d029a26fabef1da16c128a16e61c92091596bc575e6a91

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 06:00:29 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16853
Vary
Accept-Encoding
Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CF8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BweUIfUELYvT6CPXUx_AP4uuRqAIAAAAAOAHgBAI&bg=!TU6lTgrNAAbAtJCDwLQ7ACkAdvg8Wo3gja9jIR1TjRhhjfnhcR-LwuF-MVEV9IILpdbltVaUbPC7cAIAAADSUgAAAAdoAQeZAq_rJnCIWxahvFha274dPIEbLie_mKlXXufDduLhfL_0D5pIxSAE7NE5jYytFKZYKyaMRkxlztncM52DlnYBOF8CQn4WSWbSzi6reoeuhEUs0-Khc82Qg2w6WjGdyp_bi0A5XZzeMq23vYRsWWJQizxZXa6fyOV-sQ04wsDaK1E8W0Osczlr59myFEknKrZk4tPFDzdz22pca1JRvbI-Ju5Lg_Yf_JWCm2Owlnj6_ajtkWI_yylYhWT90H0oMCIW2qrdVeujOviJR-qIVsdA3sMlvTdv-AkNukgsOJhhhwrTnu96DxD5LGzLwOYQkwlBesUBgevuOUwFr5-scr-SndsgtbvoMIbbYrhrq5XHnHXdLq6hsCIjEgF_I97K_5wzSJ4DsuDdx3dbzPr6Y0eE9CMwLtj7AvRqD_j1jszmV-dfBbg0NymSxsEyqo4tkaugLYyMzBuuni4eHB_-QHmTI3rFbyd55HZk1aNh-GXE9uNTUKdnRb4kvmacw4CDmjEuMbSWDfjFqNj7xfSVPoq74-MXUR9KzmBMryqDCu9l2eFc5cwRHsY-g-YYYdgQR-dX5Gc4opoMs_mVZqi_9dLz3DE24QrKrQUtB9a0HIrQYf13hEBWbWE-vTMGoeefVoJoSTrzFLJPYU_rT4n84L1_BsqOxmUSXE5b80arzqmDP6iJge9Iax01w9RED9SBJ-nZbP9AdafZXUlHOO76h-vQsDyz2E6mdSYzhZD3gwd8rIGIOgIUA-aFsKAoTWJ0FFTW1h5P2R0_vgUGSE067sywHUS1UfQY3DzMHy5H1-uHrm-XzrWNutpZLLXAgwZ2a2rjxm2z-pYCyZ9pQDUKumanuQWyyx9hdHOdrUTcVplhx911B1DWAp23gOFKpzO-Yn1ng9uovxX1dh6XAtMN_D4v9DA
Requested by
Host: uuid
URL: urn:uuid:b09d64bb-0692-0bdd-6414-0bdd0692b09d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DE5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B__qafUELYvnyCMvc7gOAiYi4BwAAAAA4AeAEAg&bg=!SkmlSQ3NAAbAtJCDwLQ7ACkAdvg8WqOkzZGU2J0F7b844UsOe1e0VKzqJeZ1ggnkfmT9eovum8BfEgIAAADlUgAAAAJoAQeZAsv3DYwB-vGr-RmC_9KsI7Z01i8lbeOomUcs5WofLSz3VST2OEYFDqhAM5He6d2Y8JIpYBftu7DlbB-zsq_v3e1ivn9rbuU4u4YOfVImqQpa84c3Hjx3Y4Unq6ymvsFU13VJT5kxyGHmUjycGPtKzCzRhh8iGt_n4ZR7JBi8P1_QNws8HrfyVfshaNxeeQkHQkaeJjxN0RaLdwXQW7hDyrcN-HQKBmiCfK8pBpTq276tirZFYdSiSm8iNRvgSk0FsEzQ4iAYmR049iOoW7njgCkS0aWh3KdXgLJ4Q7KW94KnKhQojVa0HMU7MAmFLgRhebgwabgrXihO4jQ1O8ooBoWWNGSp_jEG2OtjlLhPXIsT1tXTh6MbPUQrazDHAPT34Y9pAb2McFRZItWNY_kHkrk8u_DypvYr4lbpPwN3MkNE_ogOld_J-VNC7_OWX03pzYKYh0zHu0mseHEyfgWkgIbsUTodXmZB9WlsJDxHqP5SUn9wle8T5kq-e2HI3J5RDUXj8X8tLkCw0AHUHtsLi8uXV2v-6soDJoXoFpdWRS6GTpfwECDEU6S45KIOjWRCMReLvWFhq5Xw67QekvyBdLcd41CJusFPJm4RXfXII2AjynxxodnnOUWIws-LJCeZ4B_XHcKwp_fglw529rJfoIv7F8SFlRs2tuxfaeACe0EPieeBIIrqFZIVNMOY0jbomNe4zirTjXR2knNVCaFd2H5IJ7xrfSoSoN_17y5ybHdRPemtdUtI_6Wgb_2EeYY7AuVaY4hfcc22WSAegZOMrquM7Q6nggtnmzPP0bzkI1kXG0mMlMwTND0_bf_I42yW466jPEkBRTqDf8QSjmdkmPeuuPlEP973DtM6whkPFrraOSn1PeQliP1YoJrioLzNbcsFplyGNr1VycKhrMGWwB3FIdntAeJI2kZfq4BtGOzrFb9Av0JK0NF182mz
Requested by
Host: uuid
URL: urn:uuid:d081cea3-37f9-d958-cba2-d95837f9d081
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900025.redintelligence.net/ Frame 3947 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900025.redintelligence.net/viewability?s=33203500018792900710584011871025&a=a6454915&vb=m
Requested by
Host: hal900025.redintelligence.net
URL: https://hal900025.redintelligence.net/request_content.php?s=33203500018792900710584011871025&a=a8031e31
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900025.redintelligence.net/request_content.php?s=33203500018792900710584011871025&a=a8031e31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 06:00:29 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 3947 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900025.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 21:39:33 GMT
x-content-type-options
nosniff
age
30056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 14 Feb 2023 21:39:33 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 3947 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900025.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 14:56:27 GMT
x-content-type-options
nosniff
age
486242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 14:56:27 GMT
viewability
hal900012.redintelligence.net/ Frame 062B 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/viewability?s=54117900021540200710584011871012&a=fea38694&vb=m
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=54117900021540200710584011871012&a=cb655710
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900012.redintelligence.net/request_content.php?s=54117900021540200710584011871012&a=cb655710
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Tue, 15 Feb 2022 06:00:29 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 062B 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 21:39:33 GMT
x-content-type-options
nosniff
age
30056
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13072
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:17:36 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 14 Feb 2023 21:39:33 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 062B 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900012.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 14:56:27 GMT
x-content-type-options
nosniff
age
486242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13080
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 18:10:26 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 14:56:27 GMT
dc_pre=CNSYvICEgfYCFeTp5godKtUCPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6959954311138.259
adservice.google.com/ddm/fls/z/ Frame 70C0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNSYvICEgfYCFeTp5godKtUCPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6959954311138.259
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CNSYvICEgfYCFeTp5godKtUCPA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6959954311138.259?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CJeWvICEgfYCFcrd1Qod4P4DpA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8683384324784.997
adservice.google.com/ddm/fls/z/ Frame 690B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJeWvICEgfYCFcrd1Qod4P4DpA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8683384324784.997
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJeWvICEgfYCFcrd1Qod4P4DpA;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8683384324784.997?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd620a0107504225be3daeba2493ca00a417aa555fd9dd2157d4b536e4cff56a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 15 Feb 2022 06:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9800
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 06:00:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 15 Feb 2022 06:00:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8A8E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Feb 2022 21:40:35 GMT
expires
Tue, 14 Feb 2023 21:40:35 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
29995
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4664 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
74e6dd2b93128178d7baa364dcb9c405ceb6390bb650b733d893cb8ba20cc35a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GAgkhVC2q9RGCtGv9ZdPMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 15 Feb 2022 06:00:30 GMT
date
Tue, 15 Feb 2022 06:00:30 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-GAgkhVC2q9RGCtGv9ZdPMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
pagead2.googlesyndication.com/bg/ Frame 8A8E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 19:50:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
36607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13554
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Feb 2023 19:50:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4664 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020901&jk=765953607898558&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 8A8E 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020901&jk=765953607898558&bg=!m5ilmNzNAAbAtJCDwLQ7ACkAdvg8WgzxJlDwGpjvFuNYkfBSIYHw441BNsMnzO_NieWlLMxV0eEq8gIAAABkUgAAAAJoAQeZArgDdaMKVzuaiv3HN8o4V3PPvktLvEOF6G0ImQWuOEnPjVETIe6SbRGpSRqHSxghLN-CmAcxOP8QiXM9SqGMOXb24k_1VNZDfri8E4vJGUK52-2OIDtOdZvbDUExrb7MDHB1ZRzKHdHYNjJa6gW_nPG7iUI6i9B17WgsBtOuTNnkvtj0EMb9c9nEbygewMfF585oF7K8AfOQrQzzcndFjoGWCkbalLxtJYmAr9QvuhCNiiKn8ZV1bEbXh2T3r3dV7UudWrZ-poSDXweo3IXmh4Jz7sfJ964CD0zZAiWLUq2wQiaz0SnJKmY-A2y7yrTPMcPfvklA-1mKzMaOhkVZvnDv0FcGIQ6XubcDqyttdTZlz23Le18h7FeaE4mI117BBIoZJcmDkEcheRIamHmSRxcO9TEbe2LxQ5CmwpA5QWwiZ8fsvJZTK9-ehximDr4IoYYw4i4wkqtJ0yEvzjrHSNOw0-WemGKvhxPQMKp3xm3eNSljw67sEENLWPw9QDRqXlBDm3EG9lrSHI1u5PLg3uhh7b5VnWkWzBK_0odSgtNzGTDdvBK2SwKyo1oZT_sqxEPTj9-Db_LjZoxWvIMtx6bMvhNItTfWwf_MONGsEmnnouL3fSrggyLAXLS-LHIo-euO9swBtFuSvFJ16KsxS6QzGDTryxWu5QHZEkEGmfFxwRJCY4-szYST1rrkuXWCEp4zZExbuRpuZJPdW4lUnKMwHM5s8WvkP256tBLuP0K4rD6yX2FXUkldnR2iV6aOLU4_VWh2I3N31BuYVZtmLrUqLOwDGHVsrbyMFwRir1L9dVNCIKJ3k7_AkmhXzjBUMZQqjFLRBgLY3ORtMdtpSXXA0sUGfCxFGAF1mMoGU-3PmdKby6zJ_3lnif0SUNsMfFic71RzO8HCP4iQi1DON7SleDqFjS-z0UQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Feb 2022 06:00:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
ifunny.co/api/v1/ 		2 B
827 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ifunny.co/api/v1/rum
Requested by
Host: static.ifunny.co
URL: https://static.ifunny.co/dist/ifunny/assets/51.341fd334.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.134.113.246 , United States, ASN397341 (XL-103-397341, US),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ifunny.co/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 15 Feb 2022 06:00:30 GMT
x-content-type-options
nosniff
app-version
website_ifunny-release_website_v2_14.02.2022-120
surrogate-control
no-store
cross-origin-resource-policy
same-origin
content-length
2
pragma
no-cache
referrer-policy
same-origin
server
nginx
cross-origin-opener-policy
same-origin
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://ifunny.co
access-control-expose-headers
x-requested-with, x-csrf-token
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(),autoplay=(),camera=(),document-domain=(),encrypted-media=(),fullscreen=(),geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),screen-wake-lock=(),sync-xhr=(self),usb=(),xr-spatial-tracking=()
access-control-allow-headers
x-requested-with, x-csrf-token
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?_ZsvaA

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| PREBID_CONFIG object| pbjs object| googletag object| __INITIAL_STATE__ string| STATIC_URL string| LOCALE string| DATE_PICKER_LOCALE string| RUM_TAG function| gtag object| dataLayer function| pbjsChunk object| _pbjsGlobals object| vdp_translation_en object| ggeac object| google_js_reporting_queue object| TRANSLATIONS object| webpackJsonp function| setImmediate function| clearImmediate object| __SVG_SPRITE__ function| onYouTubeIframeAPIReady object| monitor object| google_tag_manager undefined| google_measure_js_timing object| google_tag_data object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady string| GoogleAnalyticsObject function| ga object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gaplugins object| gaData object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

24 Cookies

Domain/Path Name / Value
ifunny.co/ Name: x-csrf-token
Value: 0896d8fda7447dbfeb22a5406da734f4
ifunny.co/ Name: CID
Value: 3bbfeaa0ab862a20c3bc751ec91de1f6591268e69c60aa960bdd4370e957ed3e.697a87fb3a2112ce
ifunny.co/ Name: sound
Value: off
ifunny.co/ Name: viewMode
Value: list
.youtube.com/ Name: YSC
Value: jjekZ5Iebrc
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: HnFtZIsj8k4
.ifunny.co/ Name: _gcl_au
Value: 1.1.571316451.1644904829
.ifunny.co/ Name: _ga
Value: GA1.2.1726880152.1644904829
.ifunny.co/ Name: _gid
Value: GA1.2.1722586497.1644904829
.ifunny.co/ Name: _gat_gtag_UA_23094255_1
Value: 1
.ifunny.co/ Name: __gads
Value: ID=60464eae2eddd75d-22ff8a3541cd0032:T=1644904828:S=ALNI_MZTDun9tmAzIAb-0BMZ5e2aAtFSAA
.doubleclick.net/ Name: IDE
Value: AHWqTUmohApZsyWmbkSKGT7OTaIoQfMnKIP1n_FNGhrd5WeFxDDzQu65Ksdt6ZGXNYU
.casalemedia.com/ Name: CMPS
Value: 3267
.casalemedia.com/ Name: CMID
Value: YgtBfcmtno96gbtozSjk6wAA
.casalemedia.com/ Name: CMPRO
Value: 1156
.casalemedia.com/ Name: CMST
Value: YgtBfWILQX0A
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2ImRu!x3h!@wnfH8K6pQK`!5=E<*L5?%K/gMU0*cz-+dj)phz5c9u9i)yNX@<dbHl)QV1%nugO%v4VB%nn7h)zc1U
.adnxs.com/ Name: uuid2
Value: 286524024464339511
.casalemedia.com/ Name: CMRUM3
Value: 2d620b417d2760CAESEHg4hX5Z34rk23CUv3k9Ks8
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 706f6b8849708730
.awin1.com/ Name: awpv14098
Value: 296283|1644904829|94125900-8e24-11ec-afda-2235ec938b8e
.awin1.com/ Name: awpv22610
Value: 296283|1644904829|9412ce30-8e24-11ec-afda-2235ec938b8e
.awin1.com/ Name: awpv18332
Value: 296283|1644904829|94131c50-8e24-11ec-b50a-2265e04fa232
.awin1.com/ Name: AWSESS
Value: 376776:2601050

8 Console Messages

Source Level URL
Text
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://prebid.ad.smaato.net/oapi/prebid
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js(Line 17)
Message:
<link rel="webbundle"> is deprecated. See migration guide at https://bit.ly/3rpDuEX.
other warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020901.js(Line 17)
Message:
<link rel="webbundle"> is deprecated. See migration guide at https://bit.ly/3rpDuEX.
other warning URL: https://ifunny.co/
Message:
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=765953607898558&correlator=1231529604365124&output=wbn&wbsu=d0aaa66a-e71a-4bfa-b63e-f244acf008b4&callback=googletag.wbn1&eid=31063224%2C31060545%2C31064539%2C31063878&output=wbn&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=1361489614%2Cifunny_web%2Cifunny_web_desktop_feed&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1644904828745&lmt=1644904828&dlt=1644904827363&idt=1154&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=4426&adks=1329812439&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fifunny.co%2F&vis=1&scr_x=0&scr_y=0&psz=580x696&msz=580x0&ga_vid=1726880152.1644904829&ga_sid=1644904829&ga_hid=2016059270&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1: WebBundle format "b1" is deprecated. See migration guide at https://bit.ly/3rpDuEX.
other warning URL: https://ifunny.co/
Message:
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=765953607898558&correlator=1231529604365124&output=wbn&wbsu=d0aaa66a-e71a-4bfa-b63e-f244acf008b4&callback=googletag.wbn1&eid=31063224%2C31060545%2C31064539%2C31063878&output=wbn&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=1361489614%2Cifunny_web%2Cifunny_web_desktop_feed&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1644904828745&lmt=1644904828&dlt=1644904827363&idt=1154&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=4426&adks=1329812439&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fifunny.co%2F&vis=1&scr_x=0&scr_y=0&psz=580x696&msz=580x0&ga_vid=1726880152.1644904829&ga_sid=1644904829&ga_hid=2016059270&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1: urn:uuid resource URL in WebBundles is deprecated. See migration guide at https://bit.ly/3rpDuEX.
other warning URL: https://ifunny.co/
Message:
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=765953607898558&correlator=967846670761774&output=wbn&wbsu=bcbcf8d7-6374-4a95-9af9-e0e42814e4e9&callback=googletag.wbn2&eid=31063224%2C31060545%2C31064539%2C31063878&output=wbn&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=1361489614%2Cifunny_web%2Cifunny_web_desktop_feed&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1644904828755&lmt=1644904828&dlt=1644904827363&idt=1154&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=1267&adks=2144437091&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fifunny.co%2F&vis=1&scr_x=0&scr_y=0&psz=580x1026&msz=580x0&ga_vid=1726880152.1644904829&ga_sid=1644904829&ga_hid=2016059270&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1: WebBundle format "b1" is deprecated. See migration guide at https://bit.ly/3rpDuEX.
other warning URL: https://ifunny.co/
Message:
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=765953607898558&correlator=967846670761774&output=wbn&wbsu=bcbcf8d7-6374-4a95-9af9-e0e42814e4e9&callback=googletag.wbn2&eid=31063224%2C31060545%2C31064539%2C31063878&output=wbn&gdfp_req=1&vrg=2022020901&ptt=17&impl=fif&sc=1&sfv=1-0-38&ecs=20220215&iu_parts=1361489614%2Cifunny_web%2Cifunny_web_desktop_feed&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1644904828755&lmt=1644904828&dlt=1644904827363&idt=1154&frm=20&biw=1600&bih=1200&oid=2&adxs=450&adys=1267&adks=2144437091&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fifunny.co%2F&vis=1&scr_x=0&scr_y=0&psz=580x1026&msz=580x0&ga_vid=1726880152.1644904829&ga_sid=1644904829&ga_hid=2016059270&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1: urn:uuid resource URL in WebBundles is deprecated. See migration guide at https://bit.ly/3rpDuEX.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
adservice.google.com
adservice.google.de
cdn.jsdelivr.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
geoip.ifunny.co
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900012.redintelligence.net
hal900025.redintelligence.net
ib.adnxs.com
ifunny.co
imageproxy.ifunny.co
img.ifunny.co
pagead2.googlesyndication.com
prebid.ad.smaato.net
securepubads.g.doubleclick.net
static.ifunny.co
stats.g.doubleclick.net
tpc.googlesyndication.com
uuid
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
tpc.googlesyndication.com

104.111.239.217
138.201.63.165
138.201.84.245
142.250.185.162
142.250.185.198
142.250.185.226
142.250.186.66
18.66.246.127
2.21.141.232
2606:4700::6810:5814
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
2a00:1450:400c:c08::9d
37.252.173.215
38.134.113.246
63.33.40.108
65.9.64.129
94.130.102.164
0370bd7ba61456c388e934048e999c25b996999cb04a8b633b251cd8317021d2
0407b706128e672e5373e3291c030e785a364e458162ea64bad0356c4069382a
06b89615824177c02fe88a115183da6905bd3bb4d5136997ca35a0bdfa86f422
083ec931e5517a4ab713afbe9561e72b9186cb54e21b8b1eface9caefb54a966
08a4dbce746a8b0f482404296cc2822dff339d2b013d6d527e38888566b401fa
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be9e04c94f9e0d6b441af41d61e1c9df7db72aeabbbc31d3ebe922105ce457e
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0df82887d9cfcf460959ff21a619c83ceddccb6a5ab72036e7f92983237ea9e1
123ac86ef11dee26bfe00fccb1ebf2205885ea50304b91f235c17f8002b83fbe
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1959151fed81e54be8ea93e89fde1beb8c3aeec81e7e9c18ed2bbe0cc399d5df
19b89eddbad4bbcc11fb20f641041535ea3b5ec42f8fdb5298959a34f7e7c34e
1ad2c6c994c610ea48a727e2ea4b7496fac84cad20d613294b8f0e5a847c84ac
1e8425b8d15bda7d9bd16f5d0b107be1b18266a861f1fe55c9c044858aa61dc2
2217380d4866744cd67af31372094d0138038190fab6ffd7277e41d4ccc4e769
222559bf05f85983d3880e26e799d371aee27cf0c104b35454ba0c7f718cce35
2de941118ed9f8691b2fe25606e1ed3d39634ab204447e22148add3bdc4dfb17
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3c2808394430f411a74c3afe5866fcc4ffba512d30f61b4361910e302ad494cc
3ce475a83683ee10ad55664557fa4481f7b5c17fddd2b868486eb78113d9e568
420fbd505becc0975bb7a7e46a65b87e24a2c76bf51870a9c0bb62624e02a3ac
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
43ee6cb7c61d8f2effbe552d50b7848f228c31c6554cbbeabaeac61361c4fc5d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49fb33b615df74b726f12d68c646c5c773185016aa5dba24ef471355246219d7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5f69eec589fc45efd2c6326041de1ed467ce1091a4fa7c96b13100b482b5f15a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63c5b0ddd19f5b0d96605586f41563a3a49e6160e54364c9f6e7251769687de7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
74e6dd2b93128178d7baa364dcb9c405ceb6390bb650b733d893cb8ba20cc35a
751cdce6dd3a080789741ce6f5b49695042cc2cfff6c0a22548b1097b3e30aad
75bf3b156ab92b7bed613595b5265119099118d3a57d62297fc2575b187dacb6
7acaa4e25d73d23db3e1d40bb567eb7ac6602b73eb31a27996abbc17ce7610d5
7b1bfd9059cb1ca1e872b2087b47f775e5c5bdc73682709640805b0c10cc2bff
7fe0f484607f4596fc08c251ee445d75818b970c9a72517b600a7a7000d4752e
81263e59b9fc46c52f5dc961bc12a0b5697c8945d6d10b707f027406bed0a006
823b1e920d6746ffc7d7b4521a9c79009928b96b0811809655ae827b3dfc7643
8692c8057398fe2881f39da4a81f1e5d6dd70d8827c6f01908305ef2c69f0c0e
8a4fd9dc6db644313269ca0055f0cef11c1361c8879480f45393332ae2c8e027
937ca5e2bedc9382577fbb7554aa45f85088ba1d91a4cfb96e5aa89a63379b05
984e32207998881103dc2e43021b9ee4a2b12cd1ca05dd860d8e9e873045506d
9f9ba5bca130a17130e0c71e860a525080bee7b44f2691082e7516c9d48097ab
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d4d976dc948573d2b90ef12cbd704e632585dc739ad33e49179004e21f7d29
a1fc1430cd75c53c33175084b982a96bf011411382359e98c9c327f7c229acae
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d1c458c3a21c68d616258b3f7e52402a0270c929719ab0b2e11176655a8fb5
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b33d59ce48490dc1354b63e45f04e4801ed1919923dc6ced162de77ba882e17a
c000de90023905d2927090b2644839d199f9d916d5877bc2e0b5a841bbe6ad21
c164b12b3d6d7bc2b41ce98d86bca30ed04874d132a42686a24f01c96f209c72
c50900e02ce94bb084241a78f25104aee388af23cee758b982af9e62e7c10bc9
c77a219ec0a4a3e629bf72efb808b74be7d69ceecb4e0e4190af614eb06ea229
ccf047f1504394fc5f895636caba122c65e90ea2d2581c6da6a683e2c67f5c5f
cd0798af7f8b8d1b97a557a4ebb86c609fda290e9088bf70c04b51b919dce596
cd620a0107504225be3daeba2493ca00a417aa555fd9dd2157d4b536e4cff56a
d0850f1edfc2a2621c5fe19351e8840545ad7810e0854e4fdc862fa70c5139d9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfcf4cdd3dbffc11a241ecc44945650f47f413a08faa52247e5120da3b9907ad
e325298ed4642401a2d3aeccac03e2eac71625e2009be3880ee1f751978457d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c954fa61b02c3847f59ac9b5767f7dd987d1779b110ec61a17c8cca93420af
e59b9039edf5ac2810e6048e07192caff7b7393912650d0284c5a37ba4f5c3df
e85bc0716c0ade84baaff9e903939d3e57425d47d8767fc70b672db767880757
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e090c830beaa69ad6de77b6aed740191947b7bee218151ad5b9b58062d7ba9
f63b0867e519bc4790d7eda9e0cf5d54b9db0448ca2a409486e1d44b4ebb23f6
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
fb00f6d83f7fe6c657d029a26fabef1da16c128a16e61c92091596bc575e6a91