ip.sb Open in urlscan Pro
2606:4700:20::681a:c1f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ip.sb/
Effective URL:
https://ip.sb/
Submission: On December 19 via manual (December 19th 2023, 3:39:38 pm UTC) from US — Scanned from DE

Summary HTTP 53 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 6 domains to perform 53 HTTP transactions. The main IP is 2606:4700:20::681a:c1f, located in United States and belongs to CLOUDFLARENET, US. The main domain is ip.sb. The Cisco Umbrella rank of the primary domain is 182187.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 5th 2023. Valid for: a year.

This is the only time ip.sb was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:20:... 2606:4700:20::681a:c1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.222.139.69 52.222.139.69	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:fb2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	104.26.13.31 104.26.13.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a09:0:13::9 2a09:0:13::9	34549 (MEER-AS m...) (MEER-AS meerfarbig GmbH & Co. KG)
16	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
53	10

16 2606:4700:20::681a:c1f (United States)

ASN13335 (CLOUDFLARENET, US)

ip.sb	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.139.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-69.ams50.r.cloudfront.net

cdn.wwads.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:fb2 (United States)

ASN13335 (CLOUDFLARENET, US)

stat.xtom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.13.31 (None, )

ASN13335 (CLOUDFLARENET, US)

ipv4.ip.sb	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a09:0:13::9 (Germany)

ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE)

ipv6.ip.sb	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	ip.sb ip.sb — Cisco Umbrella Rank: 182187 ipv4.ip.sb ipv6.ip.sb	309 KB
17	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404 www.google.com — Cisco Umbrella Rank: 2	74 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	248 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	11 KB
2	xtom.com stat.xtom.com	2 KB
2	wwads.cn cdn.wwads.cn — Cisco Umbrella Rank: 140433	21 KB
53	6

	Domain	Requested by
16	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
16	ip.sb	ip.sb
7	pagead2.googlesyndication.com	ip.sb pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	stat.xtom.com	ip.sb stat.xtom.com
2	cdn.wwads.cn	ip.sb cdn.wwads.cn
1	www.google.com	tpc.googlesyndication.com
1	ipv6.ip.sb	ip.sb
1	ipv4.ip.sb	ip.sb
53	10

This site contains links to these domains. Also see Links.

Domain
sa.net
www.sb
dns.sb
sm.ms
u.nu
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-05` - `2024-06-04`	a year	crt.sh
cdn.wwads.cn Amazon RSA 2048 M03	`2023-11-11` - `2024-12-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
xtom.com Cloudflare Inc ECC CA-3	`2023-05-05` - `2024-05-04`	a year	crt.sh
ipv6.ip.sb ZeroSSL ECC Domain Secure Site CA	`2023-11-29` - `2024-02-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://ip.sb/
Frame ID: 8FC57F8381C98C986355F7008F792763
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: ED91FCFABF211C993E5446EB11AB271C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8974391898835059&output=html&adk=1812271804&adf=3025194257&lmt=1703000374&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fip.sb%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703000374301&bpp=7&bdt=314&idt=272&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4099179428787&frm=20&pv=2&ga_vid=1757408564.1703000375&ga_sid=1703000375&ga_hid=1789871477&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080103%2C44795922%2C44809530%2C95320885&oid=2&pvsid=3251345792258570&tmod=1366138745&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=281
Frame ID: 069E75B445AF9E9B459E5B3467B653CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8974391898835059&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1703000374&rafmt=1&to=qs&pwprc=2225811165&format=1200x280&url=https%3A%2F%2Fip.sb%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703000374308&bpp=1&bdt=321&idt=281&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4099179428787&frm=20&pv=1&ga_vid=1757408564.1703000375&ga_sid=1703000375&ga_hid=1789871477&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080103%2C44795922%2C44809530%2C95320885&oid=2&pvsid=3251345792258570&tmod=1366138745&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=283
Frame ID: B8E1B36BE14CA88BD02CDE9E1CC9ABA3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8974391898835059&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703000375&rafmt=1&to=qs&pwprc=2225811165&format=1200x90&url=https%3A%2F%2Fip.sb%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703000374955&bpp=1&bdt=968&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8997b87a9c51e39%3AT%3D1703000374%3ART%3D1703000374%3AS%3DALNI_MbVbycpW_SYef6vgv5vOJCMQqHydw&gpic=UID%3D00000ce6b3cbea1c%3AT%3D1703000374%3ART%3D1703000374%3AS%3DALNI_Mb6L-LAmkuj2EqTa30WKL2sL2VyhQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=4099179428787&frm=20&pv=1&ga_vid=1757408564.1703000375&ga_sid=1703000375&ga_hid=1789871477&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1400&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080103%2C44795922%2C44809530%2C95320885&oid=2&pvsid=3251345792258570&tmod=1366138745&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=125
Frame ID: EECBE9D2FAFFF8D6FD50BA384D268485
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5A427F98EBDBEAF33E11456DD0A6D314
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CAFF4642BE75C0EEF8951D8B46E5E701
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IP Address Lookup / IPv4 / IPv6 - IP.SB

Page URL History Show full URLs

http://ip.sb/ HTTP 307
https://ip.sb/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

100 %
HTTPS

80 %
IPv6

6
Domains

10
Subdomains

10
IPs

3
Countries

664 kB
Transfer

1703 kB
Size

10
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://sa.net/r/18
Title: 点击传送

Search URL Search Domain Scan URL

URL: https://sa.net/r/19

Search URL Search Domain Scan URL

URL: https://www.sb/
Title: SB Professional Services, LLC

Search URL Search Domain Scan URL

URL: https://dns.sb/
Title: DNS.SB

Search URL Search Domain Scan URL

URL: https://sm.ms/
Title: SM.MS

Search URL Search Domain Scan URL

URL: https://u.nu/
Title: U.NU

Search URL Search Domain Scan URL

URL: https://t.me/sbfans
Title: Telegram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ip.sb/ HTTP 307
https://ip.sb/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ip.sb/
Redirect Chain

http://ip.sb/
https://ip.sb/

19 KB
4 KB

83ms
45ms

Document
text/html

2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0516f7cad49e745b6efe2729c1f5b2e0dda189cb6126a71a84fd83f7cb97cb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8380bd312bbb5d9c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 15:39:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrIvHMOCIIsfNORsV%2Fty3GwGvNhKFfJLVncLylJqPYD4GFNyDi2i09rJPj%2BihMbkjbZNr5fTJN%2Bm36sQ%2BjSmdfCB%2F0wZ5YLiz3qrvFVRQjQqx7D2qHgncdCXLdyUH6DzXoXw"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-custom-job: If you see this header, please contact sb@sb.sb for a job
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://ip.sb/
Non-Authoritative-Reason: HSTS

GET
H2 200 bootstrap.min.css
ip.sb/assets/bootswatch-4.5.2/pulse/ 172 KB
25 KB 34ms
32ms Stylesheet
text/css 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/assets/bootswatch-4.5.2/pulse/bootstrap.min.css

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b5073b0f69b0613296ef7a27e6fbde0e0c47a43f583cd36d8bfdda224804061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1673647
content-encoding: br
x-custom-job: If you see this header, please contact sb@sb.sb for a job
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Dec 2022 23:18:10 GMT
server: cloudflare
etag: W/"639270b2-2b1fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKL5fl7Nr99WOzIRjafNVrjOuE%2BJ6a%2BmGwk5OncgSmdcg7JWSETWnx3XElaNE11sJ2ohDH0EbitE0VqfALmObzeVYR7ZAYs2gtNgilRKP6NjyA7Xpie4NdwJpVkwY5lzjZoD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
timing-allow-origin: *
cf-ray: 8380bd317c2b5d9c-FRA

GET
H2 200 all.min.css
ip.sb/assets/font-awesome-5.14.0/css/ 58 KB
13 KB 36ms
35ms Stylesheet
text/css 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/assets/font-awesome-5.14.0/css/all.min.css

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1843128
content-encoding: br
x-custom-job: If you see this header, please contact sb@sb.sb for a job
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Dec 2022 23:17:41 GMT
server: cloudflare
etag: W/"63927095-e637"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FIduIOtlBlpMvOXow%2FUUwjgv1WhBsuAI2OS6zv1lWZQ8cj9mMhz7e2UHiMU3%2FRbBMLFEF8bFjvKFAVmeNhqJn94iVP8bMSCO0k3RDRNE4os%2B6VaPu55ZZuWGheamudW7Ggn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
timing-allow-origin: *
cf-ray: 8380bd317c2f5d9c-FRA

GET
H2 200 bootstrap_fix.css
ip.sb/assets/css/ 5 KB
2 KB 49ms
47ms Stylesheet
text/css 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/assets/css/bootstrap_fix.css?ver=20210930

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e39e4c0d02627f829498a122a0ea4b4348c0af74af8dc61bb979c0171e5a254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1915303
content-encoding: br
x-custom-job: If you see this header, please contact sb@sb.sb for a job
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Sep 2021 04:20:40 GMT
server: cloudflare
etag: W/"61514698-1366"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hqhIPCGmTKBIVArVlbMdL5cunMOuhqGucQueO4LhaMssmyO%2FTRmmbp8djpQzIj8yBWMgUiSF%2FlQRg6LX7WocuHAmIeJF%2FCipPWF964Evv1igkKyd3CyK3LVCcZXdE8PsRLS1"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
timing-allow-origin: *
cf-ray: 8380bd317c305d9c-FRA

GET
H2 200 style.css
ip.sb/assets/css/ 2 KB
1 KB 32ms
31ms Stylesheet
text/css 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/assets/css/style.css?ver=20210930

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

651134d37920a13e7f50bf2a218fa74d946227efad7257e02e347bd75f90505a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1915303
content-encoding: br
x-custom-job: If you see this header, please contact sb@sb.sb for a job
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Sep 2021 04:20:40 GMT
server: cloudflare
etag: W/"61514698-9e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdO4QSxhT5m%2B8CKCTBrJgtdjWLZqV7RrYLX7WuROp4R1WWI7IzUScM1uBuvnJVpwyJ37f53zJSz9G%2FoO1TrlVbiLS4ffL7uI%2Bb3BybbNGDaVrRifIOqFJkSOU6t7ectPfnEV"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
timing-allow-origin: *
cf-ray: 8380bd317c315d9c-FRA

GET
H2 200 custom_dark.css
ip.sb/assets/css/ 4 KB
1 KB 35ms
33ms Stylesheet
text/css 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/assets/css/custom_dark.css?ver=20210930

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8a8207eb696c43c0a141dabbf250986e3efe5046b6a1bf01000af8e02a4cb10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1673647
content-encoding: br
x-custom-job: If you see this header, please contact sb@sb.sb for a job
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Sep 2021 04:20:40 GMT
server: cloudflare
etag: W/"61514698-ec3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwJHpumrY9OrKB8B7c2wx%2FXBUEBEeRTCB09bFE3ewgVBWbKcW69MSfKVDchBn07cd6t0rf%2BQfj24atc23GzRWYjJB790PjbnqrOXZmx6zUAHPwfeXgPT3Y5oju9egOO6bspi"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
timing-allow-origin: *
cf-ray: 8380bd317c335d9c-FRA

GET
H2 200 jquery.min.js Show response
ip.sb/assets/jquery-3.5.1/ 87 KB
32 KB 57ms
56ms Script
text/javascript 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/assets/jquery-3.5.1/jquery.min.js?ver=20210930

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Thu, 08 Dec 2022 23:17:33 GMT
server: cloudflare
etag: W/"6392708d-15d84"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXXGp%2FZw6kgs5UhsPufObIAF5hUe%2Fmuaet%2FsV2Q3GdufGWfRx8FMxMyUB5lsF%2F9ZIzu2pmq%2FUAU569EKCng1EdjrZUajKuoJfBXyK03Ybrk5x%2BXBeXIeoTCbp6sAxXYWoTEq"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray: 8380bd317c365d9c-FRA
expires: Wed, 08 Mar 2023 23:17:33 GMT

GET
H2 200 makemoney.js Show response
cdn.wwads.cn/js/ 13 KB
7 KB 441ms
17ms Script
text/javascript 52.222.139.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wwads.cn/js/makemoney.js
Requested by: Host: ip.sb
URL: https://ip.sb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-69.ams50.r.cloudfront.net
Software: tencent-cos /
Resource Hash: 145f368dc146eb29b2d6e2a5730504d09f55a44509228f09d2c54a4152f0d553

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 01:58:39 GMT
content-encoding: gzip
via: 1.1 9fce949f3749407c8e6a75087e168b46.cloudfront.net (CloudFront)
x-cache-lookup: Cache Hit
x-amz-cf-pop: AMS50-C1
age: 1259170
x-cache: Hit from cloudfront
x-cos-request-id: NjU2YThmNGZfNzY5ODc4NjRfMTFhNGRfNmRlYjVi
alt-svc: h3=":443"; ma=86400
content-length: 6185
x-cos-hash-crc64ecma: 7900756055975171941
last-modified: Tue, 07 Nov 2023 10:11:15 GMT
server: tencent-cos
etag: "6f34908a0079b930c575195b97f2b826"
vary: Origin
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2592000
x-nws-log-uuid: 8231608038652975587
accept-ranges: bytes
x-amz-cf-id: QNy_EtLfpx_yHTfZ-obN4G2Vj2r-wwdoNpt6RcxvchlDrDHaORAdKg==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 140ms
60ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8974391898835059

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a82e8e45535d6b73d984b13f222cfe44a08c286e027b8ff4cfb4e0fbb0ed1aae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ip.sb/
Origin: https://ip.sb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51485
x-xss-protection: 0
server: cafe
etag: 16364535224946665555
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:39:34 GMT

GET
H2 200 rivencloud_ads.gif
ip.sb/assets/images/ 76 KB
77 KB 39ms
38ms Image
image/gif 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ip.sb/assets/images/rivencloud_ads.gif

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3a9e1c4e31743108f8c71c0d4176e32e7584b9da3b318ed04caddeecbf9d639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 387740
cf-polished: status=not_needed
x-custom-job: If you see this header, please contact sb@sb.sb for a job
alt-svc: h3=":443"; ma=86400
content-length: 78171
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Mon, 27 Sep 2021 04:20:41 GMT
server: cloudflare
etag: "61514699-1315b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4y9kQJX1GdctJ%2BKceSzHTePqt8TS7%2FHM6jxMstz8RJ53UPAHd8Vl6trvOhPGUz1o9M%2FPPufX6XR5KVLIYjKapFNoahQ%2BKxLQC2zR%2BkM0GoUHGgFKK%2BH0Rwtsx5BeckHCU%2FR"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8380bd317c385d9c-FRA

GET
H2 200 popper.min.js Show response
ip.sb/assets/js/lib/bootstrap/js/ 20 KB
8 KB 50ms
49ms Script
text/javascript 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/assets/js/lib/bootstrap/js/popper.min.js?ver=20210930

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c01f7706eea46cb1e2ac3f19a42c826d0f91df1dd2aea40974642d265f560e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 27 Sep 2021 04:20:41 GMT
server: cloudflare
etag: W/"61514699-5037"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2Fom9NqzoEwMS1EOf6xTAZ0nzs%2FOFqQz9einRLhPq1vCQNhrL0%2FbvXGE8lEuV%2FeMmtkGeoFJkY8Xp4klmXBPrLyJ3bLXLPrzBIrN9TjOkuK%2F5b0Np5JFCWRWj0g7d6NZVWTI"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray: 8380bd317c3b5d9c-FRA
expires: Sun, 26 Dec 2021 04:20:41 GMT

GET
H3 200 bootstrap.min.js Show response
ip.sb/assets/twitter-bootstrap-4.5.2/js/ 59 KB
16 KB 35ms
34ms Script
text/javascript 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/assets/twitter-bootstrap-4.5.2/js/bootstrap.min.js

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Thu, 08 Dec 2022 23:16:48 GMT
server: cloudflare
etag: W/"63927060-ea8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvsUbyEIUzE5cyjMngPLD9kGvv0P%2F4iwo%2FfMVk444QyG6WUAbN82iMK3NzYBAs98jeF%2FfBRnlHgWvd0skJp%2BhH3zVP6EK9Jj1oGBiPW%2FBiBfaOyN0NyxX%2BlwmdVWBe5m3jOe"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray: 8380bd322a4e1c1c-FRA
expires: Wed, 08 Mar 2023 23:16:48 GMT

GET
H3 200 jquery.tablesorter.min.js Show response
ip.sb/assets/js/lib/tablesorter/ 42 KB
15 KB 51ms
51ms Script
text/javascript 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/assets/js/lib/tablesorter/jquery.tablesorter.min.js?ver=20210930

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61f5a644c22748fe117958b788445a2e8c9475f078eba803e42cf5f0e5f491ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 27 Sep 2021 04:20:41 GMT
server: cloudflare
etag: W/"61514699-a9fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xm5qkAdvwfsRg93ra3ix7OfTAmKHn%2B6OCMziHdzjHk0uceb3fHc1vYQ074iAxkxq534V%2BdLm44W%2BjINpHAtTKKSQkmwybyyqY%2BxkxOpIo1gvYzvNw%2FxxBZO17F2rSp38EnzQ"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray: 8380bd323a771c1c-FRA
expires: Sun, 26 Dec 2021 04:20:41 GMT

GET
H3 200 app.min.js Show response
ip.sb/assets/js/scripts/ 68 KB
23 KB 47ms
47ms Script
text/javascript 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/assets/js/scripts/app.min.js?ver=20210930

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c65faf05e89baac0d8bdc5ae4467c9bc5e5ea5e1ff23f134aa3c812694aa80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 27 Sep 2021 04:20:41 GMT
server: cloudflare
etag: W/"61514699-11194"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W06LJbZMtQIMHCYmOMnJc1UFOTWQGAioFV18r6F0xNRVTsshBSVEfKvGG0FDSwOaLP1X4a4MGHPpx8ZiOMcnNO9lMHrvKjAndlMg137hskki7WELsHOZ%2FFNXat9MVvDORgEw"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray: 8380bd324a911c1c-FRA
expires: Sun, 26 Dec 2021 04:20:41 GMT

GET
H3 200 layer.js Show response
ip.sb/assets/js/lib/layer/ 22 KB
8 KB 46ms
46ms Script
text/javascript 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/assets/js/lib/layer/layer.js?ver=20210930

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 27 Sep 2021 04:20:41 GMT
server: cloudflare
etag: W/"61514699-5664"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWKrtXsid9nY%2BZ834QPG5B9L9wLtriqbxdLpwKqLyfpaDj1BM600cnL3XeN8PSfcRT0k%2BH4sQBB4eZ5aAdRmLDINtB8BCd7mIgEKaGfliL5q8GamE43o6slXLfNk98eXyfu3"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray: 8380bd324a8c1c1c-FRA
expires: Sun, 26 Dec 2021 04:20:41 GMT

GET
H3 200 wwads_blocked.js Show response
ip.sb/assets/js/ 3 KB
2 KB 49ms
49ms Script
text/javascript 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/assets/js/wwads_blocked.js?var=20210930

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85b5c247fc2f3d1dfeca521bcae58f41f6655e6c50222308b32e0c1737cf3c6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Mon, 27 Sep 2021 04:20:41 GMT
server: cloudflare
etag: W/"61514699-d71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63%2FYs0xbYD63biSrKyXvgBvd%2F2ZvRj088UNg7CKBMxLgxiT%2B15AJUkCHrSruX43%2Bjfv7m3GqkBWpj6DjUgc0KxayvW1oJ%2B%2BKeqIg4%2FKmU6%2FCCTxS3mePCFFideB%2F5%2FhOI6gw"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: public, max-age=14400, must-revalidate, proxy-revalidate
cf-ray: 8380bd324a8f1c1c-FRA
expires: Sun, 26 Dec 2021 04:20:41 GMT

GET
H2 200 plausible.js Show response
stat.xtom.com/js/ 1 KB
1 KB 99ms
18ms Script
application/javascript 2606:4700:20::681a:fb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stat.xtom.com/js/plausible.js

Requested by

Host: ip.sb
URL: https://ip.sb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fb2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35323
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 19 Dec 2023 01:37:39 GMT
server: cloudflare
vary: Accept-Encoding
onion-location: http://statstjuguphht2qp6zsued43unrhsooa6kp2c3zibdw3xpnidxiprid.onion/js/plausible.js
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2Fb9u0cd1PYv5oB%2FKpbU7JhWJ7qlFS83tDhnFLIJT0%2BE6toJpTFy00m8GuRkGx7XCZ7nNXWrZY9Ty84hhLxoHxydcIahFn69bI9DTR3kE4621F8O1IkZbjSVGzwFcWS9mazT1IYvNRASQ5o%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400, must-revalidate
cf-ray: 8380bd32cd583a72-FRA

GET
H3 200 fa-solid-900.woff2
ip.sb/assets/font-awesome-5.14.0/webfonts/ 78 KB
79 KB 33ms
33ms Font
font/woff2 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/assets/font-awesome-5.14.0/webfonts/fa-solid-900.woff2

Requested by

Host: ip.sb
URL: https://ip.sb/assets/font-awesome-5.14.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ip.sb/assets/font-awesome-5.14.0/css/all.min.css
Origin: https://ip.sb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466881
x-custom-job: If you see this header, please contact sb@sb.sb for a job
alt-svc: h3=":443"; ma=86400
content-length: 80148
x-xss-protection: 1; mode=block
last-modified: Thu, 08 Dec 2022 23:18:01 GMT
server: cloudflare
etag: "639270a9-13914"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZXPJiRnIKpXe%2BdzC9kCHxg5wMnrEi6Vra%2FDbBXPV3laJXrg6oht3M7jaTpCO5alXszeGgwKhIUe8Z4e0bUlZZ1dakpKuLXTKcHS5UB2JSYyfzLmt%2BXbRmPXJ3ZPk0w89ia0"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8380bd324a981c1c-FRA

GET
H3 200 layer.css
ip.sb/assets/js/lib/layer/theme/default/ 14 KB
3 KB 27ms
27ms Stylesheet
text/css 2606:4700:20::681a:c1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ip.sb/assets/js/lib/layer/theme/default/layer.css?v=3.1.1

Requested by

Host: ip.sb
URL: https://ip.sb/assets/js/lib/layer/layer.js?ver=20210930

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:c1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3401982
content-encoding: br
x-custom-job: If you see this header, please contact sb@sb.sb for a job
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Sep 2021 04:20:41 GMT
server: cloudflare
etag: W/"61514699-381f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLPutCW8LS5mKGlVoUzvfPGr%2F8JdBWsaK6%2BBpF6S8FHMLm0JgJLfPPNmr6i4tHk1teg5jLB4UgMu%2BKidtUP%2FV3c0NDXgHjtHg3hUz7cJtEmdP%2FQCNooiQlskwltDjRjRhrxE"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
timing-allow-origin: *
cf-ray: 8380bd329b011c1c-FRA

POST
H3 202 event Show response
stat.xtom.com/api/ 2 B
554 B 74ms
59ms XHR
text/plain 2606:4700:20::681a:fb2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stat.xtom.com/api/event

Requested by

Host: stat.xtom.com
URL: https://stat.xtom.com/js/plausible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:fb2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ip.sb/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: F6JF0UlEMzhuWBkHWvHB
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hO2dAfOpRZJD676yOuyX3hVqeooblHnyESo2bOla0OH8bMBK%2FrZSYu9ZZo12Xnk6dv524ErBe8CQhbAZ7oD4qKrkJKunIpMOMglUiu%2FA74befGPjX3cMestnSyHsD1WFESSp8eMNyanZm70%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 8380bd32fd9190da-FRA

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 136ms
86ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8974391898835059

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b2a9b89731f9fac6020ed97ede56a0defb23321534959417e69e40483001ebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137925
x-xss-protection: 0
server: cafe
etag: 17288171683103353850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:39:34 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame ED91 9 KB
4 KB 51ms
14ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8974391898835059

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ip.sb/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 58841
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 23:18:53 GMT
etag: 5585625838579639069
expires: Mon, 01 Jan 2024 23:18:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fp-3.3.6.min.js Show response
cdn.wwads.cn/js/ 32 KB
14 KB 37ms
15ms Script
text/javascript 52.222.139.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wwads.cn/js/fp-3.3.6.min.js
Requested by: Host: cdn.wwads.cn
URL: https://cdn.wwads.cn/js/makemoney.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 52.222.139.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-69.ams50.r.cloudfront.net
Software: tencent-cos /
Resource Hash: f15f969e1485e8b10611a04bcc48d4dc1731c1f88616f2989646d47565f31cb6

Request headers

Referer
Origin: https://ip.sb
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 14:11:47 GMT
content-encoding: gzip
via: 1.1 631cbe67f42dc4b925732ef1044517ca.cloudfront.net (CloudFront)
x-cache-lookup: Cache Hit
x-amz-cf-pop: AMS50-C1
age: 3139568
x-cache: Hit from cloudfront
x-cos-request-id: NjU0ZjhiYTNfZjFhYzE0MGJfZDA1MV8xMGViMzIwNg==
alt-svc: h3=":443"; ma=86400
content-length: 13805
x-cos-hash-crc64ecma: 13503797284175834550
last-modified: Fri, 28 Oct 2022 08:36:13 GMT
server: tencent-cos
etag: "b968eda3abc9f7b9e667e4c7d4de8ba2"
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=31536000
x-nws-log-uuid: 10384484386447311346
accept-ranges: bytes
x-amz-cf-id: tq1xYBfvUPnPzt1JTXFx1CACIlxIwF1ky94QehRpzxjfnbpl_zhq1w==

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 069E 15 KB
5 KB 351ms
350ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8974391898835059&output=html&adk=1812271804&adf=3025194257&lmt=1703000374&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x675_l%7C212x675_r&format=0x0&url=https%3A%2F%2Fip.sb%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703000374301&bpp=7&bdt=314&idt=272&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4099179428787&frm=20&pv=2&ga_vid=1757408564.1703000375&ga_sid=1703000375&ga_hid=1789871477&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080103%2C44795922%2C44809530%2C95320885&oid=2&pvsid=3251345792258570&tmod=1366138745&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=281

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

812e26249cbef516bc8b1f428b679970f10dd4d60b1865b764d44166196a7ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ip.sb/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5396
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 15:39:34 GMT
expires: Tue, 19 Dec 2023 15:39:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B8E1 706 B
554 B 332ms
332ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8974391898835059&output=html&h=280&adk=3809598800&adf=854766408&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1703000374&rafmt=1&to=qs&pwprc=2225811165&format=1200x280&url=https%3A%2F%2Fip.sb%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703000374308&bpp=1&bdt=321&idt=281&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4099179428787&frm=20&pv=1&ga_vid=1757408564.1703000375&ga_sid=1703000375&ga_hid=1789871477&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080103%2C44795922%2C44809530%2C95320885&oid=2&pvsid=3251345792258570&tmod=1366138745&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=283

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e91d2a039864c0c45089eec22f682e3789085240596f1f7ba6592b7ef58a0794

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ip.sb/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 15:39:34 GMT
expires: Tue, 19 Dec 2023 15:39:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 addrinfo Show response
ipv4.ip.sb/ 475 B
948 B 118ms
77ms Script
application/javascript 104.26.13.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipv4.ip.sb/addrinfo?callback=jQuery351015793001817269392_1703000374118&_=1703000374119

Requested by

Host: ip.sb
URL: https://ip.sb/assets/jquery-3.5.1/jquery.min.js?ver=20210930

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.13.31 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

710fdf60f8c64227ec60504a9fd57df93edbe3bf55a489cec5a5f9cbd47a3a96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PxLFVNwucG8bOisfTA56H26hovRQdltwYVFbtmW98V1aXLgoVJEhYh8RKuGKxl3IxgGG%2BLeNhuEMzU5D8lRtjxi%2FMkbuT6rPrLxVA9mEghTrz8Okv0VfHUKbGQ%3D"}],"group":"cf-nel","max_age":604800}
x-custom-job: If you see this header, please contact sb@sb.sb for a job
cf-ray: 8380bd35fcb42be9-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 addrinfo Show response
ipv6.ip.sb/ 483 B
626 B 379ms
212ms Script
application/javascript 2a09:0:13::9
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL

https://ipv6.ip.sb/addrinfo?callback=jQuery351015793001817269392_1703000374120&_=1703000374121

Requested by

Host: ip.sb
URL: https://ip.sb/assets/jquery-3.5.1/jquery.min.js?ver=20210930

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:0:13::9 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),

Reverse DNS

Software

nginx /

Resource Hash

253d4d9b2de7f405233b5ecaa9a9aee11c09ca867c64d2593f12e462c00f5dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
x-custom-job: If you see this header, please contact sb@sb.sb for a job
x-xss-protection: 1; mode=block

GET
H2 200 ca-pub-8974391898835059 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 97ms
60ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-8974391898835059?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30d3c43234601dbb9b38826084e3893fb9dc39045edc51762f3393aacb37108f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-LyG9hEHEy1QEG5xEPTnrnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-LyG9hEHEy1QEG5xEPTnrnQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EECB 436 B
234 B 254ms
254ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1---&client=ca-pub-8974391898835059&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.3093707004~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1703000375&rafmt=1&to=qs&pwprc=2225811165&format=1200x90&url=https%3A%2F%2Fip.sb%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703000374955&bpp=1&bdt=968&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da8997b87a9c51e39%3AT%3D1703000374%3ART%3D1703000374%3AS%3DALNI_MbVbycpW_SYef6vgv5vOJCMQqHydw&gpic=UID%3D00000ce6b3cbea1c%3AT%3D1703000374%3ART%3D1703000374%3AS%3DALNI_Mb6L-LAmkuj2EqTa30WKL2sL2VyhQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=4099179428787&frm=20&pv=1&ga_vid=1757408564.1703000375&ga_sid=1703000375&ga_hid=1789871477&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1400&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080103%2C44795922%2C44809530%2C95320885&oid=2&pvsid=3251345792258570&tmod=1366138745&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=125

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbc96ccb38612552ea9d345a786111426b0151c919e0cb04ab7186a56bc16e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ip.sb/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 15:39:35 GMT
expires: Tue, 19 Dec 2023 15:39:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWMcZXTQWXCFDVwZ2C_oLujP76lGzlyzZ7uIOIwsvel_17JSJMiv3TKsHtJrXnY833yBPkZRFc3ilFcR0JUWY24HFfM_HT-qjW6wui084qJGjTXXr7BGJpL0oLlsXyyZR3SjP8jQg== Show response
fundingchoicesmessages.google.com/f/ 13 KB
7 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWMcZXTQWXCFDVwZ2C_oLujP76lGzlyzZ7uIOIwsvel_17JSJMiv3TKsHtJrXnY833yBPkZRFc3ilFcR0JUWY24HFfM_HT-qjW6wui084qJGjTXXr7BGJpL0oLlsXyyZR3SjP8jQg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMDAwMzc1LDgyMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2lwLnNiLyIsbnVsbCxbWzgsIlV2RkJRUjM0UzVVIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMwHoQ20fbHqWwNC8d65sakOgGWhJg/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a8a15d0887e6944f928b38dab7680080803b3f452e63a899e7ced8ac7855086f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9viaSDRqSjTr7qrPj2NE3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-9viaSDRqSjTr7qrPj2NE3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 60ms
59ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba768c2410dce4646c1ec1ac264fd6fcf75b67f6447cc5c26ae1e5620ba5dc8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12339
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 71ms
28ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 15:39:35 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5A42 13 KB
5 KB 15ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ip.sb/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:09:50 GMT
expires: Wed, 18 Dec 2024 09:09:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CAFF 829 B
1 KB 61ms
25ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

082e3bae092e3a96bb3f86ef1ca971419893268d91dd4933698789786d80e335

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VECv4z4BUnIg6JuZPlC0Eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ip.sb/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VECv4z4BUnIg6JuZPlC0Eg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 15:39:35 GMT
expires: Tue, 19 Dec 2023 15:39:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5A42 39 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 09:20:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 09:20:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CAFF 0
0 43ms
43ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3251345792258570&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5A42 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?WKpS6Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 46ms
46ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3251345792258570&bg=!8POl87zNAAY3kmNgF5I7ADQBe5WfOKPpXa40dCMJuDg1e2eULkrsP1ihj_0kJkQJ-6jeS63NFe1lbuxA2llLNHyrmQi6AgAAADlSAAAAAWgBB5kC5In6ZZV0DqYMi6BSY_B_v-hacWEewfCdWh-fKTMecR-36TGuXpaBBqibxAMhVgmkYvoPFNpmFoqfs0JgG-Ji726aD8CT4AmWFHmhD0g39M0pbIRfRt5WLKiS3O8zzK9UnBsCC2OlTYotPmya1VfBOfPsFewxMIBwejMfoP5owta2nfrVBRIjvs69i37qunPnqnu0qRmeqp4-wtUkyzZ8nc1eS5kJlXgIqzvnW61W_v3lBd13RnJteHqdq4eTfct9wRU4BMhs_VvefbnK56Dok1BtiTcRatvMe7AIRINzv0_i94oqZjBJTzaRm5Li5Pmcm2yANHBiLg_bPO6HGPvAzLCLpddX1bQJ84UI0eQ5gXOtjdWUg0v8crCocuC7hV_sGeVxNWTOrelWMhfyPoP6a-E2qFjjrpGQ5bvsQiN9O9V3ykNfI8n89AgQt6lEmX9goXLJ1E0oeZ831wiD73pzl7mu9P1yzSFtzWccKH5pQuXXS1bU5MDCS-awXfe1pvIKvjFGprWEZRNz4CMgbYBJm5UlCJaki0jvkxcH-s271Jwh8EpO1Q_44dA_ts9XVQFIE5GpIVriHEZWjWFGL07WmL6AUDIsp2OeZSLGiKcSryT2PssPrNE8kw6rPU14lGm6RGfMwSrBB32-SiT13h655rUePRV3SrlBQAjYChWjhpNLea2dq7166-8ThnKDYY62-1076AVipjj-gAdzUg-Ng4LKc3UkMs3oDRSz_WeqFnoP2nsUngpydZ8FpWsx2HJN7S82N4cFN6-CHOpc_IKW_MaXtgqOzkS7nDpl49PdSQbHmySt4XWllAeZRMLGxW7eJg2q-ZDsgAoClHZ7hqh0geIAGk-1beyGIVt4zRv4BbIvSjRXB2D-UoJ0BYiNjx4Fh4cSW0zbZXxfq7ZJdHb1M8zdoudbpp1EGZa7GodNgot69bn3sv8VdVzl6jVc_OvSfb9nqb2Agv9DyxrtpDhaDfRVyaib
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 48ms
48ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=2.1555943259005352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-23KLEXMvGvL694nsMj1NNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-23KLEXMvGvL694nsMj1NNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 46ms
46ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=8.57725086377423

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sqTtXeKzJMSoVmJNSLcuKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-sqTtXeKzJMSoVmJNSLcuKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWjMwJvbNRVhi3p_Ab3EJA7jsKRrFjqzftRt9qQ-iVFQwRPHUNA64MDlRXiO71ThRjtovBKeS8_rEQU3VuyMLrvor9M-p9czglun4v8QvZJ1WC0vtCgZhOn0gBBOFEDHjydp7VF1Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 89ms
39ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWjMwJvbNRVhi3p_Ab3EJA7jsKRrFjqzftRt9qQ-iVFQwRPHUNA64MDlRXiO71ThRjtovBKeS8_rEQU3VuyMLrvor9M-p9czglun4v8QvZJ1WC0vtCgZhOn0gBBOFEDHjydp7VF1Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZQzPDEkI4F0O6X656Xxliw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ip.sb/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 19 Dec 2023 15:39:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-ZQzPDEkI4F0O6X656Xxliw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ip.sb
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 728_90 Show response
fundingchoicesmessages.google.com/f/AGSKWxVR0VPG1ExfQirKxeKd8he4GTk9seBNUQcfEWaoX1YmXy-zMAbsYY6ECpoeKXD5qPnJh4EsE_m1chYPxHovqeyJL0A0dNCtx2ljC9sHL4BBoo6IrNIljJBP1FYjFB_uZX0kOeY9bP6CudK6zrq2TaU3JJkjM... 54 B
109 B 31ms
31ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVR0VPG1ExfQirKxeKd8he4GTk9seBNUQcfEWaoX1YmXy-zMAbsYY6ECpoeKXD5qPnJh4EsE_m1chYPxHovqeyJL0A0dNCtx2ljC9sHL4BBoo6IrNIljJBP1FYjFB_uZX0kOeY9bP6CudK6zrq2TaU3JJkjMAHOlfqyYOclLyY8Dot41v3oDAIzPo77/_/468x060_/affiliate_link.js/adwriter2.-ad-reload./img/728_90

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwWfbcbLtnPlY16R7U9M_hg5D_tIw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cb743a2356e03e52a0716e615c97394e9e032e63763f6d842a3738b6775be98

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7GlIkWabw6F0uwCDb9WP-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-7GlIkWabw6F0uwCDb9WP-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61fccfdc6707e6432998da73d67d285fad858d68d59c9eb2657930772fb2cbd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 14:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24502
x-xss-protection: 0
server: cafe
etag: 8172479049841164170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 15:49:32 GMT

POST
H3 204 AGSKWxWjMwJvbNRVhi3p_Ab3EJA7jsKRrFjqzftRt9qQ-iVFQwRPHUNA64MDlRXiO71ThRjtovBKeS8_rEQU3VuyMLrvor9M-p9czglun4v8QvZJ1WC0vtCgZhOn0gBBOFEDHjydp7VF1Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 30ms
30ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWjMwJvbNRVhi3p_Ab3EJA7jsKRrFjqzftRt9qQ-iVFQwRPHUNA64MDlRXiO71ThRjtovBKeS8_rEQU3VuyMLrvor9M-p9czglun4v8QvZJ1WC0vtCgZhOn0gBBOFEDHjydp7VF1Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4792ZtAaa2OcsHv7cP9VYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ip.sb/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 19 Dec 2023 15:39:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4792ZtAaa2OcsHv7cP9VYA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ip.sb
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWjMwJvbNRVhi3p_Ab3EJA7jsKRrFjqzftRt9qQ-iVFQwRPHUNA64MDlRXiO71ThRjtovBKeS8_rEQU3VuyMLrvor9M-p9czglun4v8QvZJ1WC0vtCgZhOn0gBBOFEDHjydp7VF1Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 26ms
26ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWjMwJvbNRVhi3p_Ab3EJA7jsKRrFjqzftRt9qQ-iVFQwRPHUNA64MDlRXiO71ThRjtovBKeS8_rEQU3VuyMLrvor9M-p9czglun4v8QvZJ1WC0vtCgZhOn0gBBOFEDHjydp7VF1Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-beY2e7P1h5cXOuEz192OtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ip.sb/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 19 Dec 2023 15:39:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-beY2e7P1h5cXOuEz192OtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ip.sb
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWjMwJvbNRVhi3p_Ab3EJA7jsKRrFjqzftRt9qQ-iVFQwRPHUNA64MDlRXiO71ThRjtovBKeS8_rEQU3VuyMLrvor9M-p9czglun4v8QvZJ1WC0vtCgZhOn0gBBOFEDHjydp7VF1Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 30ms
30ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWjMwJvbNRVhi3p_Ab3EJA7jsKRrFjqzftRt9qQ-iVFQwRPHUNA64MDlRXiO71ThRjtovBKeS8_rEQU3VuyMLrvor9M-p9czglun4v8QvZJ1WC0vtCgZhOn0gBBOFEDHjydp7VF1Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-f2_CieHm4II2rWEoj3sUhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ip.sb/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 19 Dec 2023 15:39:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-f2_CieHm4II2rWEoj3sUhw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ip.sb
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWjMwJvbNRVhi3p_Ab3EJA7jsKRrFjqzftRt9qQ-iVFQwRPHUNA64MDlRXiO71ThRjtovBKeS8_rEQU3VuyMLrvor9M-p9czglun4v8QvZJ1WC0vtCgZhOn0gBBOFEDHjydp7VF1Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 35ms
35ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWjMwJvbNRVhi3p_Ab3EJA7jsKRrFjqzftRt9qQ-iVFQwRPHUNA64MDlRXiO71ThRjtovBKeS8_rEQU3VuyMLrvor9M-p9czglun4v8QvZJ1WC0vtCgZhOn0gBBOFEDHjydp7VF1Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yL1cGbvj8-8wMlBrjw5lGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ip.sb/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 19 Dec 2023 15:39:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-yL1cGbvj8-8wMlBrjw5lGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ip.sb
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxVnDJfsLfWnEIH-8yaAVRwaOCMvXl5_546_R9F1pwwEv6Ztv-y3iOXvSLeTXce-PatlB_5bIFK_zSQACg870j3Bs_0ITEuGrL6K8LALN0Kbz7X2bJW_yeazuy_loAbqoRE7sNYZaw== Show response
fundingchoicesmessages.google.com/f/ 4 KB
2 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVnDJfsLfWnEIH-8yaAVRwaOCMvXl5_546_R9F1pwwEv6Ztv-y3iOXvSLeTXce-PatlB_5bIFK_zSQACg870j3Bs_0ITEuGrL6K8LALN0Kbz7X2bJW_yeazuy_loAbqoRE7sNYZaw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMDAwMzc2LDgyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vaXAuc2IvIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20a6cc6a41a563d9d9458be8594a8e8714ffd5d49c5b079a312ee045425203dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-08BKiZnw3jJKZra4vYmYBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-08BKiZnw3jJKZra4vYmYBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWjMwJvbNRVhi3p_Ab3EJA7jsKRrFjqzftRt9qQ-iVFQwRPHUNA64MDlRXiO71ThRjtovBKeS8_rEQU3VuyMLrvor9M-p9czglun4v8QvZJ1WC0vtCgZhOn0gBBOFEDHjydp7VF1Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 28ms
28ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWjMwJvbNRVhi3p_Ab3EJA7jsKRrFjqzftRt9qQ-iVFQwRPHUNA64MDlRXiO71ThRjtovBKeS8_rEQU3VuyMLrvor9M-p9czglun4v8QvZJ1WC0vtCgZhOn0gBBOFEDHjydp7VF1Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uiM26JI7nQidgJETu9I02g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ip.sb/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 19 Dec 2023 15:39:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uiM26JI7nQidgJETu9I02g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ip.sb
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXgRzjHWbQpO-tDwGOvASgUOcJhIZJn4752-7s-rP9KfSEQ6qyvQ-yATFZa0pNuPUfcm6QgyI3AlYnJEjmmytJo4tlBQFQpllRO6m5J1RIte5tV85ZLSJCgvHicY3u2E3MF3q8z2g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXgRzjHWbQpO-tDwGOvASgUOcJhIZJn4752-7s-rP9KfSEQ6qyvQ-yATFZa0pNuPUfcm6QgyI3AlYnJEjmmytJo4tlBQFQpllRO6m5J1RIte5tV85ZLSJCgvHicY3u2E3MF3q8z2g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMDAwMzc2LDg3NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vaXAuc2IvIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e65816bd7275414be994d59d070f2b9edf5a60cd89be745eaf43d3547e5b9a52

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WPZJOi5w_V_763xwyjO0Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-WPZJOi5w_V_763xwyjO0Lg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXHCkEnz5WOs5HUgQlAiGr3qwrprRHn3gnWAIVfRJ8VBQbwdkxu5_l87fU0xCsG9rwtOle9CBNZhCPY-0vUXJKKYSc8Rc3rvKWWD1JCi5pSQjSffy7gyT5zjU09w42Mbg1UMkhjjA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXHCkEnz5WOs5HUgQlAiGr3qwrprRHn3gnWAIVfRJ8VBQbwdkxu5_l87fU0xCsG9rwtOle9CBNZhCPY-0vUXJKKYSc8Rc3rvKWWD1JCi5pSQjSffy7gyT5zjU09w42Mbg1UMkhjjA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzMDAwMzc2LDk0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9pcC5zYi8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

112745480ebcab1532875a60681307ed11043fddd4fdf1add89cf9c88d9af58a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-udPyYueIffAtKoVtqU_2vA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ip.sb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 15:39:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-udPyYueIffAtKoVtqU_2vA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXxZkxCOXhxgr0KPYK5IbI0ibFOFSxOVCRgUzKZ2ADHhglJwZVO4zRfzA66Z-Ysrr8hBhbRX7TRmPm4x0KuKOBlY1evdm_7BucO4-FAvq5zFpue_FeFnhWp6KWXo2UlHsWs4TxZUQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 30ms
30ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXxZkxCOXhxgr0KPYK5IbI0ibFOFSxOVCRgUzKZ2ADHhglJwZVO4zRfzA66Z-Ysrr8hBhbRX7TRmPm4x0KuKOBlY1evdm_7BucO4-FAvq5zFpue_FeFnhWp6KWXo2UlHsWs4TxZUQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SE453y0uVgSFxhXgESNLSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ip.sb/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 19 Dec 2023 15:39:37 GMT
content-security-policy: script-src 'report-sample' 'nonce-SE453y0uVgSFxhXgESNLSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ip.sb
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWjMwJvbNRVhi3p_Ab3EJA7jsKRrFjqzftRt9qQ-iVFQwRPHUNA64MDlRXiO71ThRjtovBKeS8_rEQU3VuyMLrvor9M-p9czglun4v8QvZJ1WC0vtCgZhOn0gBBOFEDHjydp7VF1Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 38ms
38ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWjMwJvbNRVhi3p_Ab3EJA7jsKRrFjqzftRt9qQ-iVFQwRPHUNA64MDlRXiO71ThRjtovBKeS8_rEQU3VuyMLrvor9M-p9czglun4v8QvZJ1WC0vtCgZhOn0gBBOFEDHjydp7VF1Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LmSm1IgSQYu2BLYzxmpjzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ip.sb/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 19 Dec 2023 15:39:37 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LmSm1IgSQYu2BLYzxmpjzA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ip.sb
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ip.sb/	1969-12-31 23:59:59	Name: PHPSESSID Value: 343af8df-d670-9fce-2f40-751d4cc7daa0
ip.sb/	1969-12-31 23:59:59	Name: ipsb Value: 4PkR2NGVXseMvFzmEubAICryTagK3tWD
ipv4.ip.sb/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7d41a7af-2963-eebf-2411-4a1af3a39083
ipv4.ip.sb/	1969-12-31 23:59:59	Name: ipsb Value: mahjpIDWEnGdrQk59Ziz7LlCMUwft04F
.ip.sb/	1970-01-21 02:24:56	Name: __gads Value: ID=a8997b87a9c51e39:T=1703000374:RT=1703000374:S=ALNI_MbVbycpW_SYef6vgv5vOJCMQqHydw
.ip.sb/	1970-01-21 02:24:56	Name: __gpi Value: UID=00000ce6b3cbea1c:T=1703000374:RT=1703000374:S=ALNI_Mb6L-LAmkuj2EqTa30WKL2sL2VyhQ
ipv6.ip.sb/	1969-12-31 23:59:59	Name: PHPSESSID Value: bb5904a0-4fa2-1358-5c03-c778121971fd
ipv6.ip.sb/	1969-12-31 23:59:59	Name: ipsb Value: X1alRZYKAnrxkL4cpov8OQIEShqwiH9j
.doubleclick.net/	1970-01-21 02:39:20	Name: IDE Value: AHWqTUnkR1QwGhmyyrNQ3zpJUvYH21jaiOId1m1IuaMWnL4CwxKsEg6e5WPVuJxFGXE
.ip.sb/	1970-01-21 01:48:56	Name: FCNEC Value: %5B%5B%22AKsRol_rKGotwy2D2WcStS1YpucJhJF5K4UhPSnFSTnN1-izkHloQTn_QsIhTK_qlQYhmXTdoSqUOGxMSTSg4tKLkXDbVBFiziW8-iBe0eoCfZpTJA9aywXk6ncU7ZW-CsuVGs5TUHu5cu7S7BCo1rs8NDbjM2-nZg%3D%3D%22%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.wwads.cn
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ip.sb
ipv4.ip.sb
ipv6.ip.sb
pagead2.googlesyndication.com
stat.xtom.com
tpc.googlesyndication.com
www.google.com
104.26.13.31
2606:4700:20::681a:c1f
2606:4700:20::681a:fb2
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:830::200e
2a09:0:13::9
52.222.139.69
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
07c65faf05e89baac0d8bdc5ae4467c9bc5e5ea5e1ff23f134aa3c812694aa80
082e3bae092e3a96bb3f86ef1ca971419893268d91dd4933698789786d80e335
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
112745480ebcab1532875a60681307ed11043fddd4fdf1add89cf9c88d9af58a
145f368dc146eb29b2d6e2a5730504d09f55a44509228f09d2c54a4152f0d553
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20a6cc6a41a563d9d9458be8594a8e8714ffd5d49c5b079a312ee045425203dc
253d4d9b2de7f405233b5ecaa9a9aee11c09ca867c64d2593f12e462c00f5dc1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30d3c43234601dbb9b38826084e3893fb9dc39045edc51762f3393aacb37108f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b5073b0f69b0613296ef7a27e6fbde0e0c47a43f583cd36d8bfdda224804061
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f5a644c22748fe117958b788445a2e8c9475f078eba803e42cf5f0e5f491ec
61fccfdc6707e6432998da73d67d285fad858d68d59c9eb2657930772fb2cbd9
651134d37920a13e7f50bf2a218fa74d946227efad7257e02e347bd75f90505a
6b2a9b89731f9fac6020ed97ede56a0defb23321534959417e69e40483001ebb
710fdf60f8c64227ec60504a9fd57df93edbe3bf55a489cec5a5f9cbd47a3a96
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
812e26249cbef516bc8b1f428b679970f10dd4d60b1865b764d44166196a7ff4
85b5c247fc2f3d1dfeca521bcae58f41f6655e6c50222308b32e0c1737cf3c6a
8bbc96ccb38612552ea9d345a786111426b0151c919e0cb04ab7186a56bc16e7
8cb743a2356e03e52a0716e615c97394e9e032e63763f6d842a3738b6775be98
8e39e4c0d02627f829498a122a0ea4b4348c0af74af8dc61bb979c0171e5a254
a82e8e45535d6b73d984b13f222cfe44a08c286e027b8ff4cfb4e0fbb0ed1aae
a8a15d0887e6944f928b38dab7680080803b3f452e63a899e7ced8ac7855086f
b8a8207eb696c43c0a141dabbf250986e3efe5046b6a1bf01000af8e02a4cb10
ba768c2410dce4646c1ec1ac264fd6fcf75b67f6447cc5c26ae1e5620ba5dc8a
c01f7706eea46cb1e2ac3f19a42c826d0f91df1dd2aea40974642d265f560e56
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d3a9e1c4e31743108f8c71c0d4176e32e7584b9da3b318ed04caddeecbf9d639
e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65816bd7275414be994d59d070f2b9edf5a60cd89be745eaf43d3547e5b9a52
e91d2a039864c0c45089eec22f682e3789085240596f1f7ba6592b7ef58a0794
f0516f7cad49e745b6efe2729c1f5b2e0dda189cb6126a71a84fd83f7cb97cb5
f15f969e1485e8b10611a04bcc48d4dc1731c1f88616f2989646d47565f31cb6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

ip.sb Open in urlscan Pro 2606:4700:20::681a:c1f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

53 Requests

100 %HTTPS

80 %IPv6

6 Domains

10 Subdomains

10 IPs

3 Countries

664 kBTransfer

1703 kBSize

10 Cookies

7 Outgoing links

Page URL History

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ip.sb Open in urlscan Pro
2606:4700:20::681a:c1f Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

100 %
HTTPS

80 %
IPv6

6
Domains

10
Subdomains

10
IPs

3
Countries

664 kB
Transfer

1703 kB
Size

10
Cookies

53 HTTP transactions
0 data transactions