lelive.weebly.com Open in urlscan Pro
199.34.228.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lelive.weebly.com/
Effective URL:
https://lelive.weebly.com/
Submission: On December 07 via api (December 7th 2023, 8:01:54 pm UTC) from US — Scanned from DE

Summary HTTP 242 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 45 IPs in 5 countries across 29 domains to perform 242 HTTP transactions. The main IP is 199.34.228.54, located in United States and belongs to WEEBLY, US. The main domain is lelive.weebly.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on October 28th 2023. Valid for: a year.

This is the only time lelive.weebly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.34.228.53 199.34.228.53	27647 (WEEBLY) (WEEBLY)
19	199.34.228.54 199.34.228.54	27647 (WEEBLY) (WEEBLY)
22	2a04:4e42:400... 2a04:4e42:400::302	54113 (FASTLY) (FASTLY)
14	74.115.50.110 74.115.50.110	27647 (WEEBLY) (WEEBLY)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 13	2606:4700:303... 2606:4700:3036::6815:531	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5 26	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2016	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
3 4	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
2	44.240.236.222 44.240.236.222	16509 (AMAZON-02) (AMAZON-02)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
4	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 4	46.4.10.49 46.4.10.49	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	167.233.14.134 167.233.14.134	24940 (HETZNER-AS) (HETZNER-AS)
2	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	3.11.198.160 3.11.198.160	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	3.160.212.123 3.160.212.123	16509 (AMAZON-02) (AMAZON-02)
1	18.245.187.11 18.245.187.11	16509 (AMAZON-02) (AMAZON-02)
2	3.10.29.13 3.10.29.13	16509 (AMAZON-02) (AMAZON-02)
242	45

1 199.34.228.53 (United States) 1 redirects

ASN27647 (WEEBLY, US)
PTR: pages-wildcard-1.weebly.com

lelive.weebly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 199.34.228.54 (United States)

ASN27647 (WEEBLY, US)
PTR: pages-wildcard-2.weebly.com

lelive.weebly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a04:4e42:400::302 (United States)

ASN54113 (FASTLY, US)

cdn2.editmysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 74.115.50.110 (United States)

ASN27647 (WEEBLY, US)
PTR: www.weebly.com

www.weebly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:3036::6815:531 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

widgetic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.widgetic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.90 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.240.236.222 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-236-222.us-west-2.compute.amazonaws.com

ec.editmysite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 176.9.26.250 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.4.10.49 (Rostock, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de

hal90001.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Frankfurt am Main, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.14.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.198.160 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.212.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-212-123.mxp53.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.187.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-187-11.lhr5.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.10.29.13 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-29-13.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 248 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 98422	78 KB
34	weebly.com 1 redirects lelive.weebly.com www.weebly.com — Cisco Umbrella Rank: 27379	3 MB
32	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	4 MB
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	376 KB
24	editmysite.com cdn2.editmysite.com — Cisco Umbrella Rank: 12870 ec.editmysite.com — Cisco Umbrella Rank: 14061	565 KB
19	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 203 fonts.googleapis.com — Cisco Umbrella Rank: 29 ajax.googleapis.com — Cisco Umbrella Rank: 340	167 KB
16	gstatic.com fonts.gstatic.com www.gstatic.com	188 KB
13	widgetic.com 1 redirects widgetic.com — Cisco Umbrella Rank: 71690 files.widgetic.com — Cisco Umbrella Rank: 266390	119 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37721 hal90001.redintelligence.net — Cisco Umbrella Rank: 256416	38 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93	79 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 587 www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	38 KB
4	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 226	12 KB
4	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	624 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	299 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395 api.webgains.io — Cisco Umbrella Rank: 59842	19 KB
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 47317 medialead.de — Cisco Umbrella Rank: 46843	851 B
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 164531	6 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	128 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	3 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 128498	923 B
1	futalis.de futalis.de — Cisco Umbrella Rank: 305788	401 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	2 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 225	395 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 590	25 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	16 KB
242	29

	Domain	Requested by
32	www.youtube.com	lelive.weebly.com www.youtube.com
26	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net
22	cdn2.editmysite.com	lelive.weebly.com cdn2.editmysite.com
20	lelive.weebly.com	1 redirects lelive.weebly.com cdn2.editmysite.com
16	jnn-pa.googleapis.com	www.youtube.com
16	pagead2.googlesyndication.com	www.weebly.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	www.weebly.com	lelive.weebly.com
12	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
12	widgetic.com	1 redirects lelive.weebly.com widgetic.com
8	www.gstatic.com	www.youtube.com www.gstatic.com
8	fonts.gstatic.com	www.youtube.com
6	www.google.com	1 redirects www.youtube.com tpc.googlesyndication.com
4	hal90001.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90001.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal90001.redintelligence.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	yt3.ggpht.com	www.youtube.com
4	i.ytimg.com	www.youtube.com
4	static.doubleclick.net	www.youtube.com
4	www.googletagmanager.com	lelive.weebly.com www.googletagmanager.com adv.office-partner.de
2	api.webgains.io	analytics.webgains.io
2	5994599.fls.doubleclick.net	1 redirects lelive.weebly.com
2	pv.medialead.de	hal90001.redintelligence.net googleads.g.doubleclick.net
2	cdn.retailads.net	1 redirects futalis.de
2	www.googleadservices.com	lelive.weebly.com
2	ec.editmysite.com	cdn2.editmysite.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	widgetic.com hal90001.redintelligence.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	medialead.de	1 redirects
1	track.webgains.com	lelive.weebly.com
1	adv.office-partner.de	hal90001.redintelligence.net
1	futalis.de	hal90001.redintelligence.net
1	www.facebook.com	widgetic.com
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	bam.nr-data.net	widgetic.com
1	js-agent.newrelic.com	widgetic.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	widgetic.com
1	ssl.google-analytics.com	lelive.weebly.com
1	files.widgetic.com	widgetic.com
1	cdn.jsdelivr.net	widgetic.com
242	46

This site contains links to these domains. Also see Links.

Domain
www2.bingfeng.tw
www.game735.com
www.facebook.com
www.youtube.com
mega.nz
www.weebly.com

Subject Issuer	Validity	Valid
*.weebly.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-28` - `2024-11-15`	a year	crt.sh
*.editmysite.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-12` - `2024-07-13`	a year	crt.sh
www.weebly.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-09-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
widgetic.com E1	`2023-11-10` - `2024-02-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ec.editmysite.com Amazon RSA 2048 M01	`2023-06-12` - `2024-07-10`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-16` - `2023-12-15`	3 months	crt.sh
*.futalis.de R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://lelive.weebly.com/
Frame ID: B06AD30DCEB83FB86F4FBF77912631DF
Requests: 69 HTTP requests in this frame

Frame: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
Frame ID: AF94F7085FFC8AB22980028A17A2370D
Requests: 16 HTTP requests in this frame

Frame: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
Frame ID: F1ED9E4AC8BD18BC74897254B1AD864A
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: 67AB2BE31D8C623112042A510B63C9A9
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
Frame ID: 43441B0EC37266D27A393B502C0A4317
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3728641180&adf=1460459252&w=468&lmt=1701979307&ad_type=text_image&format=468x60_as&color_bg=000000&color_border=000000&color_link=FFFFFF&color_text=CCCCCC&color_url=999999&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=000000&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307523&bpp=206&bdt=1018&idt=451&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&correlator=8492969922840&frm=20&pv=2&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=566&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=463
Frame ID: 06D2F756C7F377082FC3DBE426E0868E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=3566803071&adf=4055878447&w=728&lmt=1701979307&ad_type=image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307528&bpp=202&bdt=1023&idt=463&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=465
Frame ID: 8C1F5B56414804A5D9D25B9B9B40FF4C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1701979307&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307554&bpp=177&bdt=1050&idt=441&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=444
Frame ID: 5D14F43EFB0E30B8997307761A5D6B41
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=2776088540&adf=2540194251&w=468&lmt=1701979308&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307565&bpp=166&bdt=1060&idt=434&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=919&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=437
Frame ID: B7668BD4B7487634151972E34771A95B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=3310464510&w=468&lmt=1701979308&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307765&bpp=2&bdt=1261&idt=241&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=243
Frame ID: F201D1E19C6E98860BB204C84E34E5C4
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
Frame ID: 6E53EFE9106278871B7E25073DEC5009
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=1230979907&adf=3956329256&w=234&lmt=1701979308&ad_type=text_image&format=234x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307768&bpp=1&bdt=1264&idt=242&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as%2C468x60_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=2301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=244
Frame ID: 371DC1A9E249400EC59B826F95D69FBC
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
Frame ID: 228B2C3AFCA6BC4B2D6D5FBB4BCD6C68
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=2671402218&adf=898975295&w=728&lmt=1701979308&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307785&bpp=1&bdt=1281&idt=234&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as%2C468x60_as%2C234x60_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3064&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=238
Frame ID: C8C23F75B78953F19E235FC6CC72C98E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=843395539&w=468&lmt=1701979308&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307842&bpp=1&bdt=1337&idt=185&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as%2C468x60_as%2C234x60_as%2C728x90_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=186
Frame ID: EC13744DFF3B2A8912DB8D8121FE4A9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=250&adk=597672501&adf=2042640218&w=300&lmt=1701979308&ad_type=text_image&format=300x250_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307844&bpp=1&bdt=1339&idt=187&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as%2C468x60_as%2C234x60_as%2C728x90_as%2C468x60_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=188
Frame ID: 4BA9DC1D1938E5B0F9636C8BABB55F21
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=1030568439&w=468&lmt=1701979308&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307845&bpp=1&bdt=1340&idt=190&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as%2C468x60_as%2C234x60_as%2C728x90_as%2C468x60_as%2C300x250_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=4476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&btvi=8&fsb=1&dtd=192
Frame ID: C76EB514F9CDA277F706CB458E3CC881
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=4027036295&w=468&lmt=1701979308&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307930&bpp=1&bdt=1425&idt=110&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as%2C468x60_as%2C234x60_as%2C728x90_as%2C468x60_as%2C300x250_as%2C468x60_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=4476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&btvi=9&fsb=1&dtd=114
Frame ID: A8DC919864F7D54B2618157AF6D51204
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C70C7F816E7E341DFD4551E05C3C997C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVLcmHm8U1FVFcFCg-yEHg2EHvr3XljStyyhbxau9wmAck1AVPhwJRdIswEzRcgeVUGih6n06e8E6aBGIWCbF3uUJxg20xFYO_c2vBV3kfoC6WDC8HSDjNp8bKV075d3JyTrn-9VBO3XQvcmUXKV_TY3H3ltcw277Gdl6KNDt-nkKxI0wg
Frame ID: E95E3C8A5B3A9BC708F27BB94F5CFABC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&adk=1812271804&adf=3025194257&lmt=1701979308&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979308924&bpp=1&bdt=2420&idt=1&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2631426f98406626%3AT%3D1701979308%3ART%3D1701979308%3AS%3DALNI_MbML1a03j6vl8PG5oKZ50VVD_Gg8Q&gpic=UID%3D00000d0f66c36042%3AT%3D1701979308%3ART%3D1701979308%3AS%3DALNI_MYBkt9VZQWpaerQJLBbMF7cfUwWow&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as%2C468x60_as%2C234x60_as%2C728x90_as%2C468x60_as%2C300x250_as%2C468x60_as%2C468x60_as&nras=1&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=15&uci=a!f&fsb=1&dtd=9
Frame ID: 0EA276227891704A641B46DA327577D7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 0EC44A18C661E484AD694125F8B62E7C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/talksometingshit&width&layout=button_count&action=like&show_faces=false&share=false&height=80
Frame ID: 4D0436D2A0672DE00BA7675C7C802926
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 774B86FDD50D43F7F7F159ADD1DC98C8
Requests: 3 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3369967619
Frame ID: 4A1D68A64A54F1CE3805D01A517785C9
Requests: 2 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=93229600138263504444550012531001&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: B7BFF562EF676EF22ADD8156D9A91B60
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 10DAC3B914A1559CEF7C19037D02E58A
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJe-xYGP_oIDFX5GHgId5qAJmg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1293498957276.0847
Frame ID: C681D4963AF8E43B7B8B3DEC2B14F3CF
Requests: 2 HTTP requests in this frame

Frame: https://hal90001.redintelligence.net/request_content.php?s=93229600138263504444550012531001&a=bff0f85c
Frame ID: D1EF59A6714284DD2FA6169E211EA45F
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ADEA824330EB17B22CD6D6B09C87F106
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9438B378F80F3CDF9A124A718961746C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sidsupertool - Sid超級流亡輔助

Page URL History Show full URLs

http://lelive.weebly.com/ HTTP 301
https://lelive.weebly.com/ Page URL

Detected technologies

Weebly (CMS) Expand

Overall confidence: 100%
Detected patterns

cdn\d+\.editmysite\.com

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

242
Requests

95 %
HTTPS

54 %
IPv6

29
Domains

46
Subdomains

45
IPs

5
Countries

9572 kB
Transfer

22947 kB
Size

28
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www2.bingfeng.tw/thread-616556-1-1.html?x=252309
Title: 冰楓論壇

Search URL Search Domain Scan URL

URL: https://www.game735.com/p-325966-421647.html
Title: 夢遊電玩論壇

Search URL Search Domain Scan URL

URL: https://www.facebook.com/talksometingshit/
Title: FB粉絲專頁: @talksometingshit

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCTZxcsGnHgKFZbTjg4_u11A

Search URL Search Domain Scan URL

URL: https://mega.nz/#F!RAVBnC6B!T1CkjnmjcoBfdYj4az-IuQ
Title: 免費下載(點我)

Search URL Search Domain Scan URL

URL: https://www.weebly.com/signup?utm_source=internal&utm_medium=footer
Title: Unterstützt von Erstellen Sie mit anpassbaren Vorlagen Ihre eigene einzigartige Website. Legen Sie los

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lelive.weebly.com/ HTTP 301
https://lelive.weebly.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://widgetic.com/wbl/app/53f6253e09c7e204038b4567?wbl[wid]=069b0a64-e565-4ce4-8775-ddeb28af730c&wbl[uid]=77032051&wbl[sid]=693506005579234598&prod&autoscale= HTTP 301
https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com

Request Chain 84

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 115

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 117

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 119

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 178

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTigV4lCJ_06VWhAtBkpGg&google_cver=1

Request Chain 179

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXIkrXHBdLAU.r1uBWv4ywAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKhECDcUXgb83wCodbzHvBA&google_cver=1&google_hm=2

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECRTg25THCd4yFmuPbfIz8Y&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECRTg25THCd4yFmuPbfIz8Y%26google_cver%3D1

Request Chain 181

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc3MDU0NjU1MzgzMzk0MDg3OA%3D%3D

Request Chain 188

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 195

https://googleads.g.doubleclick.net/pagead/adview?ai=CrZqIrCRyZbGJC4SO29gP3ZWuiAbMj86zdNjXidmkELCQHxABILKh3nhglaKAgpgHoAH34pu0KMgBAqgDAcgDyQSqBIMCT9Cu0glK_8-uzMbvQgxS3-nmUhSH7iwia-0X8npDMQoFIDAc4uxlJZCuNsbDlvITUoW1fnGwgfLCpdV6w3yxLLMo5Xg3hjOzYOuxIkVGndtqExGtc4kYmQo8z9K-GPpqnLiSjfpl4scoUTzmZjXAapgojQrgYuWiGbMv2RYwxLyJ3nGnt_zavD6yrq0TElAccYMWvEdLZjzGPnSnmrWwGNP1A3eZxrnSRgReDeSBxwhHlubr8unvuIe30qbCtbYbc1sbz8E1Nn25-4lUx_dUGJnfnbU-L3TVnUrRWr-BzeSecmC4NWXblULYSLbFBlHO5NvcXdN_Wv6Zlnpo7ydW_agLP8AE8KLeqaIEiAWdzYCORJIFBAgEGAGSBQQIBRgEoAYCgAf3muyTA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPG7A9IIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY3PLHgI_-ggOaCT1odHRwczovL2ZyZWUud2ViY29tcGFuaW9uLmNvbS9taW5pbWUvZGUvP2NhbXBhaWduPTE4MjgyOTgxMDIxgAoByAsBogwcKhoKGOS0sQLutbECtbixAqy6sQLktLEC7rWxAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi0xMTgxNzQ2NzQyMTUxMDIxGAA&sigh=qKyZ3wA5hwQ&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNm-jJ7MeKiQjCdeG_kPe8usQ_alWtIu4fMyDk7J7wlwoj3ifIUsjy6X0ofD13tKhJfxFeRDCemdSsB9MgZLF_8PC4q6JtTe8J6NgYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229136684703332646100%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2212-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22187538648822936913%22}&andc=true

Request Chain 210

https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e440c02957&subid=&uid=2807aa93ef9f4dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCih2ErCRyZa78C-Kq29gPs_a96A2m5b2gaYWVnKfJD_AuEAEgsqHeeGCVooCCmAfIAQmpAvSzraVwGrI-qAMByAObBKoEpgJP0Hlo2yGkeTWUpSjau97m4mSVEl-nR7M7e_zBhx_f6h0sL25xLeVnm9qszU1D8KxmqMn2gkom3Dwr87-106VwJ8PgGBcCsKS7JkYqLzJUxfucIX2Ol3hVLibcI_dVXqrpv9V3IPSVmTjRAsDhekfyWCzA8qhOUHrzaz9i34I2I1KcuK_F2HBXF94lw1bAsyNBVjmeWIE9QxLwttp7L9qDrHSnfq2LQ7NIS8BJsOdIkmY5s81vdiNrS-Y2TRkqQQFq8sFHg1giNWut_PaigB7b2ZtFU2lCrFJSIqE1VLIAUnX9aZNb8p8W-IYyNrDOXzQIRaqBaGMQBotSADw1XTBqqvDcZTODUb7cNV92IWC62BsUDIZxHWT_7oazV3S_bzNmbVpLIJDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg9fIgI_-ggOACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNIAxTKUBTtzskD5z0P4v7-hH02dkCsdymdC5KBrxXfVlgUd7uNTz_tGCXsRRN7vUd4N4lYHzK-7QmpLt15Ei3RkZwgbb5z0I-7hgB%26sig%3DAOD64_1nqJijob2XSlHeCr6XKrjTAKRQVQ%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQWXjMwudObANJGhEXUH61Ko41GFD16rl9VWTO-zKuNH432JtFCxEtZAq4EKGim6oNvkx8Seazr4sTQPmad7FmO8JeeDZGU2DHYxCaGduA4jXuZZ22-0_CUMmhOIKZ9xuDPWdxD-p3g-N3ijcFS_YvjHKur8orHzmff9MjuwPGojqEFak%26cry%3D1%26dbm_d%3DAKAmf-C1BzxjL-lJQQkAl4XB01zAn0kL4YoXbp00RasXQGAtVJbZklQ6smMPtjj-zS7FI6_ugOLq4LAcxkCAdwgGEc9T_CZNrAZx0AOgKQ-a8yur3nCj5dpSqw9KWAYsDBekTvHsgNWC7dFdVC3Ns5CXJuNFQQD0WkgK6iqCmwzyVtsGIDLDlhyKwXdP4Pwz7pqW3M4xDvS3zhs0jSZep_g6Hgoa7Nx2FM_OwVWGmplNxjqsRrd644qzmXPhgvZe0i-fnY_MoyQSAxjNo5UU1WS1LiHlfwxuotUS9ee9axvXTmm4gpBwAWcgP2-GtSVRWCRj36Ysl-5hryOb6i3YAYXp_eQ7Ph7J_PSLokjt5Fdpzzl4hS2N4DYPZIEdDQrPnIaip0QEibpLscR7GA28pyTdgzU4bs-WYeVVrD4OCEMLu_PBsgmoPhllFh1wkuOvSq9CQ_kl3-PPBO0J6DDo591yT-mWhFSlqL54WnyvRjRGVNq3vQrfJ_wYGorsSBT5sX5ixKdPk7_3%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=8321847774517&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e440c02957&subid=&uid=2807aa93ef9f4dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCih2ErCRyZa78C-Kq29gPs_a96A2m5b2gaYWVnKfJD_AuEAEgsqHeeGCVooCCmAfIAQmpAvSzraVwGrI-qAMByAObBKoEpgJP0Hlo2yGkeTWUpSjau97m4mSVEl-nR7M7e_zBhx_f6h0sL25xLeVnm9qszU1D8KxmqMn2gkom3Dwr87-106VwJ8PgGBcCsKS7JkYqLzJUxfucIX2Ol3hVLibcI_dVXqrpv9V3IPSVmTjRAsDhekfyWCzA8qhOUHrzaz9i34I2I1KcuK_F2HBXF94lw1bAsyNBVjmeWIE9QxLwttp7L9qDrHSnfq2LQ7NIS8BJsOdIkmY5s81vdiNrS-Y2TRkqQQFq8sFHg1giNWut_PaigB7b2ZtFU2lCrFJSIqE1VLIAUnX9aZNb8p8W-IYyNrDOXzQIRaqBaGMQBotSADw1XTBqqvDcZTODUb7cNV92IWC62BsUDIZxHWT_7oazV3S_bzNmbVpLIJDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg9fIgI_-ggOACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNIAxTKUBTtzskD5z0P4v7-hH02dkCsdymdC5KBrxXfVlgUd7uNTz_tGCXsRRN7vUd4N4lYHzK-7QmpLt15Ei3RkZwgbb5z0I-7hgB%26sig%3DAOD64_1nqJijob2XSlHeCr6XKrjTAKRQVQ%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQWXjMwudObANJGhEXUH61Ko41GFD16rl9VWTO-zKuNH432JtFCxEtZAq4EKGim6oNvkx8Seazr4sTQPmad7FmO8JeeDZGU2DHYxCaGduA4jXuZZ22-0_CUMmhOIKZ9xuDPWdxD-p3g-N3ijcFS_YvjHKur8orHzmff9MjuwPGojqEFak%26cry%3D1%26dbm_d%3DAKAmf-C1BzxjL-lJQQkAl4XB01zAn0kL4YoXbp00RasXQGAtVJbZklQ6smMPtjj-zS7FI6_ugOLq4LAcxkCAdwgGEc9T_CZNrAZx0AOgKQ-a8yur3nCj5dpSqw9KWAYsDBekTvHsgNWC7dFdVC3Ns5CXJuNFQQD0WkgK6iqCmwzyVtsGIDLDlhyKwXdP4Pwz7pqW3M4xDvS3zhs0jSZep_g6Hgoa7Nx2FM_OwVWGmplNxjqsRrd644qzmXPhgvZe0i-fnY_MoyQSAxjNo5UU1WS1LiHlfwxuotUS9ee9axvXTmm4gpBwAWcgP2-GtSVRWCRj36Ysl-5hryOb6i3YAYXp_eQ7Ph7J_PSLokjt5Fdpzzl4hS2N4DYPZIEdDQrPnIaip0QEibpLscR7GA28pyTdgzU4bs-WYeVVrD4OCEMLu_PBsgmoPhllFh1wkuOvSq9CQ_kl3-PPBO0J6DDo591yT-mWhFSlqL54WnyvRjRGVNq3vQrfJ_wYGorsSBT5sX5ixKdPk7_3%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=8321847774517&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 212

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=93229600138263504444550012531001&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3369967619

Request Chain 216

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1293498957276.0847 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJe-xYGP_oIDFX5GHgId5qAJmg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1293498957276.0847

Request Chain 218

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=93229600138263504444550012531001&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=93229600138263504444550012531001&t=htlp&gdpr=1&consent=1&gdpr_consent=

242 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
lelive.weebly.com/
Redirect Chain

http://lelive.weebly.com/
https://lelive.weebly.com/

122 KB
23 KB

636ms
245ms

Document
text/html

199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: Apache /
Resource Hash: da215ae452ce0f274cc606474fe749f8a6db9551543d94e22beefd29d37ae49a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 22549
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Dec 2023 20:01:46 GMT
ETag: W/"3c8b03a534895dcfcfdcd2566d4c6409-gzip"
Keep-Alive: timeout=10, max=71
Server: Apache
Vary: X-W-SSL,Accept-Encoding,User-Agent
X-Host: grn147.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1

Redirect headers

Connection: Keep-Alive
Content-Length: 350
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Dec 2023 20:01:45 GMT
Keep-Alive: timeout=10, max=44
Location: https://lelive.weebly.com/
Server: Apache
Vary: X-W-SSL,User-Agent
X-Host: grn106.sf2p.intern.weebly.net
X-UA-Compatible: IE=edge,chrome=1

GET
H2 200 sites.css
cdn2.editmysite.com/css/ 206 KB
29 KB 214ms
61ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/sites.css?buildTime=1695407040
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5b6bd64c8f7d37dd7bd34e3760cfffa93a982937376e2c02708f63c35c645a07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 404, 1
date: Thu, 07 Dec 2023 20:01:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 278726
x-cache: HIT, HIT
x-host: blu48.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29663
x-served-by: cache-sjc1000123-SJC, cache-sof1510024-SOF
last-modified: Sun, 03 Dec 2023 23:08:13 GMT
server: nginx
x-timer: S1701979307.681969,VS0,VE2
etag: W/"656d0a5d-337f6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Mon, 18 Dec 2023 14:36:20 GMT

GET
H2 200 fancybox.css
cdn2.editmysite.com/css/old/ 4 KB
1 KB 214ms
61ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/old/fancybox.css?1695407040
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 1165, 1
date: Thu, 07 Dec 2023 20:01:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 559961
x-cache: HIT, HIT
x-host: grn43.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1218
x-served-by: cache-sjc1000141-SJC, cache-sof1510024-SOF
last-modified: Thu, 30 Nov 2023 20:34:26 GMT
server: nginx
x-timer: S1701979307.681923,VS0,VE2
etag: "6568f1d2-f47"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Fri, 15 Dec 2023 08:29:04 GMT

GET
H2 200 social-icons.css
cdn2.editmysite.com/css/ 13 KB
2 KB 68ms
68ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/social-icons.css?buildtime=1695407040
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0cfbd18a308599498691e5c5bcea11d5826b7d039388de71f6c6760797a78037

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 1688, 1
date: Thu, 07 Dec 2023 20:01:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 803829
x-cache: HIT, HIT
x-host: grn19.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1640
x-served-by: cache-sjc10054-SJC, cache-sof1510024-SOF
last-modified: Wed, 22 Nov 2023 22:54:09 GMT
server: nginx
x-timer: S1701979307.716826,VS0,VE2
etag: W/"655e8691-3319"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 12 Dec 2023 12:44:37 GMT

GET
H/1.1 200
OK main_style.css
lelive.weebly.com/files/ 52 KB
8 KB 194ms
194ms Stylesheet
text/css 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/files/main_style.css?1695475049
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: 3d82a30f93efc36ce7c910d93e783da263c69d71fce36b40c74bad6761e6f784

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:46 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Content-Type: text/css
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Host: grn141.sf2p.intern.weebly.net
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type

GET
H2 200 font.css
cdn2.editmysite.com/fonts/Cabin/ 2 KB
516 B 66ms
66ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Cabin/font.css?2
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b4f2de5b6b0ce67eb0bdb6bdb1a0272ce6c6a17d9632ec9a090565d339836ab1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 5937, 11
date: Thu, 07 Dec 2023 20:01:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 720266
x-cache: HIT, HIT
x-host: blu97.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 323
x-served-by: cache-sjc10064-SJC, cache-sof1510024-SOF
last-modified: Wed, 29 Nov 2023 00:53:24 GMT
server: nginx
x-timer: S1701979307.716824,VS0,VE0
etag: "65668b84-6ae"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 13 Dec 2023 11:57:20 GMT

GET
H2 200 font.css
cdn2.editmysite.com/fonts/Montserrat/ 852 B
596 B 67ms
67ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Montserrat/font.css?2
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cf91769ae11889ad46b8090d0d4d58a4621f2bcea35d1d8d96ea5e38ba34ee73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 9131
date: Thu, 07 Dec 2023 20:01:46 GMT
content-encoding: gzip
via: 1.1 varnish
age: 730381
x-cache: HIT
x-host: etl187.las.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 276
x-served-by: cache-sof1510024-SOF
last-modified: Wed, 29 Nov 2023 00:53:25 GMT
server: nginx
x-timer: S1701979307.717126,VS0,VE0
etag: "65668b85-354"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 13 Dec 2023 09:08:45 GMT

GET
H/1.1 200
OK templateArtifacts.js Show response
lelive.weebly.com/files/ 7 KB
2 KB 371ms
192ms Script
application/x-javascript 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/files/templateArtifacts.js?1695475049
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: 5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:46 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS
Content-Type: application/x-javascript
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
X-Host: grn50.sf2p.intern.weebly.net
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Authorization, Content-Type

GET
H2 200 jquery-1.8.3.min.js Show response
cdn2.editmysite.com/js/ 91 KB
33 KB 64ms
63ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 19, 32344
date: Thu, 07 Dec 2023 20:01:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 766412
x-cache: HIT, HIT
x-host: grn149.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33467
x-served-by: cache-sjc10032-SJC, cache-sof1510024-SOF
last-modified: Wed, 22 Nov 2023 22:54:01 GMT
server: nginx
x-timer: S1701979307.736168,VS0,VE0
etag: "655e8689-16dc4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 12 Dec 2023 23:08:15 GMT

GET
H2 200 stl.js Show response
cdn2.editmysite.com/js/lang/zh/ 174 KB
35 KB 245ms
244ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/lang/zh/stl.js?buildTime=1695407040&
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b3d6d3457ddbc28733708a97511fcd0f5ab4adfc553f667319d8a3b2c5fd9fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 7, 0
date: Thu, 07 Dec 2023 20:01:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 337361
x-cache: HIT, MISS
x-host: grn79.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 35592
x-served-by: cache-sjc10083-SJC, cache-sof1510024-SOF
last-modified: Sun, 03 Dec 2023 20:36:01 GMT
server: nginx
x-timer: S1701979307.735881,VS0,VE183
etag: "656ce6b1-2b716"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Sun, 17 Dec 2023 22:19:05 GMT

GET
H2 200 main.js Show response
cdn2.editmysite.com/js/site/ 466 KB
143 KB 75ms
74ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/main.js?buildTime=1695407040
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 593fec175b00a1f118f77bb8ed378e857e9f1225f0fc019fcea508b27da53cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 17, 1
date: Thu, 07 Dec 2023 20:01:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 817659
x-cache: HIT, HIT
x-host: blu107.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 146401
x-served-by: cache-sjc10053-SJC, cache-sof1510024-SOF
last-modified: Wed, 22 Nov 2023 22:54:32 GMT
server: nginx
x-timer: S1701979307.740225,VS0,VE5
etag: "655e86a8-74804"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 12 Dec 2023 08:54:08 GMT

GET
H2 200 commerce-core.js Show response
cdn2.editmysite.com/js/site/ 61 KB
17 KB 63ms
63ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/commerce-core.js?buildTime=1695407040
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c92cb0522b1d208dc559aa35f8a3c3ce7b922ab57a5475691ef9b13e453d912a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 509, 1
date: Thu, 07 Dec 2023 20:01:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 784592
x-cache: HIT, HIT
x-host: grn114.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17388
x-served-by: cache-sjc1000094-SJC, cache-sof1510024-SOF
last-modified: Wed, 22 Nov 2023 22:54:32 GMT
server: nginx
x-timer: S1701979307.735721,VS0,VE1
etag: "655e86a8-f57e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 12 Dec 2023 18:05:14 GMT

GET
H2 200 main-commerce-browse.js Show response
cdn2.editmysite.com/js/site/ 63 KB
17 KB 63ms
63ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/main-commerce-browse.js?buildTime=1695407040
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7ea7eb2db1daff0d7aa92a53783cec476e61fd78cad5750960db0e78fe161a7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 37, 1
date: Thu, 07 Dec 2023 20:01:46 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 715825
x-cache: HIT, HIT
x-host: grn93.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17017
x-served-by: cache-sjc10022-SJC, cache-sof1510024-SOF
last-modified: Wed, 29 Nov 2023 00:57:12 GMT
server: nginx
x-timer: S1701979307.735611,VS0,VE2
etag: "65668c68-fa44"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 13 Dec 2023 13:11:21 GMT

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
700 B 619ms
233ms Script
text/html 74.115.50.110
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=728943538380729393&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=000000&bgcolor=000000&linkcolor=FFFFFF&textcolor=CCCCCC&urlcolor=999999
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.110 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: d6ce93a92222ddec5150f9d4788ea2e4df4108d21666ed8a47a3977c8abb1363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: blu62.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=69
Content-Length: 304
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 574 B
702 B 629ms
243ms Script
text/html 74.115.50.110
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=505443558143390018&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.110 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 6d78ef2f662f5d46e6f413692e17f19c592a701035e01f7be6165768af75d195

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: blu40.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=49
Content-Length: 306
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK webp-net-gifmaker.gif
lelive.weebly.com/uploads/7/7/0/3/77032051/published/ 216 KB
217 KB 571ms
201ms Image
image/gif 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/published/webp-net-gifmaker.gif?1633195245
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: 66b9bd62e2a6489437cc7b3fbcd931b99bdef0731d8abc27faae0cc7184626ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
X-Storage-Object: 66b9bd62e2a6489437cc7b3fbcd931b99bdef0731d8abc27faae0cc7184626ff
Last-Modified: Sat, 02 Oct 2021 17:20:51 GMT
Server: nginx
x-amz-request-id: tx000000bb360ce2c63b332-0064af9bbc-db1c67d-sfo1
ETag: "657ada42d48af91f73256f9885a02689"
Content-Type: image/gif
x-rgw-object-type: Normal
X-Storage-Bucket: z66b9
X-Host: grn62.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 221276

GET
H/1.1 200
OK webp-net-gifmaker-1.gif
lelive.weebly.com/uploads/7/7/0/3/77032051/published/ 364 KB
364 KB 600ms
218ms Image
image/gif 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/published/webp-net-gifmaker-1.gif?1633079891
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: 7e3f976c2c4dde40f1a02ee46c1b1fe52274e3b5504330001f430e8c49cee197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
X-Storage-Object: 7e3f976c2c4dde40f1a02ee46c1b1fe52274e3b5504330001f430e8c49cee197
Last-Modified: Fri, 01 Oct 2021 09:18:11 GMT
Server: nginx
x-amz-request-id: tx00000c5e323106e9cefbd-0064b8faef-db1a099-sfo1
ETag: "23443fb7723ce8aaf7fbf969f345d849"
Content-Type: image/gif
x-rgw-object-type: Normal
X-Storage-Bucket: z7e3f
X-Host: grn62.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 372628

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
703 B 433ms
222ms Script
text/html 74.115.50.110
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=624358142503171732&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.110 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 2b6fb0ac94d87d6b40064bf2f8d3bb86b12763753c22f80a300e379a2c43a4f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn13.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=70
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
703 B 438ms
214ms Script
text/html 74.115.50.110
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=462033732328113390&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.110 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: blu46.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=45
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
704 B 600ms
232ms Script
text/html 74.115.50.110
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=640257324145581103&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.110 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn109.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=31
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
703 B 597ms
225ms Script
text/html 74.115.50.110
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=552702152350086236&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=234x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.110 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: e8821034e71a6846405afa2bf49ff6c54799c542462e165c0e1a722c1ecccaab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn30.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=75
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
640 B 229ms
228ms Script
text/html 74.115.50.110
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=421482100300384280&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.110 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 2b6fb0ac94d87d6b40064bf2f8d3bb86b12763753c22f80a300e379a2c43a4f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn13.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=65
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK 1847905122.png
lelive.weebly.com/uploads/7/7/0/3/77032051/editor/ 666 KB
666 KB 195ms
194ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/editor/1847905122.png?1578339909
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: 3704514135a2ee6042c185a2822cdecba0b26192fccd0f92fbae1dd383668c71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
X-Storage-Object: 3704514135a2ee6042c185a2822cdecba0b26192fccd0f92fbae1dd383668c71
Last-Modified: Mon, 06 Jan 2020 19:45:01 GMT
Server: nginx
x-amz-request-id: tx00000a234944ccb18b72e-0064cd8d0e-db1a051-sfo1
ETag: "2b6ca3176300f1badc0f4c140ab43495"
Content-Type: image/png
x-rgw-object-type: Normal
X-Storage-Bucket: z3704
X-Host: blu33.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 681728

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
640 B 226ms
226ms Script
text/html 74.115.50.110
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=313710685213427552&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.110 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn13.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=62
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 581 B
640 B 229ms
229ms Script
text/html 74.115.50.110
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=525252718564449301&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=300x250&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.110 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 094a6590bee6ff08b4562f09ee54e0b4c0ef6ae9a0698f1e4dd82f3ad9687d5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn13.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=73
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK 1163223583_orig.png
lelive.weebly.com/uploads/7/7/0/3/77032051/ 467 KB
467 KB 205ms
204ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/1163223583_orig.png
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: 92e5b01fdfb274bc715d8ad5a4ff8ef7262d7467a23657e88f4562c05adbffdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
X-Storage-Object: 92e5b01fdfb274bc715d8ad5a4ff8ef7262d7467a23657e88f4562c05adbffdb
Last-Modified: Mon, 06 Jan 2020 20:19:15 GMT
Server: nginx
x-amz-request-id: tx00000e12fcdba0e1b5ee2-0064ba8830-db1c716-sfo1
ETag: "6b816d2097076c934851bf81f7f49537"
Content-Type: image/png
x-rgw-object-type: Normal
X-Storage-Bucket: z92e5
X-Host: grn121.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 478028

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
640 B 208ms
208ms Script
text/html 74.115.50.110
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=103887850534687975&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.110 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: blu46.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=44
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
640 B 206ms
206ms Script
text/html 74.115.50.110
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=892243738160099283&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.110 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn30.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=75
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK 1127343908_orig.png
lelive.weebly.com/uploads/7/7/0/3/77032051/ 385 KB
385 KB 790ms
192ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/1127343908_orig.png
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: 48ea13cf7f03e447f96b6fa72496d962cdb27cd611a5b4e643354f85f800b9f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
X-Storage-Object: 48ea13cf7f03e447f96b6fa72496d962cdb27cd611a5b4e643354f85f800b9f0
Last-Modified: Tue, 09 Jul 2019 03:41:29 GMT
Server: nginx
x-amz-request-id: tx00000f4d5f1e440a3a6d3-006562f453-db1a051-sfo1
ETag: "9664c8fce58495ccb5a0bc33e7d49cb8"
Content-Type: image/png
x-rgw-object-type: Normal
X-Storage-Bucket: z48ea
X-Host: blu82.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 393982

GET
H/1.1 200
OK 1029564595.jpg
lelive.weebly.com/uploads/7/7/0/3/77032051/published/ 39 KB
39 KB 233ms
231ms Image
image/jpeg 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/published/1029564595.jpg?1632845524
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: 06e9d4c0c519d72b481e8f1f427b568f5468ce0eb9cb1cc0a554ac3925970070

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:48 GMT
X-Storage-Object: 06e9d4c0c519d72b481e8f1f427b568f5468ce0eb9cb1cc0a554ac3925970070
Last-Modified: Tue, 28 Sep 2021 16:12:04 GMT
Server: nginx
x-amz-request-id: tx00000047a77ccf6b4ce80-0064cf11b7-db1c716-sfo1
ETag: "69e6289b1545e8136e9fecaca1d41196"
Content-Type: image/jpeg
x-rgw-object-type: Normal
X-Storage-Bucket: z06e9
X-Host: blu33.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39724

GET
H/1.1 200
OK 1003025771.jpg
lelive.weebly.com/uploads/7/7/0/3/77032051/editor/ 27 KB
28 KB 202ms
202ms Image
image/jpeg 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/editor/1003025771.jpg?1562643759
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: a859cebdde9b57c94d1e5e9dee2c3e42aff28bb99644deef15d7e15dff566450

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:48 GMT
X-Storage-Object: a859cebdde9b57c94d1e5e9dee2c3e42aff28bb99644deef15d7e15dff566450
Last-Modified: Tue, 09 Jul 2019 03:42:39 GMT
Server: nginx
x-amz-request-id: tx00000f8770bbfbd70767f-0064ce358d-db1c67d-sfo1
ETag: "51efaa7647a565dc26b1905565b9ee27"
Content-Type: image/jpeg
x-rgw-object-type: Normal
X-Storage-Bucket: za859
X-Host: blu120.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27863

GET
H/1.1 200
OK 1202643573_orig.jpg
lelive.weebly.com/uploads/7/7/0/3/77032051/ 93 KB
94 KB 202ms
201ms Image
image/jpeg 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/1202643573_orig.jpg
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: 4dc93ba28625d775dd7e9298da5dcb6f7feb5581d35ed9263b80b546b2bff072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:48 GMT
X-Storage-Object: 4dc93ba28625d775dd7e9298da5dcb6f7feb5581d35ed9263b80b546b2bff072
Last-Modified: Tue, 28 Sep 2021 16:03:11 GMT
Server: nginx
x-amz-request-id: tx00000dcf2c196173f6c21-0064c5b802-db1c716-sfo1
ETag: "e73478a7344bc7b777830740b0c588eb"
Content-Type: image/jpeg
x-rgw-object-type: Normal
X-Storage-Bucket: z4dc9
X-Host: grn121.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 95547

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
641 B 217ms
216ms Script
text/html 74.115.50.110
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=117595008979775322&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.110 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn109.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=68
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
641 B 233ms
233ms Script
text/html 74.115.50.110
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=552573448432664685&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.110 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn109.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=30
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H/1.1 200
OK serveAds.php Show response
www.weebly.com/weebly/apps/ 579 B
641 B 216ms
216ms Script
text/html 74.115.50.110
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=885823029419344753&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.115.50.110 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: www.weebly.com
Software: Apache /
Resource Hash: 5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
X-W-DC: SFO
X-Host: grn109.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=64
Content-Length: 307
X-UA-Compatible: IE=edge,chrome=1

GET
H2 200 footer-toast-published-image-1.png
cdn2.editmysite.com/images/site/footer/ 9 KB
10 KB 59ms
58ms Image
image/png 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/site/footer/footer-toast-published-image-1.png
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Sat, 05 Nov 2022 02:02:32 GMT
date: Thu, 07 Dec 2023 20:01:47 GMT
via: 1.1 varnish
age: 148969
x-guploader-uploadid: ADPycdv2L-qSZ4GBCvtgZrWZc0P_h5P7Gx5P3dN6d2nHDSUfVZhqDlMVG8HVn1wcXmTLuxoJ3zhNGNL31L48oQkevlp3GEuDy4_y
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9677
x-served-by: cache-sof1510024-SOF
last-modified: Tue, 12 Feb 2019 18:19:08 GMT
server: UploadServer
x-timer: S1701979307.145817,VS0,VE0
etag: "6e0f7ad31bf187e0d88fc5787573ba71"
x-goog-generation: 1549995548326466
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=QhrKCw==, md5=bg960xvxh+DYj8V4dXO6cQ==
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 9677
accept-ranges: bytes
x-cache-hits: 4916

GET
H2 200 footerSignup.js Show response
cdn2.editmysite.com/js/site/ 4 KB
2 KB 65ms
64ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/footerSignup.js?buildTime=1701968574
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 33, 322
date: Thu, 07 Dec 2023 20:01:47 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 10606
x-cache: HIT, HIT
x-host: grn144.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1372
x-served-by: cache-sjc10031-SJC, cache-sof1510024-SOF
last-modified: Thu, 07 Dec 2023 16:11:11 GMT
server: nginx
x-timer: S1701979307.148654,VS0,VE0
etag: "6571ee9f-e10"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 21 Dec 2023 17:05:01 GMT

GET
H/1.1 200
OK plugins.js Show response
lelive.weebly.com/files/theme/ 83 KB
19 KB 1143ms
212ms Script
application/javascript 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/files/theme/plugins.js?1530561231
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: 2829e73e900aef1b3608efa7458c3cfc249e334cd561b2d33ecd84a6ef189cf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:48 GMT
Content-Encoding: gzip
X-Storage-Object: 2829e73e900aef1b3608efa7458c3cfc249e334cd561b2d33ecd84a6ef189cf8
Last-Modified: Wed, 28 Jul 2021 13:27:14 GMT
Server: nginx
x-amz-request-id: tx000000000000002386abf-006284f8ad-b9fbc20-sfo1
ETag: W/"a8bf2ebe41b28e96d5d8deb2b83e0ee3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
x-rgw-object-type: Normal
X-Storage-Bucket: z2829
X-Host: blu33.sf2p.intern.weebly.net
Connection: keep-alive

GET
H/1.1 200
OK custom.js Show response
lelive.weebly.com/files/theme/ 7 KB
2 KB 194ms
193ms Script
application/javascript 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/files/theme/custom.js?1530561231
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: 5feb822d8698f127f0f85d3edf620c63ff5189509fb85992c1d74abbd25d83ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:48 GMT
Content-Encoding: gzip
X-Storage-Object: 5feb822d8698f127f0f85d3edf620c63ff5189509fb85992c1d74abbd25d83ee
Last-Modified: Thu, 02 Jan 2020 17:35:32 GMT
Server: nginx
x-amz-request-id: tx000007a8b8a6f542ed8ac-006564eaa5-db1a099-sfo1
ETag: W/"5da53b567e46be3a2bd71096fb2995bc"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
x-rgw-object-type: Normal
X-Storage-Bucket: z5feb
X-Host: grn126.sf2p.intern.weebly.net
Connection: keep-alive

GET
H/1.1 200
OK mobile.js Show response
lelive.weebly.com/files/theme/ 16 KB
5 KB 193ms
193ms Script
application/javascript 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/files/theme/mobile.js?1530561231
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: e35cdae965132932644d580706fba96e1b54e9affbe3abab406e54e95d17a0cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:48 GMT
Content-Encoding: gzip
X-Storage-Object: e35cdae965132932644d580706fba96e1b54e9affbe3abab406e54e95d17a0cd
Last-Modified: Tue, 23 Jul 2019 14:31:29 GMT
Server: nginx
x-amz-request-id: tx000002df82b66c7f2b193-006514a8e4-db1eedd-sfo1
ETag: W/"07e9e6c62f36b3d745591589ed2c0103"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
x-rgw-object-type: Normal
X-Storage-Bucket: ze35c
X-Host: grn47.sf2p.intern.weebly.net
Connection: keep-alive

GET
H2 200 main-customer-accounts-site.js Show response
cdn2.editmysite.com/js/site/ 522 KB
156 KB 64ms
64ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/site/main-customer-accounts-site.js?buildTime=1695407040
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 207ec261a8530654204ada78a03b0cc6c129c09bac87013c3a8bb3bedfe84be6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 2325, 1
date: Thu, 07 Dec 2023 20:01:47 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 719807
x-cache: HIT, HIT
x-host: grn79.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 159104
x-served-by: cache-sjc10070-SJC, cache-sof1510024-SOF
last-modified: Wed, 29 Nov 2023 00:57:12 GMT
server: nginx
x-timer: S1701979307.145851,VS0,VE3
etag: "65668c68-826d7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 13 Dec 2023 12:05:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 141ms
56ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-131254328-2

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5bae180e27200935c17d52f102255c8f973050e79c461f18c73fc3eb7d454d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68969
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Dec 2023 20:01:47 GMT

GET
H/1.1 200
OK masthead-search.png
lelive.weebly.com/files/theme/images/ 1 KB
2 KB 573ms
213ms Image
image/png 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/files/theme/images/masthead-search.png?1695475049
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/files/main_style.css?1695475049
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: 73ba0f5e3000b016d82851828b4fc6ce832c3bf4cc3d65a6f9c0441ffda988ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/files/main_style.css?1695475049
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
X-Storage-Object: 73ba0f5e3000b016d82851828b4fc6ce832c3bf4cc3d65a6f9c0441ffda988ab
Last-Modified: Fri, 14 May 2021 00:21:57 GMT
Server: nginx
x-amz-request-id: tx000007676b7c8fe5ebcdb-006514aa14-db1a051-sfo1
ETag: "efe8ae967b2f94943e7529ef7c71d757"
Content-Type: image/png; charset=binary
x-rgw-object-type: Normal
X-Storage-Bucket: z73ba
X-Host: grn121.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1303

GET
H/1.1 200
OK 15050128.jpg
lelive.weebly.com/uploads/7/7/0/3/77032051/background-images/ 280 KB
280 KB 565ms
205ms Image
image/jpeg 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/background-images/15050128.jpg
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: e14430a71349a408afb658f0e495e5f15723da8d183ee851b98aefea80d8be14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:47 GMT
X-Storage-Object: e14430a71349a408afb658f0e495e5f15723da8d183ee851b98aefea80d8be14
Last-Modified: Mon, 18 Mar 2019 14:38:58 GMT
Server: nginx
x-amz-request-id: tx00000b78cee442cacb6c4-006568aa04-db1c67d-sfo1
ETag: "902048c8c7467226e7ace064c78e99e3"
Content-Type: image/jpeg
x-rgw-object-type: Normal
X-Storage-Bucket: ze144
X-Host: blu78.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 286251

GET
H3 200 bold.woff2
cdn2.editmysite.com/fonts/Montserrat/ 13 KB
13 KB 127ms
58ms Font
font/woff2 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Montserrat/bold.woff2
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/fonts/Montserrat/font.css?2
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da

Request headers

Referer: https://cdn2.editmysite.com/fonts/Montserrat/font.css?2
Origin: https://lelive.weebly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 35, 3677
date: Thu, 07 Dec 2023 20:01:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 886565
x-cache: HIT, HIT
x-host: blu93.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12848
x-served-by: cache-sjc10033-SJC, cache-sof1510034-SOF
last-modified: Wed, 22 Nov 2023 21:22:38 GMT
server: nginx
x-timer: S1701979307.227294,VS0,VE0
etag: "655e711e-3230"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Mon, 11 Dec 2023 13:45:41 GMT

GET
H3 200 bold.woff2
cdn2.editmysite.com/fonts/Cabin/ 15 KB
15 KB 129ms
60ms Font
font/woff2 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Cabin/bold.woff2
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/fonts/Cabin/font.css?2
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 45a8badf06824c87461905a8b1871fc3ca3eb5934cee490deadad743ebf99661

Request headers

Referer: https://cdn2.editmysite.com/fonts/Cabin/font.css?2
Origin: https://lelive.weebly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 26, 3
date: Thu, 07 Dec 2023 20:01:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 735839
x-cache: HIT, HIT
x-host: blu88.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15168
x-served-by: cache-sjc1000138-SJC, cache-sof1510034-SOF
last-modified: Wed, 29 Nov 2023 00:53:24 GMT
server: nginx
x-timer: S1701979307.227989,VS0,VE0
etag: "65668b84-3b40"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 13 Dec 2023 07:37:48 GMT

GET
H3 200 wsocial.woff
cdn2.editmysite.com/fonts/wSocial/ 3 KB
3 KB 128ms
59ms Font
font/woff 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/wSocial/wsocial.woff?ts=1700693649540
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/social-icons.css?buildtime=1695407040
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e8106b06fab14948098cae97983eafbe1a60643ac725b2a029e4da57d43854df

Request headers

Referer: https://cdn2.editmysite.com/css/social-icons.css?buildtime=1695407040
Origin: https://lelive.weebly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 85, 5
date: Thu, 07 Dec 2023 20:01:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 74880
x-cache: HIT, HIT
x-host: grn77.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2636
x-served-by: cache-sjc1000084-SJC, cache-sof1510034-SOF
last-modified: Wed, 06 Dec 2023 19:28:40 GMT
server: nginx
x-timer: S1701979307.227976,VS0,VE0
etag: "6570cb68-a4c"
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Wed, 20 Dec 2023 23:13:47 GMT

GET
H3 200 regular.woff2
cdn2.editmysite.com/fonts/Cabin/ 15 KB
15 KB 128ms
61ms Font
font/woff2 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Cabin/regular.woff2
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/fonts/Cabin/font.css?2
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a3d8afcbc68d3ae65312e50ce252f5eb4cb817d3fe39452bd37a76f896ab5921

Request headers

Referer: https://cdn2.editmysite.com/fonts/Cabin/font.css?2
Origin: https://lelive.weebly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 29, 1
date: Thu, 07 Dec 2023 20:01:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 812860
x-cache: HIT, HIT
x-host: grn138.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 15476
x-served-by: cache-sjc1000117-SJC, cache-sof1510034-SOF
last-modified: Wed, 22 Nov 2023 21:22:37 GMT
server: nginx
x-timer: S1701979307.227445,VS0,VE1
etag: "655e711d-3c74"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 12 Dec 2023 10:14:08 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 25 KB
10 KB 186ms
97ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.weebly.com
URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=728943538380729393&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=000000&bgcolor=000000&linkcolor=FFFFFF&textcolor=CCCCCC&urlcolor=999999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20f297290d2dcb56a2eca6afa2f0adae9302a8706d145d089619c1e1d34bd0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 07 Dec 2023 20:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10293
x-xss-protection: 0
server: cafe
etag: 8099656315608996159
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 20:01:47 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 112ms
111ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

926b9bea9a4dd853c38e61ece4814e42e48811867e9bd010603586bd7cbbab8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51783
x-xss-protection: 0
server: cafe
etag: 3210181835568164393
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 20:01:47 GMT

GET
H2

200

embed.html Show response
widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/ Frame AF94
Redirect Chain

https://widgetic.com/wbl/app/53f6253e09c7e204038b4567?wbl[wid]=069b0a64-e565-4ce4-8775-ddeb28af730c&wbl[uid]=77032051&wbl[sid]=693506005579234598&prod&autoscale=
https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com

50 KB
17 KB

243ms
242ms

Document
text/html

2606:4700:3036::6815:531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de7256bfdd2d91fc7f7879d997bc466869be4e81d3914afcf8547b09c3422f19

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600, public
cf-cache-status: DYNAMIC
cf-ray: 831f5cd1dd4265bb-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 20:01:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXmquvn0SlC%2BAA7nNj%2BGXh3mwyoR1SAAvVXoSaHhr%2BwRkG%2BfNM%2BxPLQxKDevaGriyO3BCHS%2FOuTSDb%2F5CgDURSfAt8Tm7ENOg6P4jKMP6F3aUmzEOeo2ZcwOcNgv1lDADTdBygvLz%2FzTZ4c%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
x-varnish: 58598579
xkey: composition:60eaad0decb2a1062b8b4569 widget:53f6253e09c7e204038b4567 user:60eaac9eecb2a1cf2a8b4567

Redirect headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache
cf-cache-status: DYNAMIC
cf-ray: 831f5cd0db9065bb-FRA
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 20:01:47 GMT
location: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85rdfSBGZVCA6nsYjvadI0NS54g%2FtRKlsX1Nx7uIXrlw2WgyAC2KS3FeYu17PP8a%2B2htDHUzE4w2VIsbC%2FKiVZM8j22xpGxZNDmPLEgxKuUte5wSXq%2Bn7laZdZlKrDRAGzkrGqkD5l4TdDo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept
via: 1.1 varnish-v4
x-cache: MISS
x-cache-hits: 0
x-powered-by: Express
x-varnish: 56715898

GET
H2 200 sdk.js Show response
widgetic.com/wbl/js/ 39 KB
13 KB 48ms
47ms Script
application/javascript 2606:4700:3036::6815:531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/wbl/js/sdk.js
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1cb008aaed1aabc56491ab1f185a8e9ef880be41c28c05971875febb211ad43d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:47 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52111
x-powered-by: Express
x-cache: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 25 Aug 2022 13:08:46 GMT
server: cloudflare
etag: W/"9ba3-206806219"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DokaPgdX2uB5xrTCTBU1S%2FcxkWtNlJONAC9B8g8nBR7ao33I8kBe0jgVZbENWC51ooCxK1MsjKirh2GpTBQmCrCFOh1JthBJCTLg1BGd9xZ%2BlYhJRi%2FljP3t2ocOpqMnMXatW0IzDrxVCHQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 777258457
cache-control: public, max-age=86400
cf-ray: 831f5cd1cd0965bb-FRA
x-cache-hits: 0

GET
H3 200 regular.woff2
cdn2.editmysite.com/fonts/Montserrat/ 12 KB
13 KB 58ms
58ms Font
font/woff2 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/Montserrat/regular.woff2
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/fonts/Montserrat/font.css?2
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394

Request headers

Referer: https://cdn2.editmysite.com/fonts/Montserrat/font.css?2
Origin: https://lelive.weebly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 27, 2291
date: Thu, 07 Dec 2023 20:01:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 200243
x-cache: HIT, HIT
x-host: blu32.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12708
x-served-by: cache-sjc1000136-SJC, cache-sof1510034-SOF
last-modified: Mon, 04 Dec 2023 18:03:39 GMT
server: nginx
x-timer: S1701979308.557632,VS0,VE0
etag: "656e147b-31a4"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Tue, 19 Dec 2023 12:24:24 GMT

GET
H2 200 dTk3BO54_8Y Show response
www.youtube.com/embed/ Frame F1ED 93 KB
41 KB 250ms
164ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a9ed5659968e2191d404b3b2c3ed088f172c3acefe53685091af1723f32f0fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-ZBsHOXINXhAM14-G9J-a4Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK 2082040671.jpg
lelive.weebly.com/uploads/7/7/0/3/77032051/background-images/ 172 KB
173 KB 195ms
195ms Image
image/jpeg 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lelive.weebly.com/uploads/7/7/0/3/77032051/background-images/2082040671.jpg
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: nginx /
Resource Hash: 692fb6d0172aaf378428ac4cf4c73e80ae57fed66494994eb81534593117f17a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:48 GMT
X-Storage-Object: 692fb6d0172aaf378428ac4cf4c73e80ae57fed66494994eb81534593117f17a
Last-Modified: Mon, 18 Mar 2019 14:40:18 GMT
Server: nginx
x-amz-request-id: tx0000000000000026683b1-006419de0a-d84b68f-sfo1
ETag: "edc8edd8d583b8d4661931a93b7d552e"
Content-Type: image/jpeg
x-rgw-object-type: Normal
X-Storage-Bucket: z692f
X-Host: grn140.sf2p.intern.weebly.net
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 176369

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 398 KB
134 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=pub-1181746742151021&plah=lelive.weebly.com&bust=31079954

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f79ac0ee603222655ae5aa87a575abbdab4f577d680d0c0f39ab2cba0ad3fc5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137571
x-xss-protection: 0
server: cafe
etag: 17853512824055048290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 20:01:47 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 67AB 9 KB
4 KB 125ms
39ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 19:15:44 GMT
etag: 5585625838579639069
expires: Thu, 21 Dec 2023 19:15:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 MzIH2rn72NE Show response
www.youtube.com/embed/ Frame 4344 93 KB
40 KB 270ms
270ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f03fc3b1a0c54b12cfbe8d9054a3a625934c4d4cd77658dbdbb4cef1792669f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:47 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/31e0b6d9/ Frame F1ED 378 KB
48 KB 39ms
39ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48920
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 18:10:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F1ED 15 KB
16 KB 125ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 592491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F1ED 15 KB
15 KB 134ms
49ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 82820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:01:27 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame F1ED 52 KB
16 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45ea1febaa3bfa8f5c4711c1ed96c1971654f98d5bcc5cf69d90a555f79a0c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 261553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16591
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 03 Dec 2024 19:22:34 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/ Frame F1ED 321 KB
96 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98499
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 19:41:25 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame F1ED 2 MB
767 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6329a84811954311b5424bbab6ac2dcc70441841a9b1fd441e3315cf540a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 785355
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 19:32:51 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 06D2 107 KB
40 KB 659ms
659ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3728641180&adf=1460459252&w=468&lmt=1701979307&ad_type=text_image&format=468x60_as&color_bg=000000&color_border=000000&color_link=FFFFFF&color_text=CCCCCC&color_url=999999&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=000000&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307523&bpp=206&bdt=1018&idt=451&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&correlator=8492969922840&frm=20&pv=2&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=566&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=463

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=pub-1181746742151021&plah=lelive.weebly.com&bust=31079954

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32e9a29e78dd65b80e20711f9ebba6658041be0433d3816fbee838224ce8236d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40847
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Thu, 07 Dec 2023 20:01:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C1F 746 B
536 B 565ms
564ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=3566803071&adf=4055878447&w=728&lmt=1701979307&ad_type=image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307528&bpp=202&bdt=1023&idt=463&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=465

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

542b06715445bac737aaa67c8eb5e5047a4e7518a0e0f81b5c3fafd54d677efc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 368
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Thu, 07 Dec 2023 20:01:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D14 25 KB
11 KB 801ms
799ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1701979307&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307554&bpp=177&bdt=1050&idt=441&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=444

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4753034e14b95b379f1bcf041ea0c16174120f54f45d6f1438e8e461e400796

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11287
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Thu, 07 Dec 2023 20:01:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B766 746 B
533 B 568ms
568ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=2776088540&adf=2540194251&w=468&lmt=1701979308&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307565&bpp=166&bdt=1060&idt=434&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=919&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=437

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27e1872f996204c8622b2f5ecc29ba3e0f73aa3d7d53c0669947e564b228e0ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 365
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Thu, 07 Dec 2023 20:01:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F201 746 B
540 B 451ms
449ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=3310464510&w=468&lmt=1701979308&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307765&bpp=2&bdt=1261&idt=241&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=2301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=243

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b8fd3d2568e7df7597ff4f2de76bf46f35c3298cd19a65ed4a8e2ecc1337f92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 368
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Thu, 07 Dec 2023 20:01:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 yV8FdhSmz2Y Show response
www.youtube.com/embed/ Frame 6E53 92 KB
39 KB 133ms
133ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abbdd64ea16cc46a1ccc953a281ba5fa95e4cb2017adea38c4a0a946ef9403b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-8NlkU3eU2n_3tqXS6MTcwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 371D 746 B
535 B 445ms
444ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=1230979907&adf=3956329256&w=234&lmt=1701979308&ad_type=text_image&format=234x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307768&bpp=1&bdt=1264&idt=242&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as%2C468x60_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=2301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=244

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a5731d2729b20fafee927cdc4db10c5642c95f42f2e5547deefe96791b7d2ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 367
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Thu, 07 Dec 2023 20:01:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 StpFz8qbB44 Show response
www.youtube.com/embed/ Frame 228B 92 KB
39 KB 110ms
109ms Document
text/html 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

588bac8f54ccb8ab638a61c7f03d7bb9fe82a6b51f3a69de89b313970f6c5fa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-sT2lavOew0qo70j9Vn0hrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C8C2 746 B
535 B 450ms
450ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=2671402218&adf=898975295&w=728&lmt=1701979308&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307785&bpp=1&bdt=1281&idt=234&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as%2C468x60_as%2C234x60_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3064&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=5&fsb=1&dtd=238

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb8ac19290b47436b2ca6a29aab9f613ffbc444fc2a945f4856d2681f2010807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 367
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Thu, 07 Dec 2023 20:01:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EC13 746 B
536 B 440ms
440ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=843395539&w=468&lmt=1701979308&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307842&bpp=1&bdt=1337&idt=185&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as%2C468x60_as%2C234x60_as%2C728x90_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&btvi=6&fsb=1&dtd=186

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

357edc2ca94f087808b7e0c5baf4dc65a30184bb9e8f106ab804a429ce1a8981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 368
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Thu, 07 Dec 2023 20:01:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4BA9 746 B
536 B 456ms
456ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=250&adk=597672501&adf=2042640218&w=300&lmt=1701979308&ad_type=text_image&format=300x250_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307844&bpp=1&bdt=1339&idt=187&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as%2C468x60_as%2C234x60_as%2C728x90_as%2C468x60_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=3633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=9&uci=a!9&btvi=7&fsb=1&dtd=188

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f36970c4589bf8845df35684216f48995ea1b8f60b94a81647f39ef140e6b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 368
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Thu, 07 Dec 2023 20:01:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C76E 746 B
586 B 398ms
398ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=1030568439&w=468&lmt=1701979308&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307845&bpp=1&bdt=1340&idt=190&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as%2C468x60_as%2C234x60_as%2C728x90_as%2C468x60_as%2C300x250_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=260&ady=4476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=10&uci=a!a&btvi=8&fsb=1&dtd=192

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7343a41c30c877d5d86760570273a164fa736cfe79c111c8c40e1785c42452d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 365
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Thu, 07 Dec 2023 20:01:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A8DC 746 B
539 B 405ms
405ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3147154302&adf=4027036295&w=468&lmt=1701979308&ad_type=text_image&format=468x60_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307930&bpp=1&bdt=1425&idt=110&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as%2C468x60_as%2C234x60_as%2C728x90_as%2C468x60_as%2C300x250_as%2C468x60_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=815&ady=4476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=11&uci=a!b&btvi=9&fsb=1&dtd=114

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cd96385c468e88e956e93a67afe7be85de76f3c0f3780b4f78fdcba7901ff5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 367
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Thu, 07 Dec 2023 20:01:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 www-player.css
www.youtube.com/s/player/31e0b6d9/ Frame 4344 378 KB
48 KB 40ms
39ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48920
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 18:10:17 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 4344 52 KB
16 KB 76ms
74ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45ea1febaa3bfa8f5c4711c1ed96c1971654f98d5bcc5cf69d90a555f79a0c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 261554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16591
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 03 Dec 2024 19:22:34 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/ Frame 4344 321 KB
96 KB 122ms
120ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98499
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 19:41:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 4344 2 MB
767 KB 126ms
125ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6329a84811954311b5424bbab6ac2dcc70441841a9b1fd441e3315cf540a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 785355
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 19:32:51 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4344 15 KB
15 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 592492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4344 15 KB
15 KB 48ms
48ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 82821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:01:27 GMT

GET
H2 200 sdk.js Show response
cdn.jsdelivr.net/npm/@widgetic/sdk/lib/ Frame AF94 49 KB
16 KB 134ms
52ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@widgetic/sdk/lib/sdk.js

Requested by

Host: widgetic.com
URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8d94874a66894f07f2a9e37b4bf6b6ecf9b0632b637105030b32bcdc40285a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 34683
x-jsd-version: 1.7.10
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230136-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"c37e-Q0dXjLRTDHxVFcSCPxxV3knKM0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2F4YrfQaS%2FYUE8dUQMPcT4QWCcO%2B1mFa5vbZ%2Bj0L26vctOHXH4lh%2FenW7JHPDQX89kE2MhVqBl07jObB%2BZbnUr%2FX814NU%2FAShlBbX1PnjwvIqlxFSjJhI4fFQdFUFuXkw5PQ15IerJIIfGLhOI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 831f5cd3fd173a5c-FRA

GET
H3 200 control.js Show response
widgetic.com/bundles/blogvioapp/js/editor/ Frame AF94 11 KB
4 KB 65ms
64ms Script
application/javascript 2606:4700:3036::6815:531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Requested by: Host: widgetic.com
URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f95e234907d6a21b8b3768caca177f7b4003689bdd974f1ec7c16ea96cee6c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 288
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 3870
last-modified: Thu, 27 Jan 2022 16:03:46 GMT
server: cloudflare
etag: W/"61f2c262-2cce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hyndv%2BSvisI8qE3Kru0rbMs1Rw3BUzK72y4BbNwNxtQOOwSXJrlyIXek37hLzbIRKekSFFJ%2FJP1G%2F8vlIovGweeBxwdp%2FqnfhQfUuOOtWWOjhCVytqD%2BwDsAIAzz0LkK8U3C8zFSSGP4a58%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 861708947
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 831f5cd37be51e89-AMS
x-cache-hits: 0

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame F1ED
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

46ms
46ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd87b79a03050ec23f88ab2f24bfcfb9d736ebe19c858b72b1d2b4d904fb4049

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Dec 2023 20:01:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame F1ED 29 B
495 B 125ms
39ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:56:18 GMT
x-content-type-options: nosniff
age: 330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 20:11:18 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 135ms
47ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 20:01:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F1ED 86 KB
40 KB 54ms
54ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfb005fb6578c55a5c29ae597abda1f1e4c482701dd5c4cba3c3959bd995639f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40702
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame F1ED 116 KB
33 KB 225ms
224ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80bd413f7dd15ff49d22ce8b5e99be2cea10ad2021f6408949ccf4d0a49191f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:22:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33684
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 19:22:32 GMT

GET
H2 200 Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js Show response
www.google.com/js/th/ Frame F1ED 51 KB
20 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ecc34627d4103fbb8d709b714d9489ee16f6f15a153fab36fca0df2dcaf2a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 13:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19777
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 13:14:44 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/dTk3BO54_8Y/ Frame F1ED 129 KB
129 KB 187ms
101ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/dTk3BO54_8Y/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGEcgVChlMA8=&rs=AOn4CLCSvI6_LmxAM0ZU1YewTE0yrVh97Q

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a96107fbabc6086da1301ac2553295a823d37bdbc49c61efaab62b966b25f1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132077
x-xss-protection: 0
server: sffe
etag: "1633021642"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Dec 2023 22:01:48 GMT

GET
DATA 200
OK truncated
/ Frame F1ED 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKarayx_ZPSOz3gwPdU9OMitpTnaEd9a_JU2LhYQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame F1ED 3 KB
3 KB 624ms
538ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKarayx_ZPSOz3gwPdU9OMitpTnaEd9a_JU2LhYQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9d528ac974c663cd81cae91c0b1f7f07c936f255a5f42899e9d55658b707ab34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
x-content-type-options: nosniff
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2880
x-xss-protection: 0
expires: Fri, 08 Dec 2023 20:01:48 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/31e0b6d9/ Frame 228B 378 KB
48 KB 39ms
39ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48920
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 18:10:17 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/31e0b6d9/ Frame 6E53 378 KB
48 KB 41ms
41ms Stylesheet
text/css 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6691
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48920
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 18:10:17 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 228B 15 KB
15 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 592492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 228B 15 KB
15 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 82821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:01:27 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6E53 15 KB
15 KB 61ms
60ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 592492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Nov 2024 23:26:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6E53 15 KB
15 KB 75ms
74ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 82821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:01:27 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 6E53 52 KB
16 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45ea1febaa3bfa8f5c4711c1ed96c1971654f98d5bcc5cf69d90a555f79a0c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 261554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16591
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 03 Dec 2024 19:22:34 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/ Frame 6E53 321 KB
96 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98499
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 19:41:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 6E53 2 MB
767 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6329a84811954311b5424bbab6ac2dcc70441841a9b1fd441e3315cf540a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 785355
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 19:32:51 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 228B 52 KB
16 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45ea1febaa3bfa8f5c4711c1ed96c1971654f98d5bcc5cf69d90a555f79a0c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:22:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 261554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16591
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 03 Dec 2024 19:22:34 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/ Frame 228B 321 KB
96 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:41:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1223
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98499
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 19:41:25 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 228B 2 MB
767 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6329a84811954311b5424bbab6ac2dcc70441841a9b1fd441e3315cf540a2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 785355
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 05 Dec 2024 19:32:51 GMT

GET
H2 200 core-js.shim.min.js Show response
files.widgetic.com/file/widgetic-uploads/assets/js/ Frame AF94 82 KB
28 KB 73ms
53ms Script
application/javascript 2606:4700:3036::6815:531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files.widgetic.com/file/widgetic-uploads/assets/js/core-js.shim.min.js
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd8844e07a245a7492968fae4fcbd9b7d6455ae634d1919d596ebe39cd056587

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-bz-file-id: 4_zcab80af2fd0cc5bd57300e14_f104b15177b277c8c_d20180312_m070149_c001_v0001008_t0005
age: 2124
x-bz-content-sha1: ad24cc060a78fcdd30b3924615d701fb54480463
x-bz-file-name: assets/js/core-js.shim.min.js
alt-svc: h3=":443"; ma=86400
x-bz-info-src_last_modified_millis: 1520838005031
x-bz-upload-timestamp: 1520838109000
last-modified: Thu, 07 Dec 2023 17:52:48 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QA0VNaMxRgxDKjBORPnq79FZ7Nlp%2FI%2Fukr2CTZqa5IKq1zxMq7zdF04Lw7N84cx%2FoVuhkn3lCpXLm3F5xw53JI774tnvsbRNDUYi47hHPeyP%2F1lEXvbMQSE3hw5tQWtadcZC5usG2UOdnNqWCVk3hLU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
cf-ray: 831f5cd4699565bb-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 core.vendor.js Show response
widgetic.com/bundles/blogvioapp/js/editor/ Frame AF94 91 KB
32 KB 49ms
49ms Script
application/javascript 2606:4700:3036::6815:531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/bundles/blogvioapp/js/editor/core.vendor.js
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cfc72687bf236ba651d0aab3205c0e3cd474d5fa987f1ab1e8fe749f0680acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50830
x-cache: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 20 Dec 2019 12:56:55 GMT
server: cloudflare
etag: W/"5dfcc517-16a12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxtChuWux3AHqOB3OM5mPlb9X87pGrHrTbTVLsx3ozjTr0Zm0Yoc5pWsU0kuhdfmh4a1j7fSegJJ5V5TroPeEZTHS%2FUopvelsSb%2Bq8ecFJa2nxY7VNsFUG7wxESoAfnSfRK2ZvQu57bF730%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 548464458
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 831f5cd45c861e89-AMS
x-cache-hits: 0

GET
H3 200 require.js Show response
widgetic.com/bundles/blogvioapp/js/ Frame AF94 2 KB
1 KB 92ms
92ms Script
application/javascript 2606:4700:3036::6815:531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/bundles/blogvioapp/js/require.js
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a81551f948932bc38d1b9d329a865d6050adf2da9dae6ec60395c51c6af06054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40845
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 759
last-modified: Fri, 22 Oct 2021 12:54:48 GMT
server: cloudflare
etag: W/"6172b498-825"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yafs7HF0Qs%2BJ%2FxaiZkApFJIS2ldmB1oQMYMftHnVVQPfytK%2BIzhdQN2lMNGnYrHf08dotKyxqEu39j0MRhUSur91810gQ%2FQQE6kShPFLJudBi3rHn%2Bagicpj29SuqEolo0PT1bDb2gfqLUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 548580752
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 831f5cd45c871e89-AMS
x-cache-hits: 0

GET
H3 200 embed.css
widgetic.com/bundles/blogvioapp/css/ Frame AF94 2 KB
1 KB 93ms
92ms Stylesheet
text/css 2606:4700:3036::6815:531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/bundles/blogvioapp/css/embed.css
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c420c2545efebcdcedd9fd7e48fe093a8c888f6726710197c0f1adff13b39cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56890
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 617
last-modified: Fri, 22 Oct 2021 12:54:48 GMT
server: cloudflare
etag: W/"6172b498-620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2Bao7VZMrZ2ioSdyB9Eq1%2FFLxoihNud9dTtj4YQCk%2BoSs3TlgIpFBkfQofAdGsf1ZRxJ6ji2vD73UKHe2DKkRQfuJzB8hWfTmjX7LCBoXrlrvmyo6vOY0IfM1SDVV1BU%2BwgONjFlTJCcIvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 551295169
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 831f5cd45c881e89-AMS
x-cache-hits: 0

GET
H3 200 widget.css
widgetic.com/widgets/53f6253e09c7e204038b4567/0eb36c7/ Frame AF94 324 B
692 B 134ms
133ms Stylesheet
text/css 2606:4700:3036::6815:531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/widgets/53f6253e09c7e204038b4567/0eb36c7/widget.css
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97ab411811d4436c975b63b44078385f3b31c9a09fa8d86ee05e24505ddee13b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 754017
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 163
pragma: public
last-modified: Tue, 05 Apr 2022 17:29:26 GMT
server: cloudflare
etag: W/"624c7c76-144"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FyXwxHa40GRPMgWqbeV3AsCnHOMP054feJcMbnSdgi%2BGNyFDM4ZMkjOH%2FtvDFLm%2FcJtrdjYQhwtJSDwyhCsyw5pUXWAufVL6sfkaSf5CLa%2Fw5KXA8ickjnW%2Fyo6W%2BzQvtatOg%2FZJUyj9hFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 556894215
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831f5cd45c891e89-AMS
x-cache-hits: 0

GET
H3 204 generate_204
www.youtube.com/ Frame F1ED 0
10 B 46ms
46ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?qk2YDQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame AF94 2 KB
979 B 135ms
49ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/css/embed.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 19:03:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 20:01:48 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 20:01:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame F1ED 90 B
134 B 54ms
51ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

547d8a2c5735d4241fd8ee7e6b3b4bda7c0f354db645cbf7dad403fea10788a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 spine.js Show response
widgetic.com/bundles/blogvioapp/js/ Frame AF94 32 KB
9 KB 52ms
52ms Script
application/javascript 2606:4700:3036::6815:531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/bundles/blogvioapp/js/spine.js
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec55a4bf94cf9d4245ea503b57dc7fdd599f25cb0031d0387d4bc44117138c6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42429
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8487
last-modified: Fri, 22 Oct 2021 12:54:48 GMT
server: cloudflare
etag: W/"6172b498-8108"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWbeKUF%2Br5w8KV7VuGAIllNMZ7KJKgfDz4JKTn%2F27mFedGoqxKzW63h82%2BM37euhERjTETaZGwZfUa%2BPBD%2BMhtkhZ9O1MoPAMvbejiMLc0oHnQYdWb14PBZS1P6pqERFlKI5FnOB6IWgRu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 549069545
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 831f5cd5edc71e89-AMS
x-cache-hits: 0

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 6E53
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

46ms
46ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a77e9b9f1fbd8add9ed32669720bab49a6e03a650c6c35a469dfd228ce21afd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Dec 2023 20:01:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 6E53 29 B
89 B 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:56:18 GMT
x-content-type-options: nosniff
age: 330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 20:11:18 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 4344
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

46ms
46ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed7f436e9bab0f5aa264bad7e82352a7afd3f604130d303c73d56ead4545c807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Dec 2023 20:01:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 4344 29 B
89 B 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:56:18 GMT
x-content-type-options: nosniff
age: 330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 20:11:18 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 228B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

47ms
47ms

XHR
application/json

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6ad81a5bdcc28da5f738e93a832360b512e1f008a911431b71fafc1a20bcea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Dec 2023 20:01:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 228B 29 B
89 B 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:56:18 GMT
x-content-type-options: nosniff
age: 330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 20:11:18 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame F1ED 4 KB
2 KB 158ms
72ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 20:01:48 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 46ms
46ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 20:01:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6E53 86 KB
40 KB 54ms
54ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a1e6ac7f7b1d2e2e475daa6928a1bdb04501b4085f59291ad373b0c90ae1c66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40561
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 6E53 116 KB
33 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80bd413f7dd15ff49d22ce8b5e99be2cea10ad2021f6408949ccf4d0a49191f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:22:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33684
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 19:22:32 GMT

GET
H2 200 Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js Show response
www.google.com/js/th/ Frame 6E53 51 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ecc34627d4103fbb8d709b714d9489ee16f6f15a153fab36fca0df2dcaf2a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 13:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19777
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 13:14:44 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/yV8FdhSmz2Y/ Frame 6E53 153 KB
153 KB 166ms
166ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/yV8FdhSmz2Y/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGEEgUihyMA8=&rs=AOn4CLDWJ3uFCGLCVxIAFT4xaUH7RDaa4g

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6a292094eb84a9196e1e8aa4f09104f08848ad4ba6001ad1157252f1ca81b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 156329
x-xss-protection: 0
server: sffe
etag: "1633922984"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Dec 2023 22:01:48 GMT

GET
DATA 200
OK truncated
/ Frame 6E53 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKarayx_ZPSOz3gwPdU9OMitpTnaEd9a_JU2LhYQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 6E53 3 KB
3 KB 263ms
263ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKarayx_ZPSOz3gwPdU9OMitpTnaEd9a_JU2LhYQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9d528ac974c663cd81cae91c0b1f7f07c936f255a5f42899e9d55658b707ab34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2880
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 08 Dec 2023 20:01:48 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 56ms
56ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 20:01:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4344 86 KB
40 KB 55ms
55ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d03367ebb95f62ae997c8c23a1c22fcc066d70109f5c835ac62adff4b93e2545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40604
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 4344 116 KB
33 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80bd413f7dd15ff49d22ce8b5e99be2cea10ad2021f6408949ccf4d0a49191f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:22:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33684
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 19:22:32 GMT

GET
H2 200 Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js Show response
www.google.com/js/th/ Frame 4344 51 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ecc34627d4103fbb8d709b714d9489ee16f6f15a153fab36fca0df2dcaf2a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 13:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19777
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 13:14:44 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/MzIH2rn72NE/ Frame 4344 168 KB
168 KB 143ms
143ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/MzIH2rn72NE/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGGUgSig-MA8=&rs=AOn4CLDozoRKm4aymMp3XXOWt1w8AtV1-A

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30bf665890ae0a63e4f917a03fb52d5b1c53f8c67c686ca2732c2656599cd862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172368
x-xss-protection: 0
server: sffe
etag: "1632909457"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Dec 2023 22:01:48 GMT

GET
DATA 200
OK truncated
/ Frame 4344 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKarayx_ZPSOz3gwPdU9OMitpTnaEd9a_JU2LhYQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4344 3 KB
3 KB 195ms
195ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKarayx_ZPSOz3gwPdU9OMitpTnaEd9a_JU2LhYQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9d528ac974c663cd81cae91c0b1f7f07c936f255a5f42899e9d55658b707ab34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2880
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 08 Dec 2023 20:01:48 GMT

OPTIONS
H3 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 20:01:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 228B 87 KB
40 KB 56ms
56ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5a6377b1a832edaf4f0bce669025bd18f83d8b0d8e8c145690d41d5f028f389

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40815
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/ Frame 228B 116 KB
33 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80bd413f7dd15ff49d22ce8b5e99be2cea10ad2021f6408949ccf4d0a49191f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:22:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2356
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33684
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 06 Dec 2024 19:22:32 GMT

GET
H3 200 Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js Show response
www.google.com/js/th/ Frame 228B 51 KB
19 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ecc34627d4103fbb8d709b714d9489ee16f6f15a153fab36fca0df2dcaf2a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 13:14:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19777
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 13:14:44 GMT

GET
H3 200 maxresdefault.jpg
i.ytimg.com/vi/StpFz8qbB44/ Frame 228B 173 KB
173 KB 153ms
153ms Image
image/jpeg 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/StpFz8qbB44/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AHUBoAC4AOKAgwIABABGHIgTShCMA8=&rs=AOn4CLD8Upz0VHq7BCtfLlgnqjui5fLCVg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d92b423128d6db2e717ad525bbda8e0ae7a3f9ac71701ae75bb509332d0df68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 177438
x-xss-protection: 0
server: sffe
etag: "1632976809"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 07 Dec 2023 22:01:48 GMT

GET
DATA 200
OK truncated
/ Frame 228B 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 APkrFKarayx_ZPSOz3gwPdU9OMitpTnaEd9a_JU2LhYQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 228B 3 KB
3 KB 161ms
161ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/APkrFKarayx_ZPSOz3gwPdU9OMitpTnaEd9a_JU2LhYQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9d528ac974c663cd81cae91c0b1f7f07c936f255a5f42899e9d55658b707ab34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2880
x-xss-protection: 0
server: fife
etag: "v8"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 08 Dec 2023 20:01:48 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 46ms
46ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 20:01:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6E53 90 B
134 B 49ms
49ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c8940e16900c33a13c6a9994a213fadcf255d68672e054f5b7b52b379122e5be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2 200 2316879151412558802
tpc.googlesyndication.com/simgad/ Frame 06D2 7 KB
7 KB 189ms
82ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2316879151412558802?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnTOTUI-Le49b_hioo9O2neqm5s-w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3728641180&adf=1460459252&w=468&lmt=1701979307&ad_type=text_image&format=468x60_as&color_bg=000000&color_border=000000&color_link=FFFFFF&color_text=CCCCCC&color_url=999999&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=000000&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307523&bpp=206&bdt=1018&idt=451&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&correlator=8492969922840&frm=20&pv=2&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=566&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=463

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9db7c9438341739da9d00bbdbfc7e11dbd8195bd41449bf91ba0b7283bee844

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:33:36 GMT
x-content-type-options: nosniff
age: 88092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7143
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 15:22:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 05 Dec 2024 19:33:36 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 06D2 24 KB
9 KB 159ms
52ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:52:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:52:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 06D2 3 KB
1 KB 68ms
50ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:52:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:52:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 06D2 20 KB
9 KB 146ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 06D2 202 KB
64 KB 153ms
54ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 20:01:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 06D2 36 KB
15 KB 106ms
88ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14788
x-xss-protection: 0
server: cafe
etag: 1899721059218863233
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:23:05 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
46ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 20:01:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4344 90 B
134 B 51ms
51ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a053aa3281e9a0a9043afa198b2218c2e30ddd31072efce24508f0d8259a65c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 48ms
47ms Preflight
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 07 Dec 2023 20:01:48 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 228B 90 B
134 B 51ms
51ms XHR
application/json+protobuf 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f51a01c8989bd397354804ea0654ac0ec72f83db3b7cf4327a379b8c9151e05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C70C 143 B
166 B 39ms
39ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=60&adk=3728641180&adf=1460459252&w=468&lmt=1701979307&ad_type=text_image&format=468x60_as&color_bg=000000&color_border=000000&color_link=FFFFFF&color_text=CCCCCC&color_url=999999&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=000000&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307523&bpp=206&bdt=1018&idt=451&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&correlator=8492969922840&frm=20&pv=2&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=566&ady=172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=463
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 19:38:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 core.js Show response
widgetic.com/bundles/blogvioapp/js/editor/ Frame AF94 21 KB
6 KB 52ms
52ms Script
application/javascript 2606:4700:3036::6815:531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/bundles/blogvioapp/js/editor/core.js
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 320242e458ff727cf119b25be7eed579317dad053ffe30beb9ca473f9c2eaf8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 48415
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 5959
last-modified: Thu, 27 May 2021 10:10:28 GMT
server: cloudflare
etag: W/"60af7014-5464"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTm1EVGzYWFaOkLC9Z9DPskE1QIjZtIp%2BIdPaKAy5XELex2gtBTxOKuw%2BPahNMGZ6%2BiFwcUi7fjIUNP%2B0yrjo9EyeDLHKlfZCpDIeDGN8VuDoOJNZ%2BevA22lR6q0Hfhz3BKOJ3CyX9ghVWg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 697666193
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 831f5cd84f621e89-AMS
x-cache-hits: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D14 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B9LoEFB73IVsb1f-P0It6UmTKZqvh6e8YGg3dLwki2Dum9MuXLQAc5OojGoN-gV_KsAlJQODTgMaOZ48xA8iQp_of7dLOmLD07-njPoj-fkbTSu4E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1701979307&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307554&bpp=177&bdt=1050&idt=441&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5D14 89 KB
31 KB 116ms
116ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 20:01:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5D14 3 KB
1 KB 77ms
75ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:52:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 18:52:00 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 5D14 20 KB
8 KB 52ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D14 202 KB
64 KB 182ms
123ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Dec 2023 20:01:48 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame F1ED 50 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 07 Dec 2023 21:36:49 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E95E 624 B
246 B 80ms
79ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVLcmHm8U1FVFcFCg-yEHg2EHvr3XljStyyhbxau9wmAck1AVPhwJRdIswEzRcgeVUGih6n06e8E6aBGIWCbF3uUJxg20xFYO_c2vBV3kfoC6WDC8HSDjNp8bKV075d3JyTrn-9VBO3XQvcmUXKV_TY3H3ltcw277Gdl6KNDt-nkKxI0wg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1701979307&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307554&bpp=177&bdt=1050&idt=441&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=444
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Thu, 07 Dec 2023 20:01:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 19:32:52 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1736
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Thu, 07 Dec 2023 21:32:52 GMT

GET
H3 200 snowday262.js Show response
cdn2.editmysite.com/js/wsnbn/ 73 KB
25 KB 58ms
58ms Script
application/javascript 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 22, 2543
date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 40334
x-cache: HIT, HIT
x-host: blu125.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25752
x-served-by: cache-sjc10061-SJC, cache-sof1510033-SOF
last-modified: Wed, 06 Dec 2023 19:32:31 GMT
server: nginx
x-timer: S1701979309.888396,VS0,VE0
etag: "6570cc4f-124fe"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 21 Dec 2023 08:49:34 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 6E53 4 KB
2 KB 105ms
105ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 20:01:48 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 4344 4 KB
2 KB 202ms
201ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 20:01:49 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 228B 4 KB
2 KB 199ms
199ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 20:01:49 GMT

POST
H/1.1 200
OK / Show response
lelive.weebly.com/ajax/api/JsonRPC/CustomerAccounts/ 375 B
748 B 248ms
248ms XHR
application/json 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/ajax/api/JsonRPC/CustomerAccounts/?CustomerAccounts[CustomerAccounts::getAccountDetails]
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: Apache /
Resource Hash: 8bc12ea7d68fffddf5dc2f7ac10a44c78087b1e7f7fe046fcfb7d3c77198d3f4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://lelive.weebly.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 07 Dec 2023 20:01:48 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Content-Type: application/json
X-Host: blu156.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=60
Content-Length: 375
X-UA-Compatible: IE=edge,chrome=1

GET
H3 204 generate_204
www.youtube.com/ Frame 6E53 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?iW_sLw
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0EA2 0
20 B 75ms
75ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&adk=1812271804&adf=3025194257&lmt=1701979308&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979308924&bpp=1&bdt=2420&idt=1&shv=r20231205&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2631426f98406626%3AT%3D1701979308%3ART%3D1701979308%3AS%3DALNI_MbML1a03j6vl8PG5oKZ50VVD_Gg8Q&gpic=UID%3D00000d0f66c36042%3AT%3D1701979308%3ART%3D1701979308%3AS%3DALNI_MYBkt9VZQWpaerQJLBbMF7cfUwWow&prev_fmts=468x60_as%2C728x90_as%2C728x90_as%2C468x60_as%2C468x60_as%2C234x60_as%2C728x90_as%2C468x60_as%2C300x250_as%2C468x60_as%2C468x60_as&nras=1&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=15&uci=a!f&fsb=1&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:48 GMT
expires: Thu, 07 Dec 2023 20:01:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 free-footer-v3.css
cdn2.editmysite.com/css/ 3 KB
1 KB 57ms
57ms Stylesheet
text/css 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1701968574
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 251a983a1b4b2cc76542aa398ae6b3499978a788860b54a8081d35d7a843303c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 32, 294
date: Thu, 07 Dec 2023 20:01:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 10607
x-cache: HIT, HIT
x-host: grn152.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 886
x-served-by: cache-sjc10048-SJC, cache-sof1510033-SOF
last-modified: Thu, 07 Dec 2023 16:10:45 GMT
server: nginx
x-timer: S1701979309.957902,VS0,VE0
etag: "6571ee85-a49"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Thu, 21 Dec 2023 17:05:01 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 4344 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?RSVyag
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 generate_204
www.youtube.com/ Frame 228B 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?iwnsGw
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:49 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6ELBCSBKW3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131254328-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92474dab3fd79343744bfa92bd6c566d1e6a8445d9d5ff892d702106ef08934c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79461
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 20:01:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
39ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131254328-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Dec 2023 19:22:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2356
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 07 Dec 2023 21:22:33 GMT

POST
H/1.1 200
OK / Show response
lelive.weebly.com/ajax/api/JsonRPC/Commerce/ 2 KB
2 KB 368ms
368ms XHR
application/json 199.34.228.54
WEEBLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lelive.weebly.com/ajax/api/JsonRPC/Commerce/?Commerce[Checkout::getMiniCart]
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.34.228.54 , United States, ASN27647 (WEEBLY, US),
Reverse DNS: pages-wildcard-2.weebly.com
Software: Apache /
Resource Hash: 72c08283066d0cfa8e04e210801ea9d8f9975cc7f45f77c16c3085f246424378

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://lelive.weebly.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Thu, 07 Dec 2023 20:01:49 GMT
Server: Apache
Vary: X-W-SSL,User-Agent
Content-Type: application/json
X-Host: grn106.sf2p.intern.weebly.net
Connection: Keep-Alive
Keep-Alive: timeout=10, max=70
Content-Length: 2065
X-UA-Compatible: IE=edge,chrome=1

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame E95E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTigV4lCJ_06VWhAtBkpGg&google_cver=1

43 B
336 B

59ms
59ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTigV4lCJ_06VWhAtBkpGg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVLcmHm8U1FVFcFCg-yEHg2EHvr3XljStyyhbxau9wmAck1AVPhwJRdIswEzRcgeVUGih6n06e8E6aBGIWCbF3uUJxg20xFYO_c2vBV3kfoC6WDC8HSDjNp8bKV075d3JyTrn-9VBO3XQvcmUXKV_TY3H3ltcw277Gdl6KNDt-nkKxI0wg
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lqqx76hN8dD3JISTikOd9SCJruTsCB8cNAChh8XPqrY3NIwdkWpfJeXIeLwuzB3VozKwZYJmNKDKs2B8G7KANdcTh2KoWZajhOiLzRa14szoQ%2BuZ9vSThauNyiCNY81haWI%2F6VFikS4iZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 831f5cda5fb12675-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTigV4lCJ_06VWhAtBkpGg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E95E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXIkrXHBdLAU.r1uBWv4ywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKhECDcUXgb83wCodbzHvBA&google_cver=1&google_hm=2

43 B
772 B

60ms
60ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKhECDcUXgb83wCodbzHvBA&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVLcmHm8U1FVFcFCg-yEHg2EHvr3XljStyyhbxau9wmAck1AVPhwJRdIswEzRcgeVUGih6n06e8E6aBGIWCbF3uUJxg20xFYO_c2vBV3kfoC6WDC8HSDjNp8bKV075d3JyTrn-9VBO3XQvcmUXKV_TY3H3ltcw277Gdl6KNDt-nkKxI0wg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytK%2BluTYq7rTDGfMbAejvCR9t0Ur%2FzHyFL2nHJuqQfcTpSRDiO92X0x3iKIvy0oGklSMsNJ7iWM6RPmPR%2FnANJ4U6Fdg72yP4fqOAtwYp%2BxgE33tsWZjxGnNy4dnr3j%2BwP7QFxAbUuRoGA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 831f5cdaecdd58d8-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKhECDcUXgb83wCodbzHvBA&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame E95E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECRTg25THCd4yFmuPbfIz8Y&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECRTg25THCd4yFmuPbfIz8Y%26google_cver%3D1

43 B
892 B

46ms
46ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECRTg25THCd4yFmuPbfIz8Y%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVLcmHm8U1FVFcFCg-yEHg2EHvr3XljStyyhbxau9wmAck1AVPhwJRdIswEzRcgeVUGih6n06e8E6aBGIWCbF3uUJxg20xFYO_c2vBV3kfoC6WDC8HSDjNp8bKV075d3JyTrn-9VBO3XQvcmUXKV_TY3H3ltcw277Gdl6KNDt-nkKxI0wg

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
an-x-request-uuid: 85d0d058-6805-4efa-866c-4e022880dc45
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.103; 80.255.7.103; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
an-x-request-uuid: f5fadb6c-e654-4eab-9dd4-22fa571d71d8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECRTg25THCd4yFmuPbfIz8Y%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.103; 80.255.7.103; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E95E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc3MDU0NjU1MzgzMzk0MDg3OA%3D%3D

170 B
243 B

49ms
49ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc3MDU0NjU1MzgzMzk0MDg3OA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
an-x-request-uuid: c10b34f6-7667-4aeb-b51b-6b18f4a05fbd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc3MDU0NjU1MzgzMzk0MDg3OA%3D%3D
x-proxy-origin: 80.255.7.103; 80.255.7.103; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sqmarket-medium.woff2
cdn2.editmysite.com/fonts/SQ_Market/ 30 KB
30 KB 61ms
60ms Font
font/woff2 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.editmysite.com/fonts/SQ_Market/sqmarket-medium.woff2
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7

Request headers

Referer: https://lelive.weebly.com/
Origin: https://lelive.weebly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-cache-hits: 57, 12821
date: Thu, 07 Dec 2023 20:01:49 GMT
via: 1.1 varnish, 1.1 varnish
age: 891366
x-cache: HIT, HIT
x-host: grn29.sf2p.intern.weebly.net
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30768
x-served-by: cache-sjc1000119-SJC, cache-sof1510034-SOF
last-modified: Wed, 22 Nov 2023 21:22:39 GMT
server: nginx
x-timer: S1701979309.037680,VS0,VE0
etag: "655e711f-7830"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
expires: Mon, 11 Dec 2023 12:25:43 GMT

GET
H3 200 logotype.svg
cdn2.editmysite.com/images/landing-pages/global/ 3 KB
2 KB 65ms
64ms Image
image/svg+xml 2a04:4e42:400::302
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.editmysite.com/images/landing-pages/global/logotype.svg
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1701968574
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:400::302 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e8fce53e602b22e525d06ba31b166bb4ff461319bc9ae53caad095d185a4d15b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn2.editmysite.com/css/free-footer-v3.css?buildtime=1701968574
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Fri, 27 Jan 2023 23:36:13 GMT
date: Thu, 07 Dec 2023 20:01:49 GMT
content-encoding: gzip
via: 1.1 varnish
age: 158897
x-guploader-uploadid: ADPycdudzs6yQrZPcpAQZhUf0vUu4ZUF8qJtFV17mzDJBqRTyoAxk2JsruDu7rddwMUzs1jaU__rfnJ2prgaa7LH_gzRvB7z3vmA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1488
x-served-by: cache-sof1510033-SOF
last-modified: Wed, 10 Oct 2018 21:37:00 GMT
server: UploadServer
x-timer: S1701979309.039776,VS0,VE0
etag: "bc61dcb431a14c508075eeff4f74523a"
vary: Accept-Encoding
x-goog-generation: 1539207420450301
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-hash: crc32c=vgUlyw==, md5=vGHctDGhTFCAde7/T3RSOg==
cache-control: public, max-age=86400, s-maxage=259200
x-goog-stored-content-length: 3507
accept-ranges: bytes
x-cache-hits: 3703

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D14 0
20 B 73ms
72ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8722412938657&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D14 0
20 B 72ms
72ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8722412938657&version=m202309260101&ct=77&x=1&cor=10962992385944744000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5D14 20 KB
13 KB 329ms
329ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AO8OYaubzlUtzYb_1d8EBRSNXNNXo5k1e02O8zCvu3iRZ7vFxpzl_wDAAKRT_DgTBK7WiLL4Fwdj6NSdYAdSzdU5VKGDftMgAETKk7F5pG7J1Un1hJmmDLAFL-8yCSf4QHtFH8u90ajK45Gg-7xBvTr_uGEAmLThBXf6Rdz0jCG05POAA&cry=1&dbm_d=AKAmf-COBtSATHzKIRU_D5gUz4YgJAJEEKFa7NMeWs74263q2e8KRsf-0Q1FaPG4s9XLe5dMU0ABBlZ01c6NrTsHglF05sesQKaFZ7lsmvrM6ZpVnUZ4_eFCHIuc9ZFRkXnCo6ugJAB8KLLN5ZCtLawQmRiKsuepSdynu4DtGFK1TG-RJG0nbviCIwa_mh2BTDiTu7g0lBl3v6-OsbcVUX3qGdnEaYOmA7Me-pVorbk511bYGKKLXAUzQriL3UxGZ0u-1LcJw1h-GirZPQ3HhwNv1EZg2KTxWgJXJXHFTVn-nGMAs0taKgfgNqCQnqt76KMFXogOd_aPJir_fM12LkHGFnfeuwcOy0js2peQq6NDcKG0Uwb5DlzKIOq5gvdc_8ebXwxkfLveKuwdKu1TIPxt8DY9BR2B9-O6ObOso8S6YxQ9y9JqGyt4BDEz3M62h8Jx8wshTwPsDEUU5OCPYOWJT6FxH4xYyKc_cG7oe4jqrCapaKbRo5rBO3oIvJSbb6ciX_5gNsamJ4IeN1bX1iEnE-vWb9w1SuyGd9N99-NsnDSISYbiwVy3D2bcfFWQC1TEaLaX7UfQWzXJr5xR-Qpxdl6FDzanss4z3LnK4GA0pOaVWjFMdhrLS1YhEt8xskRe5FS9v8Cff4XxaA-5wVrAdwFF3SdfAbfj0owL-iAOFPXzrJhnyFcEktxsMzJx3igPeDvzXqjaB59NMTiZVqkFEzrQ_24gdNI8Ncn0z7JlirowdeewwK0FZW_KFKOGxowENRTwhHv74WqmynarrSb5zB_DAr4rFJBZ1tuM9YdeZLATh64tagDvhWOjx4g-VGAnCZ9FZUh0Q1fPqUQBblFW_Xf9Gs2b4KGwoWxqGn0a0_7JJHp9NlzivGKLAYQKzr5H5kxWt9K0bJRZAH0CcoX1fA5w_eY7A8Xh-sygU3CsvWmkWcAtiqc8VPJ6587ZCeHa7tPvkINvtzGhi1fJKsdHUl7elgwW4RhPk0jDQatcjNZ377g6s7yeWjlipxR0k1ai_dY_gE006Rgxk1oE-5SFQfHH79jHp5tboJCzOn3nWyiTfPGuIa8GEdPbV72oF5JNQZaV5zGTUml-m6bB_4PfnXa7WsZz1yfpw5NtdexOE-1Ccj_n0Z2eLbJstLlvD3X5lFSVD3uKvNJTYg_3wbTZEdVoIo9bIbGdsBOaGd6N2w7fCDQ8_ZLXia5okquppbp6_AhyEz0qXcsWVvmt2Io9t-HKbmZyZvTudn3IuRUDgWbfvIBvt0NSjD5qHHyLTyfn_dUwVvEIUHRH0zqGqhrvVnHpVJg6mByYyeU1YEKnJSpSORjNrmTXKapOGgNZHS0U-524LVFO677yO250upXgvahy62p4ovZ71JKYeGDtokUjdh8ewpz2QE5_0DU5iHNdnOdxmLBuIRJYb2C4tv3kZtgpT-yeucJ_A_oJh4XRwNp--TrxeBZj-dzDkFB4nC1ZV9gfpQNmjNCxtmBdGBKzFiuUMnbm0AD7Z22KGMlXVmKRKThT98lxUiT-4x_RdwzjMJU_bUP5PGHUgPYrjUsRxduXob9Z4GwHzYXb2HBbr2mqu8yfF7o7qEN64KIQKBU4W_8jvubvf9ngr9czj6YSfsnT0uBSaXkTfuVQrQYY09y6jLkKPNR-Rwiv3tEuJHUk8OnAbxAiVeZ547LNaK0QZ-JV2B-xzyy3mqlv4ELHaNaW3HNAQ48guZX_ae92GppSGqB4kUyoT4RC55JWXji15Txe395OvxcKDlrTqHt0XgIw9mZOp560N5_Dw-apKpbAeHEOzSnjGSBtbzclEF3W1alAcsEA_eD2eEhOYn3TrydJPQ0qG3OKyJNiaOu7finBbYfFqFLhwaxRLgXtpuWV-oEOrRWHLf9FaAdFBxVdgyisquEnwQUi2UdT9OBmJcSS1h8uyYnFmI9vUrbuHCq38egIuSGYjMUaEbbrYVdmB2uwah8liIeuvZHMei_gjTAWHiUD-1cLGp0iIQ-wibw8rmOQIIvC9XS87qVaYx9gIycPDBm3TTGNqeFsjJ93cvavXSAK7S_WFB1TRsPC2VIhnW1rj6AUwJ5u2jAIDII-1UnhTIb4OQ1QblkChLQyREuobGeqm_6C69Mi4kUOCTBKvJZvBj4MhKL323yxzo2kxrC5grjtM2Gjmj5L5xp2PsEBUtioJ3mCIgougun9JFX5D8tbR2ZggdssX23HiDv2n3bwEGqS7aTXmfMdeB26sBLQbF0cGUmO1HpqEjaZGEUmcEdC-oFrlIuopBfiJqboKX5AS3wNN9MwDXUBEjvDgH7sY47ZsJG6pMnIR4KeDWMOe95Q4du40y6W9JKwVE-4d5k4YcGQeziLPrrpCSwhurkrT-uiKmXLNYqID8CdD-C1Q73vLcr_R1oSsWnBRIJyFW2hLo0f1jn_B0t4LODFhptSg5Z3-B5R4obFjTbnX6FpwsaF2wcCX6Zss5e93-S_lj-j-L_tnf-ODZR1IvDF0DEtQTGmWPRHXuCKrZG-iALQzrMXLteJ87_tcscG5dcsUJ1g6WHZlTNWQCo5q9GbdYgRAo5jUvYOZUdm59sn3GRPp8O9WCGN5p1WbW0qTkMH3Yf4KuWUoDVkRrhb4-FeJiQSaDbqESkUjh2DBa_0DT5yPlCjUpxYly6sOd8MidJKVzl_X92DuBiaT-lYICDQqfdeAooi1SMI1eaBc_xiLRNuPLyWlydqhgeG90hrEPf7xNbISkhW-Z6h6cDfWCkpbUzJqa1lizXjNWSHyG6KCMLDtUuyZSbjEfcXQAY16ud1F_-nJwAlxJtyDCfhFHSae9MzRZDyMj6UIDMze7t0D5oDEOmdtFdP1-GWm0nmyN7vZr5X64T3mwp4ajioCUsMfeY_ziypcRVRL1pKtHZtvTR0Ye3PftMW310xZ-xHgmQL9uQUHb3r1IIoAyd9D-8Ow85mbGSWgXVHn4Ac2lZd3tzotIj4Yvw9dsE7jjhloDcR5cjIbwx-CF3S9YF3mmDSAF9qM8St48h3-ivzTXBBXT_bpD8XVxpFJ_dydp-MOJl8gSWoCxdh2T16JqAB42THRLrKg70LQTfCc-jITefk1XhwYKPYSN9bGgfDF9vt-XPr8cnHGKydhmQHayK_bDqmPOqT3Qq8yTT7Mtg7GfGkrXgLfa5zWcsEHiXIcotdyk8_lgujeHe6jz9cSwsdlppndjwUdUmHLQYaxvkggLszPeLxUVRhpYsb3N4NC3PW_aqfMneEc-_WluAKjPdfRkVnRPUEBHux239oeII7fF1c1-nNH5xv0cqHM74Mem_Mrjkul5_A2ro00YM_YNZf_mWlwgEu8_tDh7vK2qofpBX_JwR-PojAXTB0-Jaf4B4JsZ2wnY0_e8XW4L6Dq_FBW_jbrX26jz4ewd8IOsdod1-MmSaxuhlKEiAQGmrCXhbGWaHfvwig2rvkRgeOIMnL2FZxEqj1iCWPycm2l08KTqc0-wyzOFfXoRKcdAmmvjaDAlAWNNyJTLPuHykHWfnnpqEtFJ9nmo30LVWrTwoauUqLev2r1kv2QeJzKZ7VK-s5VaixYvknETy_26M6oyAG6XA8TBDHMGy880fg4MHrLQLVzzD1HBDXNYW2hd9j1uNHwfXQoBAvGjp6wCsPcu8NdAE40rnRAuOC68IHwxHUN2FY2gl0DjowMRqB-4rTAVHhvg0tpMpW_0ppqmMUSlsjn7tG4veX4FOhbL3nEcSwbGMoJuX3X2yh-_np4tataCBt6AFq24um9W2hLalJgxz8I73YzX3EZ9PeuUiPXvHBCoYjBo9DlWxl4QwpHtROVIX6Yo_N7i4Q67ij71en77FDuzwxAd3ygqdavvFJfER-GSvvRrIiU8-XYg-BAdA35yGVYjWb8PO_iQ6EfmVTTIu4ZCtGhCv1ZF9dmVWh&cid=CAQSTgDICaaNIAxTKUBTtzskD5z0P4v7-hH02dkCsdymdC5KBrxXfVlgUd7uNTz_tGCXsRRN7vUd4N4lYHzK-7QmpLt15Ei3RkZwgbb5z0I-7hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Flelive.weebly.com%2F&ds=l&xdt=1&iif=1&cor=10962992385944744000&adk=3047537734&idt=122&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae383c13a7416134d3f1e3ef1871f65d995fda66806f24813465a63f58bbee71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1701979307&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307554&bpp=177&bdt=1050&idt=441&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=444
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13727
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.16/ Frame AF94 13 KB
6 KB 128ms
39ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.16/webfont.js

Requested by

Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/core.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 14:40:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5480
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 14:40:02 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C70C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

57ms
56ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:49 GMT
expires: Thu, 07 Dec 2023 20:01:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 tp2
ec.editmysite.com/com.snowplowanalytics.snowplow/ Frame 0
0 664ms
209ms Preflight 44.240.236.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.236.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-236-222.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://lelive.weebly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://lelive.weebly.com
access-control-max-age: 600
content-length: 0
date: Thu, 07 Dec 2023 20:01:49 GMT
server: nginx

POST
H2 200 tp2 Show response
ec.editmysite.com/com.snowplowanalytics.snowplow/ 2 B
321 B 831ms
415ms XHR
text/plain 44.240.236.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ec.editmysite.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: cdn2.editmysite.com
URL: https://cdn2.editmysite.com/js/wsnbn/snowday262.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.240.236.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-240-236-222.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://lelive.weebly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://lelive.weebly.com
date: Thu, 07 Dec 2023 20:01:50 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 6E53 50 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 07 Dec 2023 21:36:49 GMT

GET
DATA 200
OK truncated
/ Frame 06D2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3749da4aa655d3afdfd14a2aceca6e4e25e4b41f22495f4e06731652cfb3ed4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 data Show response
widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed/ Frame AF94 6 KB
2 KB 193ms
191ms XHR
application/json 2606:4700:3036::6815:531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed/data
Requested by: Host: widgetic.com
URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6db05de4d4e7ecaa14dfe6556d74f500bc3c9fd86ee4a47f59419e5d134cc0b9

Request headers

X-NewRelic-ID: VgEPUVFVGwEAV1FWAwUH
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:49 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
xkey: composition:60eaad0decb2a1062b8b4569 widget:53f6253e09c7e204038b4567 skin:60eaae81ecb2a1c02b8b456b user:60eaac9eecb2a1cf2a8b4567
age: 0
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 1753
x-newrelic-app-data: PxQFVl5TDwUTVlFRBwUDUlQTGhE1AwE2QgNWEVlbQFtcC2VOcAJHCwtYa04HE1FsRlY+BVJFaAULXEZcEQ8XC18MZwdVWlFWbAFYFVBDH1JKBgdRVlMUAx5UVFMFAxtLVR0UUQZWWwYHBg1TXAoCCgVVAEMdB1IOF1Nq
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rybytHLTbKCGAyyraMsoW0IlHsnbBcgFvOxcZzAoCoQW5za5wsBiEOPCqo9mt3vXlXLhVKq25zzx%2BgSj1GP3VU9xVucDiXQITPCiX0GKm3BlsW4cOzAm5v0dSwY5cMYjv6b0Jg74Jya7CQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
x-varnish: 49536836
cache-control: no-cache
accept-ranges: bytes
cf-ray: 831f5cd9d8481e89-AMS
x-cache-hits: 0

GET
H3 200 widget.js Show response
widgetic.com/widgets/53f6253e09c7e204038b4567/0eb36c7/ Frame AF94 9 KB
4 KB 55ms
52ms Script
application/javascript 2606:4700:3036::6815:531
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widgetic.com/widgets/53f6253e09c7e204038b4567/0eb36c7/widget.js
Requested by: Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/control.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:531 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 115f8c95a42cff5953894d4caebab4a0a743ece7b38f3a9b225d094eae5e37f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:49 GMT
content-encoding: gzip
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2552565
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 3304
pragma: public
last-modified: Tue, 05 Apr 2022 17:29:26 GMT
server: cloudflare
etag: W/"624c7c76-2492"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8c7bplcQmWlppjFqjAyKwND5CJc%2FQ7pdRsy3Mk2TLunQ88WXbt7PC0eTs8KZSOLIhqW3eyohIN2SUJJ%2BfiPfJgCcn5RBeM6B6WNLRLoR%2FuLB%2FkKBnaXNVYaSwG3gRMxdmZsODW00ITcHYk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 564434642
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 831f5cd9d84b1e89-AMS
x-cache-hits: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 06D2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CrZqIrCRyZbGJC4SO29gP3ZWuiAbMj86zdNjXidmkELCQHxABILKh3nhglaKAgpgHoAH34pu0KMgBAqgDAcgDyQSqBIMCT9Cu0glK_8-uzMbvQgxS3-nmUhSH7iwia-0X8npDMQoFIDAc4ux...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229136684703332646100%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%...

0
0

154ms
73ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229136684703332646100%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2212-07%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22187538648822936913%22}&andc=true

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9136684703332646100","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["12-07"],"6":["true"]},"priority":"500","source_event_id":"187538648822936913"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 07 Dec 2023 20:01:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Dec 2023 20:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9136684703332646100","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["12-07"],"6":["true"]},"priority":"500","source_event_id":"187538648822936913"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 4344 50 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 07 Dec 2023 21:36:49 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 228B 50 KB
14 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 07 Dec 2023 21:36:49 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
255 B 131ms
45ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6ELBCSBKW3&gtm=45je3bt0v9111845681&_p=1701979308864&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1248546258.1701979308&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701979309&sct=1&seg=0&dl=https%3A%2F%2Flelive.weebly.com%2F&dt=Sidsupertool%20-%20Sid%E8%B6%85%E7%B4%9A%E6%B5%81%E4%BA%A1%E8%BC%94%E5%8A%A9&en=page_view&_fv=1&_ss=1&tfd=6068
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6ELBCSBKW3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lelive.weebly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 46ms
46ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=640980279&t=pageview&_s=1&dl=https%3A%2F%2Flelive.weebly.com%2F&ul=en-us&de=UTF-8&dt=Sidsupertool%20-%20Sid%E8%B6%85%E7%B4%9A%E6%B5%81%E4%BA%A1%E8%BC%94%E5%8A%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=441714190&gjid=557541357&cid=1248546258.1701979308&tid=UA-131254328-2&_gid=1101172428.1701979309&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1008849981

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lelive.weebly.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lelive.weebly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EC4 51 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:35:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 282378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:35:31 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 161ms
74ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 20:01:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 nr-full-1.248.0.min.js Show response
js-agent.newrelic.com/ Frame AF94 73 KB
25 KB 170ms
52ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-full-1.248.0.min.js

Requested by

Host: widgetic.com
URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

05e491862fdeabca3a0384115c2bb97d7b898711503cc4b1e04709a5d25548e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://widgetic.com/
Origin: https://widgetic.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: WzT6XpG8twFW5rJcqJhKci.Cyhtq0Kz_
content-encoding: br
via: 1.1 varnish
date: Thu, 07 Dec 2023 20:01:49 GMT
strict-transport-security: max-age=300
x-amz-request-id: GFG4BMG71S40ZZDR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 24848
x-amz-id-2: 5YWWma/WFRtpkXxVBpXG5wU4Lktx+qrWjd1uEMRwCDljIA/9hmHTfUB6TkmB89rtWVqYTROxEAc=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Thu, 16 Nov 2023 17:54:54 GMT
server: AmazonS3
x-timer: S1701979309.306320,VS0,VE0
etag: "5fd395e58580abf86471c5163c67aed0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 412584

POST
H/1.1 200 c31f92a57d Show response
bam.nr-data.net/1/ Frame AF94 40 B
395 B 490ms
350ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/c31f92a57d?a=20304440&v=1.248.0&to=MlwHMUdRW0FXBURQWwsWJAZBWVpcGQdAUGsTCzoCUERqUVkLQFZHDE0MCltvUF9UA1Q%3D&rst=1829&ck=0&s=1ea0e473bc2a62d1&ref=https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html&af=err,xhr,stn,ins&ap=90&be=519&fe=1121&dc=147&at=HhsERw9LSE8%3D&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1701979307527,%22n%22:0,%22r%22:0,%22re%22:276,%22f%22:276,%22dn%22:276,%22dne%22:276,%22c%22:276,%22s%22:276,%22ce%22:276,%22rq%22:277,%22rp%22:519,%22rpe%22:521,%22di%22:665,%22ds%22:665,%22de%22:666,%22dc%22:1640,%22l%22:1640,%22le%22:1640%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=676
Requested by: Host: widgetic.com
URL: https://widgetic.com/api/v2/compositions/60eaad0decb2a1062b8b4569/embed.html?bp=bottom-right&resize=fill&autoscale=off&lo=https%3A%2F%2Flelive.weebly.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://widgetic.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 07 Dec 2023 20:01:49 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://widgetic.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-sof1510039-SOF

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5D14 41 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AO8OYaubzlUtzYb_1d8EBRSNXNNXo5k1e02O8zCvu3iRZ7vFxpzl_wDAAKRT_DgTBK7WiLL4Fwdj6NSdYAdSzdU5VKGDftMgAETKk7F5pG7J1Un1hJmmDLAFL-8yCSf4QHtFH8u90ajK45Gg-7xBvTr_uGEAmLThBXf6Rdz0jCG05POAA&cry=1&dbm_d=AKAmf-COBtSATHzKIRU_D5gUz4YgJAJEEKFa7NMeWs74263q2e8KRsf-0Q1FaPG4s9XLe5dMU0ABBlZ01c6NrTsHglF05sesQKaFZ7lsmvrM6ZpVnUZ4_eFCHIuc9ZFRkXnCo6ugJAB8KLLN5ZCtLawQmRiKsuepSdynu4DtGFK1TG-RJG0nbviCIwa_mh2BTDiTu7g0lBl3v6-OsbcVUX3qGdnEaYOmA7Me-pVorbk511bYGKKLXAUzQriL3UxGZ0u-1LcJw1h-GirZPQ3HhwNv1EZg2KTxWgJXJXHFTVn-nGMAs0taKgfgNqCQnqt76KMFXogOd_aPJir_fM12LkHGFnfeuwcOy0js2peQq6NDcKG0Uwb5DlzKIOq5gvdc_8ebXwxkfLveKuwdKu1TIPxt8DY9BR2B9-O6ObOso8S6YxQ9y9JqGyt4BDEz3M62h8Jx8wshTwPsDEUU5OCPYOWJT6FxH4xYyKc_cG7oe4jqrCapaKbRo5rBO3oIvJSbb6ciX_5gNsamJ4IeN1bX1iEnE-vWb9w1SuyGd9N99-NsnDSISYbiwVy3D2bcfFWQC1TEaLaX7UfQWzXJr5xR-Qpxdl6FDzanss4z3LnK4GA0pOaVWjFMdhrLS1YhEt8xskRe5FS9v8Cff4XxaA-5wVrAdwFF3SdfAbfj0owL-iAOFPXzrJhnyFcEktxsMzJx3igPeDvzXqjaB59NMTiZVqkFEzrQ_24gdNI8Ncn0z7JlirowdeewwK0FZW_KFKOGxowENRTwhHv74WqmynarrSb5zB_DAr4rFJBZ1tuM9YdeZLATh64tagDvhWOjx4g-VGAnCZ9FZUh0Q1fPqUQBblFW_Xf9Gs2b4KGwoWxqGn0a0_7JJHp9NlzivGKLAYQKzr5H5kxWt9K0bJRZAH0CcoX1fA5w_eY7A8Xh-sygU3CsvWmkWcAtiqc8VPJ6587ZCeHa7tPvkINvtzGhi1fJKsdHUl7elgwW4RhPk0jDQatcjNZ377g6s7yeWjlipxR0k1ai_dY_gE006Rgxk1oE-5SFQfHH79jHp5tboJCzOn3nWyiTfPGuIa8GEdPbV72oF5JNQZaV5zGTUml-m6bB_4PfnXa7WsZz1yfpw5NtdexOE-1Ccj_n0Z2eLbJstLlvD3X5lFSVD3uKvNJTYg_3wbTZEdVoIo9bIbGdsBOaGd6N2w7fCDQ8_ZLXia5okquppbp6_AhyEz0qXcsWVvmt2Io9t-HKbmZyZvTudn3IuRUDgWbfvIBvt0NSjD5qHHyLTyfn_dUwVvEIUHRH0zqGqhrvVnHpVJg6mByYyeU1YEKnJSpSORjNrmTXKapOGgNZHS0U-524LVFO677yO250upXgvahy62p4ovZ71JKYeGDtokUjdh8ewpz2QE5_0DU5iHNdnOdxmLBuIRJYb2C4tv3kZtgpT-yeucJ_A_oJh4XRwNp--TrxeBZj-dzDkFB4nC1ZV9gfpQNmjNCxtmBdGBKzFiuUMnbm0AD7Z22KGMlXVmKRKThT98lxUiT-4x_RdwzjMJU_bUP5PGHUgPYrjUsRxduXob9Z4GwHzYXb2HBbr2mqu8yfF7o7qEN64KIQKBU4W_8jvubvf9ngr9czj6YSfsnT0uBSaXkTfuVQrQYY09y6jLkKPNR-Rwiv3tEuJHUk8OnAbxAiVeZ547LNaK0QZ-JV2B-xzyy3mqlv4ELHaNaW3HNAQ48guZX_ae92GppSGqB4kUyoT4RC55JWXji15Txe395OvxcKDlrTqHt0XgIw9mZOp560N5_Dw-apKpbAeHEOzSnjGSBtbzclEF3W1alAcsEA_eD2eEhOYn3TrydJPQ0qG3OKyJNiaOu7finBbYfFqFLhwaxRLgXtpuWV-oEOrRWHLf9FaAdFBxVdgyisquEnwQUi2UdT9OBmJcSS1h8uyYnFmI9vUrbuHCq38egIuSGYjMUaEbbrYVdmB2uwah8liIeuvZHMei_gjTAWHiUD-1cLGp0iIQ-wibw8rmOQIIvC9XS87qVaYx9gIycPDBm3TTGNqeFsjJ93cvavXSAK7S_WFB1TRsPC2VIhnW1rj6AUwJ5u2jAIDII-1UnhTIb4OQ1QblkChLQyREuobGeqm_6C69Mi4kUOCTBKvJZvBj4MhKL323yxzo2kxrC5grjtM2Gjmj5L5xp2PsEBUtioJ3mCIgougun9JFX5D8tbR2ZggdssX23HiDv2n3bwEGqS7aTXmfMdeB26sBLQbF0cGUmO1HpqEjaZGEUmcEdC-oFrlIuopBfiJqboKX5AS3wNN9MwDXUBEjvDgH7sY47ZsJG6pMnIR4KeDWMOe95Q4du40y6W9JKwVE-4d5k4YcGQeziLPrrpCSwhurkrT-uiKmXLNYqID8CdD-C1Q73vLcr_R1oSsWnBRIJyFW2hLo0f1jn_B0t4LODFhptSg5Z3-B5R4obFjTbnX6FpwsaF2wcCX6Zss5e93-S_lj-j-L_tnf-ODZR1IvDF0DEtQTGmWPRHXuCKrZG-iALQzrMXLteJ87_tcscG5dcsUJ1g6WHZlTNWQCo5q9GbdYgRAo5jUvYOZUdm59sn3GRPp8O9WCGN5p1WbW0qTkMH3Yf4KuWUoDVkRrhb4-FeJiQSaDbqESkUjh2DBa_0DT5yPlCjUpxYly6sOd8MidJKVzl_X92DuBiaT-lYICDQqfdeAooi1SMI1eaBc_xiLRNuPLyWlydqhgeG90hrEPf7xNbISkhW-Z6h6cDfWCkpbUzJqa1lizXjNWSHyG6KCMLDtUuyZSbjEfcXQAY16ud1F_-nJwAlxJtyDCfhFHSae9MzRZDyMj6UIDMze7t0D5oDEOmdtFdP1-GWm0nmyN7vZr5X64T3mwp4ajioCUsMfeY_ziypcRVRL1pKtHZtvTR0Ye3PftMW310xZ-xHgmQL9uQUHb3r1IIoAyd9D-8Ow85mbGSWgXVHn4Ac2lZd3tzotIj4Yvw9dsE7jjhloDcR5cjIbwx-CF3S9YF3mmDSAF9qM8St48h3-ivzTXBBXT_bpD8XVxpFJ_dydp-MOJl8gSWoCxdh2T16JqAB42THRLrKg70LQTfCc-jITefk1XhwYKPYSN9bGgfDF9vt-XPr8cnHGKydhmQHayK_bDqmPOqT3Qq8yTT7Mtg7GfGkrXgLfa5zWcsEHiXIcotdyk8_lgujeHe6jz9cSwsdlppndjwUdUmHLQYaxvkggLszPeLxUVRhpYsb3N4NC3PW_aqfMneEc-_WluAKjPdfRkVnRPUEBHux239oeII7fF1c1-nNH5xv0cqHM74Mem_Mrjkul5_A2ro00YM_YNZf_mWlwgEu8_tDh7vK2qofpBX_JwR-PojAXTB0-Jaf4B4JsZ2wnY0_e8XW4L6Dq_FBW_jbrX26jz4ewd8IOsdod1-MmSaxuhlKEiAQGmrCXhbGWaHfvwig2rvkRgeOIMnL2FZxEqj1iCWPycm2l08KTqc0-wyzOFfXoRKcdAmmvjaDAlAWNNyJTLPuHykHWfnnpqEtFJ9nmo30LVWrTwoauUqLev2r1kv2QeJzKZ7VK-s5VaixYvknETy_26M6oyAG6XA8TBDHMGy880fg4MHrLQLVzzD1HBDXNYW2hd9j1uNHwfXQoBAvGjp6wCsPcu8NdAE40rnRAuOC68IHwxHUN2FY2gl0DjowMRqB-4rTAVHhvg0tpMpW_0ppqmMUSlsjn7tG4veX4FOhbL3nEcSwbGMoJuX3X2yh-_np4tataCBt6AFq24um9W2hLalJgxz8I73YzX3EZ9PeuUiPXvHBCoYjBo9DlWxl4QwpHtROVIX6Yo_N7i4Q67ij71en77FDuzwxAd3ygqdavvFJfER-GSvvRrIiU8-XYg-BAdA35yGVYjWb8PO_iQ6EfmVTTIu4ZCtGhCv1ZF9dmVWh&cid=CAQSTgDICaaNIAxTKUBTtzskD5z0P4v7-hH02dkCsdymdC5KBrxXfVlgUd7uNTz_tGCXsRRN7vUd4N4lYHzK-7QmpLt15Ei3RkZwgbb5z0I-7hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Flelive.weebly.com%2F&ds=l&xdt=1&iif=1&cor=10962992385944744000&adk=3047537734&idt=122&cac=0&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 88138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:32:51 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTk3OTMwOTA2MTgyMAogIHNlcnZlcl9pcDogMTM0MDU5MzMyCiAgcHJvY2Vzc19pZDogMjYzNDA0NTQ2Ngp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame 5D14 0
868 B 178ms
78ms Image
image/png 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTk3OTMwOTA2MTgyMAogIHNlcnZlcl9pcDogMTM0MDU5MzMyCiAgcHJvY2Vzc19pZDogMjYzNDA0NTQ2Ngp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAyNDk2MzM4MDUzNDIxMjk1OTkwCmRlYnVnX2tleTogMTQxNzY3NDMzNDQ4Njk3MTkyNDUKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTA3IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzQ4NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwODYzOAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xdd6e0c4d1a7f69b70000000000000000","13":"0xf6e879e7ce4e383f0000000000000000","14":"0xad1b0eaddbfae5a30000000000000000","15":"0x24884ba4f86bd91f0000000000000000"},"debug_key":"14176743344869719245","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"2496338053421295990"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame 5D14 11 KB
4 KB 125ms
40ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1701979308196142&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCih2ErCRyZa78C-Kq29gPs_a96A2m5b2gaYWVnKfJD_AuEAEgsqHeeGCVooCCmAfIAQmpAvSzraVwGrI-qAMByAObBKoEpgJP0Hlo2yGkeTWUpSjau97m4mSVEl-nR7M7e_zBhx_f6h0sL25xLeVnm9qszU1D8KxmqMn2gkom3Dwr87-106VwJ8PgGBcCsKS7JkYqLzJUxfucIX2Ol3hVLibcI_dVXqrpv9V3IPSVmTjRAsDhekfyWCzA8qhOUHrzaz9i34I2I1KcuK_F2HBXF94lw1bAsyNBVjmeWIE9QxLwttp7L9qDrHSnfq2LQ7NIS8BJsOdIkmY5s81vdiNrS-Y2TRkqQQFq8sFHg1giNWut_PaigB7b2ZtFU2lCrFJSIqE1VLIAUnX9aZNb8p8W-IYyNrDOXzQIRaqBaGMQBotSADw1XTBqqvDcZTODUb7cNV92IWC62BsUDIZxHWT_7oazV3S_bzNmbVpLIJDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg9fIgI_-ggOACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNIAxTKUBTtzskD5z0P4v7-hH02dkCsdymdC5KBrxXfVlgUd7uNTz_tGCXsRRN7vUd4N4lYHzK-7QmpLt15Ei3RkZwgbb5z0I-7hgB%26sig%3DAOD64_1nqJijob2XSlHeCr6XKrjTAKRQVQ%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQWXjMwudObANJGhEXUH61Ko41GFD16rl9VWTO-zKuNH432JtFCxEtZAq4EKGim6oNvkx8Seazr4sTQPmad7FmO8JeeDZGU2DHYxCaGduA4jXuZZ22-0_CUMmhOIKZ9xuDPWdxD-p3g-N3ijcFS_YvjHKur8orHzmff9MjuwPGojqEFak%26cry%3D1%26dbm_d%3DAKAmf-C1BzxjL-lJQQkAl4XB01zAn0kL4YoXbp00RasXQGAtVJbZklQ6smMPtjj-zS7FI6_ugOLq4LAcxkCAdwgGEc9T_CZNrAZx0AOgKQ-a8yur3nCj5dpSqw9KWAYsDBekTvHsgNWC7dFdVC3Ns5CXJuNFQQD0WkgK6iqCmwzyVtsGIDLDlhyKwXdP4Pwz7pqW3M4xDvS3zhs0jSZep_g6Hgoa7Nx2FM_OwVWGmplNxjqsRrd644qzmXPhgvZe0i-fnY_MoyQSAxjNo5UU1WS1LiHlfwxuotUS9ee9axvXTmm4gpBwAWcgP2-GtSVRWCRj36Ysl-5hryOb6i3YAYXp_eQ7Ph7J_PSLokjt5Fdpzzl4hS2N4DYPZIEdDQrPnIaip0QEibpLscR7GA28pyTdgzU4bs-WYeVVrD4OCEMLu_PBsgmoPhllFh1wkuOvSq9CQ_kl3-PPBO0J6DDo591yT-mWhFSlqL54WnyvRjRGVNq3vQrfJ_wYGorsSBT5sX5ixKdPk7_3%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1701979307&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307554&bpp=177&bdt=1050&idt=441&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=444
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 442291eae283f9703ac8165e034146c1fa4d5644ea4cddd0fda6113b0cb8ede6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:49 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4205
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 4D04 0
2 KB 147ms
67ms Document
text/html 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https://www.facebook.com/talksometingshit&width&layout=button_count&action=like&show_faces=false&share=false&height=80

Requested by

Host: widgetic.com
URL: https://widgetic.com/bundles/blogvioapp/js/editor/core.vendor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://widgetic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 07 Dec 2023 20:01:49 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: Ncj6LaZLyFgE+XHmpZCD5aeP7OPj41FmNoUO97B4X2Jpj1tTbgeOdzUsmaINCmYuuR8qB/clUctWEt8vFjR28g==
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 774B 38 KB
13 KB 39ms
39ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 287724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 12:06:25 GMT
expires: Tue, 03 Dec 2024 12:06:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 774B 39 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:17:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 19:17:03 GMT

GET
H/1.1

200
OK

request.php Show response
hal90001.redintelligence.net/ Frame 5D14
Redirect Chain

https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e440c02957&subid=&uid=2807aa93ef9f4dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e440c02957&subid=&uid=2807aa93ef9f4dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

185ms
107ms

Script
application/x-javascript

46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e440c02957&subid=&uid=2807aa93ef9f4dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCih2ErCRyZa78C-Kq29gPs_a96A2m5b2gaYWVnKfJD_AuEAEgsqHeeGCVooCCmAfIAQmpAvSzraVwGrI-qAMByAObBKoEpgJP0Hlo2yGkeTWUpSjau97m4mSVEl-nR7M7e_zBhx_f6h0sL25xLeVnm9qszU1D8KxmqMn2gkom3Dwr87-106VwJ8PgGBcCsKS7JkYqLzJUxfucIX2Ol3hVLibcI_dVXqrpv9V3IPSVmTjRAsDhekfyWCzA8qhOUHrzaz9i34I2I1KcuK_F2HBXF94lw1bAsyNBVjmeWIE9QxLwttp7L9qDrHSnfq2LQ7NIS8BJsOdIkmY5s81vdiNrS-Y2TRkqQQFq8sFHg1giNWut_PaigB7b2ZtFU2lCrFJSIqE1VLIAUnX9aZNb8p8W-IYyNrDOXzQIRaqBaGMQBotSADw1XTBqqvDcZTODUb7cNV92IWC62BsUDIZxHWT_7oazV3S_bzNmbVpLIJDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg9fIgI_-ggOACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNIAxTKUBTtzskD5z0P4v7-hH02dkCsdymdC5KBrxXfVlgUd7uNTz_tGCXsRRN7vUd4N4lYHzK-7QmpLt15Ei3RkZwgbb5z0I-7hgB%26sig%3DAOD64_1nqJijob2XSlHeCr6XKrjTAKRQVQ%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQWXjMwudObANJGhEXUH61Ko41GFD16rl9VWTO-zKuNH432JtFCxEtZAq4EKGim6oNvkx8Seazr4sTQPmad7FmO8JeeDZGU2DHYxCaGduA4jXuZZ22-0_CUMmhOIKZ9xuDPWdxD-p3g-N3ijcFS_YvjHKur8orHzmff9MjuwPGojqEFak%26cry%3D1%26dbm_d%3DAKAmf-C1BzxjL-lJQQkAl4XB01zAn0kL4YoXbp00RasXQGAtVJbZklQ6smMPtjj-zS7FI6_ugOLq4LAcxkCAdwgGEc9T_CZNrAZx0AOgKQ-a8yur3nCj5dpSqw9KWAYsDBekTvHsgNWC7dFdVC3Ns5CXJuNFQQD0WkgK6iqCmwzyVtsGIDLDlhyKwXdP4Pwz7pqW3M4xDvS3zhs0jSZep_g6Hgoa7Nx2FM_OwVWGmplNxjqsRrd644qzmXPhgvZe0i-fnY_MoyQSAxjNo5UU1WS1LiHlfwxuotUS9ee9axvXTmm4gpBwAWcgP2-GtSVRWCRj36Ysl-5hryOb6i3YAYXp_eQ7Ph7J_PSLokjt5Fdpzzl4hS2N4DYPZIEdDQrPnIaip0QEibpLscR7GA28pyTdgzU4bs-WYeVVrD4OCEMLu_PBsgmoPhllFh1wkuOvSq9CQ_kl3-PPBO0J6DDo591yT-mWhFSlqL54WnyvRjRGVNq3vQrfJ_wYGorsSBT5sX5ixKdPk7_3%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=8321847774517&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1701979307&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307554&bpp=177&bdt=1050&idt=441&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=444
Protocol: HTTP/1.1
Server: 46.4.10.49 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: 3e6f25619d461dfcd8bcb4b8714133844f7482db353d46108db9979034f50e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Dec 2023 20:01:49 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 93229600138263504444550012531001
Connection: close
Content-Length: 1323
Expires: Thu, 07 Dec 2023 20:01:49 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 07 Dec 2023 20:01:49 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e440c02957&subid=&uid=2807aa93ef9f4dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCih2ErCRyZa78C-Kq29gPs_a96A2m5b2gaYWVnKfJD_AuEAEgsqHeeGCVooCCmAfIAQmpAvSzraVwGrI-qAMByAObBKoEpgJP0Hlo2yGkeTWUpSjau97m4mSVEl-nR7M7e_zBhx_f6h0sL25xLeVnm9qszU1D8KxmqMn2gkom3Dwr87-106VwJ8PgGBcCsKS7JkYqLzJUxfucIX2Ol3hVLibcI_dVXqrpv9V3IPSVmTjRAsDhekfyWCzA8qhOUHrzaz9i34I2I1KcuK_F2HBXF94lw1bAsyNBVjmeWIE9QxLwttp7L9qDrHSnfq2LQ7NIS8BJsOdIkmY5s81vdiNrS-Y2TRkqQQFq8sFHg1giNWut_PaigB7b2ZtFU2lCrFJSIqE1VLIAUnX9aZNb8p8W-IYyNrDOXzQIRaqBaGMQBotSADw1XTBqqvDcZTODUb7cNV92IWC62BsUDIZxHWT_7oazV3S_bzNmbVpLIJDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg9fIgI_-ggOACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNIAxTKUBTtzskD5z0P4v7-hH02dkCsdymdC5KBrxXfVlgUd7uNTz_tGCXsRRN7vUd4N4lYHzK-7QmpLt15Ei3RkZwgbb5z0I-7hgB%26sig%3DAOD64_1nqJijob2XSlHeCr6XKrjTAKRQVQ%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQWXjMwudObANJGhEXUH61Ko41GFD16rl9VWTO-zKuNH432JtFCxEtZAq4EKGim6oNvkx8Seazr4sTQPmad7FmO8JeeDZGU2DHYxCaGduA4jXuZZ22-0_CUMmhOIKZ9xuDPWdxD-p3g-N3ijcFS_YvjHKur8orHzmff9MjuwPGojqEFak%26cry%3D1%26dbm_d%3DAKAmf-C1BzxjL-lJQQkAl4XB01zAn0kL4YoXbp00RasXQGAtVJbZklQ6smMPtjj-zS7FI6_ugOLq4LAcxkCAdwgGEc9T_CZNrAZx0AOgKQ-a8yur3nCj5dpSqw9KWAYsDBekTvHsgNWC7dFdVC3Ns5CXJuNFQQD0WkgK6iqCmwzyVtsGIDLDlhyKwXdP4Pwz7pqW3M4xDvS3zhs0jSZep_g6Hgoa7Nx2FM_OwVWGmplNxjqsRrd644qzmXPhgvZe0i-fnY_MoyQSAxjNo5UU1WS1LiHlfwxuotUS9ee9axvXTmm4gpBwAWcgP2-GtSVRWCRj36Ysl-5hryOb6i3YAYXp_eQ7Ph7J_PSLokjt5Fdpzzl4hS2N4DYPZIEdDQrPnIaip0QEibpLscR7GA28pyTdgzU4bs-WYeVVrD4OCEMLu_PBsgmoPhllFh1wkuOvSq9CQ_kl3-PPBO0J6DDo591yT-mWhFSlqL54WnyvRjRGVNq3vQrfJ_wYGorsSBT5sX5ixKdPk7_3%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=8321847774517&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 07 Dec 2023 20:01:49 +0100

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 774B 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BGANkrSRyZfziA8Sq9u8PmrCB6AkAAAAAOAHgBAI&bg=!GhmlGVbNAAY3kmNgF5I7ADQBe5WfOP2DD1-zL-5s6x86169DCb7b0_nFINaPduWM7MryIPe_ySPUBNF6RQ0brubRwAYCAgAAAD5SAAAAAWgBBwoATGumm0NSDX8HvZmh3VC9Y2N3bLc7B-KOmi-0dq8AJIKWz0UIHvm1x9a5Rs1nU-KnB4PTbM-kjCDl5SNi6xV4bj2DQIu2SDqE7F_OMpOZAxsSzA4bwRXsFatWKMlDqYmlMyHERKMsUmB-iQgrtSqGeTfWCq5NAdcqTI-UYF9NiF6TTHUlGIts-dK2Hzh1EDG3jq0ZWe_Z5U4VoPlJyk-vO756Mle7I8RndvQ9JxK1_LPv0iQcPj5xk36hM2_ujPJFKKLFIhMHJuJNJ1WqLhAnyNsA7cHYvbVcIeaPRps43eFFdIQTAnI24osV0t5QKUB61ou5tRuOVGEoTHZudqwvkR4AeALQPB1yiH_r-DZ34hFe4It4D6uSUPrfwT5Nr2DWvib_PVnikULhv4flGmV-qWBuJQF8l4Gx-nXwt-ZA8ArSOH6WfikumF8GP3hqeQRNHB_gEZfUm14nifLhid7DpRgs3vLxaZ3VlFzS-jrVE_iy9VKEcOz-uWUNyYMisT5AHIMGhzzpooHpxP-bmQDhMJMByiId07Ov8z7n6q5Xz4bx_MPbT_vaWoEe9gjm8wNlTLY9k4F2ac9fFyjmHbynoS6tAt1l8It2qulFWWRJ50nc1N-S-NghXQh-GcZH5ggoVMe2Y0K0KZukaRJh5luRWWkSUK0y642gllJ4tGd_76apU36AGPLWM5TPzHROVQDduX1IkEIF-MSEqxQoZ0bqLrYgo2Up6OLABn_6fQWylb66xFNa7Ofil9TRUXgYhOinloatD1dbC5_7HTG48wuRxdzizSbSqL-IZshfof0z305E87voqtsQTv39IZFydVkjRLxRCEFJr7I09ZphC3XttqUbsHnb9t2RHy0kgwI5d4YKZvqxmqFpc1Phqrq4qoOl8DqrvOGd0nNCCkkrF2OADJQV36YaTyP5_3QegW2bRuBAySTvms87R-Loe_GBa59TfyzE65bvMMgTgdmnoZvsQNrO-pCtR1tPi-bdcDG4UpLmH_1-ka4jK7TDcEJ2g7JpOVln7Efv9Bhz4ReqywtVO7rYQ9IKj6WH814FtrGUAqcTWlaqG05Y97WxeU_Z8OdsFEMD7bFgfxcvU4ZDY_TNthxBb2s5nZ7qWRbrPNMrCXaF7j4AW2PgTlEsoTLTAv9PuFyRP-5dzjhi_aQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

htlp Show response
futalis.de/ Frame 4A1D
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=93229600138263504444550012531001&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3369967619

350 B
401 B

138ms
43ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3369967619
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e440c02957&subid=&uid=2807aa93ef9f4dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCih2ErCRyZa78C-Kq29gPs_a96A2m5b2gaYWVnKfJD_AuEAEgsqHeeGCVooCCmAfIAQmpAvSzraVwGrI-qAMByAObBKoEpgJP0Hlo2yGkeTWUpSjau97m4mSVEl-nR7M7e_zBhx_f6h0sL25xLeVnm9qszU1D8KxmqMn2gkom3Dwr87-106VwJ8PgGBcCsKS7JkYqLzJUxfucIX2Ol3hVLibcI_dVXqrpv9V3IPSVmTjRAsDhekfyWCzA8qhOUHrzaz9i34I2I1KcuK_F2HBXF94lw1bAsyNBVjmeWIE9QxLwttp7L9qDrHSnfq2LQ7NIS8BJsOdIkmY5s81vdiNrS-Y2TRkqQQFq8sFHg1giNWut_PaigB7b2ZtFU2lCrFJSIqE1VLIAUnX9aZNb8p8W-IYyNrDOXzQIRaqBaGMQBotSADw1XTBqqvDcZTODUb7cNV92IWC62BsUDIZxHWT_7oazV3S_bzNmbVpLIJDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg9fIgI_-ggOACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNIAxTKUBTtzskD5z0P4v7-hH02dkCsdymdC5KBrxXfVlgUd7uNTz_tGCXsRRN7vUd4N4lYHzK-7QmpLt15Ei3RkZwgbb5z0I-7hgB%26sig%3DAOD64_1nqJijob2XSlHeCr6XKrjTAKRQVQ%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQWXjMwudObANJGhEXUH61Ko41GFD16rl9VWTO-zKuNH432JtFCxEtZAq4EKGim6oNvkx8Seazr4sTQPmad7FmO8JeeDZGU2DHYxCaGduA4jXuZZ22-0_CUMmhOIKZ9xuDPWdxD-p3g-N3ijcFS_YvjHKur8orHzmff9MjuwPGojqEFak%26cry%3D1%26dbm_d%3DAKAmf-C1BzxjL-lJQQkAl4XB01zAn0kL4YoXbp00RasXQGAtVJbZklQ6smMPtjj-zS7FI6_ugOLq4LAcxkCAdwgGEc9T_CZNrAZx0AOgKQ-a8yur3nCj5dpSqw9KWAYsDBekTvHsgNWC7dFdVC3Ns5CXJuNFQQD0WkgK6iqCmwzyVtsGIDLDlhyKwXdP4Pwz7pqW3M4xDvS3zhs0jSZep_g6Hgoa7Nx2FM_OwVWGmplNxjqsRrd644qzmXPhgvZe0i-fnY_MoyQSAxjNo5UU1WS1LiHlfwxuotUS9ee9axvXTmm4gpBwAWcgP2-GtSVRWCRj36Ysl-5hryOb6i3YAYXp_eQ7Ph7J_PSLokjt5Fdpzzl4hS2N4DYPZIEdDQrPnIaip0QEibpLscR7GA28pyTdgzU4bs-WYeVVrD4OCEMLu_PBsgmoPhllFh1wkuOvSq9CQ_kl3-PPBO0J6DDo591yT-mWhFSlqL54WnyvRjRGVNq3vQrfJ_wYGorsSBT5sX5ixKdPk7_3%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=8321847774517&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 07 Dec 2023 20:01:50 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3369967619
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame B7BF 0
326 B 389ms
53ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=93229600138263504444550012531001&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e440c02957&subid=&uid=2807aa93ef9f4dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCih2ErCRyZa78C-Kq29gPs_a96A2m5b2gaYWVnKfJD_AuEAEgsqHeeGCVooCCmAfIAQmpAvSzraVwGrI-qAMByAObBKoEpgJP0Hlo2yGkeTWUpSjau97m4mSVEl-nR7M7e_zBhx_f6h0sL25xLeVnm9qszU1D8KxmqMn2gkom3Dwr87-106VwJ8PgGBcCsKS7JkYqLzJUxfucIX2Ol3hVLibcI_dVXqrpv9V3IPSVmTjRAsDhekfyWCzA8qhOUHrzaz9i34I2I1KcuK_F2HBXF94lw1bAsyNBVjmeWIE9QxLwttp7L9qDrHSnfq2LQ7NIS8BJsOdIkmY5s81vdiNrS-Y2TRkqQQFq8sFHg1giNWut_PaigB7b2ZtFU2lCrFJSIqE1VLIAUnX9aZNb8p8W-IYyNrDOXzQIRaqBaGMQBotSADw1XTBqqvDcZTODUb7cNV92IWC62BsUDIZxHWT_7oazV3S_bzNmbVpLIJDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg9fIgI_-ggOACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNIAxTKUBTtzskD5z0P4v7-hH02dkCsdymdC5KBrxXfVlgUd7uNTz_tGCXsRRN7vUd4N4lYHzK-7QmpLt15Ei3RkZwgbb5z0I-7hgB%26sig%3DAOD64_1nqJijob2XSlHeCr6XKrjTAKRQVQ%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQWXjMwudObANJGhEXUH61Ko41GFD16rl9VWTO-zKuNH432JtFCxEtZAq4EKGim6oNvkx8Seazr4sTQPmad7FmO8JeeDZGU2DHYxCaGduA4jXuZZ22-0_CUMmhOIKZ9xuDPWdxD-p3g-N3ijcFS_YvjHKur8orHzmff9MjuwPGojqEFak%26cry%3D1%26dbm_d%3DAKAmf-C1BzxjL-lJQQkAl4XB01zAn0kL4YoXbp00RasXQGAtVJbZklQ6smMPtjj-zS7FI6_ugOLq4LAcxkCAdwgGEc9T_CZNrAZx0AOgKQ-a8yur3nCj5dpSqw9KWAYsDBekTvHsgNWC7dFdVC3Ns5CXJuNFQQD0WkgK6iqCmwzyVtsGIDLDlhyKwXdP4Pwz7pqW3M4xDvS3zhs0jSZep_g6Hgoa7Nx2FM_OwVWGmplNxjqsRrd644qzmXPhgvZe0i-fnY_MoyQSAxjNo5UU1WS1LiHlfwxuotUS9ee9axvXTmm4gpBwAWcgP2-GtSVRWCRj36Ysl-5hryOb6i3YAYXp_eQ7Ph7J_PSLokjt5Fdpzzl4hS2N4DYPZIEdDQrPnIaip0QEibpLscR7GA28pyTdgzU4bs-WYeVVrD4OCEMLu_PBsgmoPhllFh1wkuOvSq9CQ_kl3-PPBO0J6DDo591yT-mWhFSlqL54WnyvRjRGVNq3vQrfJ_wYGorsSBT5sX5ixKdPk7_3%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=8321847774517&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Thu, 07 Dec 2023 20:01:50 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame 10DA 930 B
923 B 165ms
39ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e440c02957&subid=&uid=2807aa93ef9f4dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCih2ErCRyZa78C-Kq29gPs_a96A2m5b2gaYWVnKfJD_AuEAEgsqHeeGCVooCCmAfIAQmpAvSzraVwGrI-qAMByAObBKoEpgJP0Hlo2yGkeTWUpSjau97m4mSVEl-nR7M7e_zBhx_f6h0sL25xLeVnm9qszU1D8KxmqMn2gkom3Dwr87-106VwJ8PgGBcCsKS7JkYqLzJUxfucIX2Ol3hVLibcI_dVXqrpv9V3IPSVmTjRAsDhekfyWCzA8qhOUHrzaz9i34I2I1KcuK_F2HBXF94lw1bAsyNBVjmeWIE9QxLwttp7L9qDrHSnfq2LQ7NIS8BJsOdIkmY5s81vdiNrS-Y2TRkqQQFq8sFHg1giNWut_PaigB7b2ZtFU2lCrFJSIqE1VLIAUnX9aZNb8p8W-IYyNrDOXzQIRaqBaGMQBotSADw1XTBqqvDcZTODUb7cNV92IWC62BsUDIZxHWT_7oazV3S_bzNmbVpLIJDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg9fIgI_-ggOACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNIAxTKUBTtzskD5z0P4v7-hH02dkCsdymdC5KBrxXfVlgUd7uNTz_tGCXsRRN7vUd4N4lYHzK-7QmpLt15Ei3RkZwgbb5z0I-7hgB%26sig%3DAOD64_1nqJijob2XSlHeCr6XKrjTAKRQVQ%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQWXjMwudObANJGhEXUH61Ko41GFD16rl9VWTO-zKuNH432JtFCxEtZAq4EKGim6oNvkx8Seazr4sTQPmad7FmO8JeeDZGU2DHYxCaGduA4jXuZZ22-0_CUMmhOIKZ9xuDPWdxD-p3g-N3ijcFS_YvjHKur8orHzmff9MjuwPGojqEFak%26cry%3D1%26dbm_d%3DAKAmf-C1BzxjL-lJQQkAl4XB01zAn0kL4YoXbp00RasXQGAtVJbZklQ6smMPtjj-zS7FI6_ugOLq4LAcxkCAdwgGEc9T_CZNrAZx0AOgKQ-a8yur3nCj5dpSqw9KWAYsDBekTvHsgNWC7dFdVC3Ns5CXJuNFQQD0WkgK6iqCmwzyVtsGIDLDlhyKwXdP4Pwz7pqW3M4xDvS3zhs0jSZep_g6Hgoa7Nx2FM_OwVWGmplNxjqsRrd644qzmXPhgvZe0i-fnY_MoyQSAxjNo5UU1WS1LiHlfwxuotUS9ee9axvXTmm4gpBwAWcgP2-GtSVRWCRj36Ysl-5hryOb6i3YAYXp_eQ7Ph7J_PSLokjt5Fdpzzl4hS2N4DYPZIEdDQrPnIaip0QEibpLscR7GA28pyTdgzU4bs-WYeVVrD4OCEMLu_PBsgmoPhllFh1wkuOvSq9CQ_kl3-PPBO0J6DDo591yT-mWhFSlqL54WnyvRjRGVNq3vQrfJ_wYGorsSBT5sX5ixKdPk7_3%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=8321847774517&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 07 Dec 2023 20:01:50 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 14 Dec 2023 20:01:50 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 link.html Show response
track.webgains.com/ Frame 5D14 2 KB
2 KB 478ms
100ms Script
text/html 3.11.198.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=93229600138263504444550012531001&nw=1
Requested by: Host: lelive.weebly.com
URL: https://lelive.weebly.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.198.160 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-198-160.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: a514218b6fac90685ccb8c2186fd46d4814143e8bfe3bdf6daf8355fb9728116

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:50 GMT
last-modified: Thu, 07 Dec 2023 20:01:50 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 07 Dec 2023 20:02:50 GMT

GET
H2

200

activityi;dc_pre=CJe-xYGP_oIDFX5GHgId5qAJmg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1293498957276.0847 Show response
5994599.fls.doubleclick.net/ Frame C681
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1293498957276.0847?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJe-xYGP_oIDFX5GHgId5qAJmg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1293498957276.0847?

392 B
326 B

85ms
85ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJe-xYGP_oIDFX5GHgId5qAJmg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1293498957276.0847?

Requested by

Host: lelive.weebly.com
URL: https://lelive.weebly.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

fc4663da00c4539006af9a2947643febf424d9b96d2dff229d242ac5d2287cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:50 GMT
expires: Thu, 07 Dec 2023 20:01:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:50 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJe-xYGP_oIDFX5GHgId5qAJmg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1293498957276.0847?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90001.redintelligence.net/ Frame D1EF 7 KB
2 KB 118ms
39ms Document
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/request_content.php?s=93229600138263504444550012531001&a=bff0f85c
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=e440c02957&subid=&uid=2807aa93ef9f4dfc&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCih2ErCRyZa78C-Kq29gPs_a96A2m5b2gaYWVnKfJD_AuEAEgsqHeeGCVooCCmAfIAQmpAvSzraVwGrI-qAMByAObBKoEpgJP0Hlo2yGkeTWUpSjau97m4mSVEl-nR7M7e_zBhx_f6h0sL25xLeVnm9qszU1D8KxmqMn2gkom3Dwr87-106VwJ8PgGBcCsKS7JkYqLzJUxfucIX2Ol3hVLibcI_dVXqrpv9V3IPSVmTjRAsDhekfyWCzA8qhOUHrzaz9i34I2I1KcuK_F2HBXF94lw1bAsyNBVjmeWIE9QxLwttp7L9qDrHSnfq2LQ7NIS8BJsOdIkmY5s81vdiNrS-Y2TRkqQQFq8sFHg1giNWut_PaigB7b2ZtFU2lCrFJSIqE1VLIAUnX9aZNb8p8W-IYyNrDOXzQIRaqBaGMQBotSADw1XTBqqvDcZTODUb7cNV92IWC62BsUDIZxHWT_7oazV3S_bzNmbVpLIJDABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYg9fIgI_-ggOACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAkRFsBOH77EV0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNIAxTKUBTtzskD5z0P4v7-hH02dkCsdymdC5KBrxXfVlgUd7uNTz_tGCXsRRN7vUd4N4lYHzK-7QmpLt15Ei3RkZwgbb5z0I-7hgB%26sig%3DAOD64_1nqJijob2XSlHeCr6XKrjTAKRQVQ%26client%3Dca-pub-1181746742151021%26dbm_c%3DAKAmf-BQWXjMwudObANJGhEXUH61Ko41GFD16rl9VWTO-zKuNH432JtFCxEtZAq4EKGim6oNvkx8Seazr4sTQPmad7FmO8JeeDZGU2DHYxCaGduA4jXuZZ22-0_CUMmhOIKZ9xuDPWdxD-p3g-N3ijcFS_YvjHKur8orHzmff9MjuwPGojqEFak%26cry%3D1%26dbm_d%3DAKAmf-C1BzxjL-lJQQkAl4XB01zAn0kL4YoXbp00RasXQGAtVJbZklQ6smMPtjj-zS7FI6_ugOLq4LAcxkCAdwgGEc9T_CZNrAZx0AOgKQ-a8yur3nCj5dpSqw9KWAYsDBekTvHsgNWC7dFdVC3Ns5CXJuNFQQD0WkgK6iqCmwzyVtsGIDLDlhyKwXdP4Pwz7pqW3M4xDvS3zhs0jSZep_g6Hgoa7Nx2FM_OwVWGmplNxjqsRrd644qzmXPhgvZe0i-fnY_MoyQSAxjNo5UU1WS1LiHlfwxuotUS9ee9axvXTmm4gpBwAWcgP2-GtSVRWCRj36Ysl-5hryOb6i3YAYXp_eQ7Ph7J_PSLokjt5Fdpzzl4hS2N4DYPZIEdDQrPnIaip0QEibpLscR7GA28pyTdgzU4bs-WYeVVrD4OCEMLu_PBsgmoPhllFh1wkuOvSq9CQ_kl3-PPBO0J6DDo591yT-mWhFSlqL54WnyvRjRGVNq3vQrfJ_wYGorsSBT5sX5ixKdPk7_3%26adurl%3D&documentReferer=https%3A%2F%2Flelive.weebly.com%2F&ancestorOrigins=https%3A%2F%2Flelive.weebly.com&random=8321847774517&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: aba64b03e6b3d874c1f7a95f59585bcdf9e8ca799dcbf9069080494291811db9

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2096
Content-Type: text/html; charset=utf-8
Date: Thu, 07 Dec 2023 20:01:50 GMT
Expires: Thu, 07 Dec 2023 20:01:50 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2

200

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame 5D14
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=93229600138263504444550012531001&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=93229600138263504444550012531001&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
361 B

232ms
52ms

Image
image/gif

91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=93229600138263504444550012531001&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1701979307&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307554&bpp=177&bdt=1050&idt=441&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=444
Protocol: H2
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:50 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=93229600138263504444550012531001&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Thu, 07 Dec 2023 20:01:50 GMT
server: nginx
content-length: 138
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 5D14 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0de8e4c324d432c31c6dc4b2c14dabf492a0a935d8faf65bc1e3cbd3ecf4fa3c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame D1EF 2 KB
530 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=93229600138263504444550012531001&a=bff0f85c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Dec 2023 20:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 18:35:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Dec 2023 20:01:50 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D1EF 7 KB
8 KB 117ms
40ms Image
image/png 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/627x627.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=93229600138263504444550012531001&a=bff0f85c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 65c01c07a2dd8d094569a5979d032045eb833bd489b00503dc7ac320b4b284e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:50 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 7633
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D1EF 10 KB
10 KB 118ms
41ms Image
image/png 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-627x627.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=93229600138263504444550012531001&a=bff0f85c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 07a4b5165d6774cd96961838ea564cda76ae205fdd7e06b1962a34ca096030f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:50 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9889
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D1EF 9 KB
9 KB 119ms
41ms Image
image/png 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=62&height=62&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/627x627_Office-Partner.jpg
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=93229600138263504444550012531001&a=bff0f85c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 512144cf1c61200783d13a788847078c6b881924bd9e709526d9a1a1f22a25c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:50 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 9248
Vary: Accept-Encoding
Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 06D2 42 B
64 B 154ms
76ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQxDneZZmsrjv2FMAWu-nAN_0oZ0yheXjv7oT8uUkYd-4enyt_w9IsYR4v3-dGis7plG6xNTn7bVAuqvd45xNldbGkLYA7Vfuohg44BOSaBkxPZbPSQnYJX9evG7Fg20AF--RCscO6J5Og&sai=AMfl-YSc9NgC3joazO0dx2eXCVqGRhrzlNadzQdAeWCHpgmkbrcWGkCI8XXIgnka7o_3HrjdnQshkm19Zk-fxhKzaQ7iAwgYZmLftSGja-peLjZT2dA7tecT9S2uNg1d9kZ2wFaD3GcgPGxvd0YsXa7bFDeHWIHDcSZEPhuO&sig=Cg0ArKJSzMaHw3LayfhDEAE&cid=CAQSTwDICaaNm-jJ7MeKiQjCdeG_kPe8usQ_alWtIu4fMyDk7J7wlwoj3ifIUsjy6X0ofD13tKhJfxFeRDCemdSsB9MgZLF_8PC4q6JtTe8J6NgYAQ&id=lidar2&mcvt=1008&p=0,0,60,468&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3728641180&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701979307988&rpt=1079&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 10DA 175 KB
63 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b319d4dd784833c24348df0c14fcdf5fcae5ee17d96bfd82cc8955a7a1e2774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64126
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 07 Dec 2023 20:01:50 GMT

GET
H/1.1 200
OK viewability Show response
hal90001.redintelligence.net/ Frame D1EF 0
150 B 117ms
40ms Script
text/html 46.4.10.49
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90001.redintelligence.net/viewability?s=93229600138263504444550012531001&a=721dc1a8&vb=m
Requested by: Host: hal90001.redintelligence.net
URL: https://hal90001.redintelligence.net/request_content.php?s=93229600138263504444550012531001&a=bff0f85c
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.10.49 Rostock, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.49.10.4.46.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90001.redintelligence.net/request_content.php?s=93229600138263504444550012531001&a=bff0f85c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Thu, 07 Dec 2023 20:01:50 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame F1ED 28 B
54 B 56ms
54ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Goog-Request-Time: 1701979310161
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/dTk3BO54_8Y?wmode=opaque
X-YouTube-Client-Version: 1.20231128.01.01
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHMFpQZzhuLVVDRSirycirBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1701979307963&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1080%2C638&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 07 Dec 2023 20:01:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 07 Dec 2023 20:01:50 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 10DA 274 KB
91 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3d5738d3976bcf37180ece5a4aec5a3340ea8b117e23212d53251a40012a4b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93102
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Dec 2023 20:01:50 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 4A1D 5 KB
5 KB 37ms
37ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3369967619
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 Frankfurt am Main, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:50 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 dc_pre=CJe-xYGP_oIDFX5GHgId5qAJmg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1293498957276.0847
adservice.google.com/ddm/fls/z/ Frame C681 42 B
401 B 165ms
78ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJe-xYGP_oIDFX5GHgId5qAJmg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1293498957276.0847

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJe-xYGP_oIDFX5GHgId5qAJmg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1293498957276.0847?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 5D14 53 KB
19 KB 185ms
53ms Script
application/javascript 3.160.212.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=93229600138263504444550012531001&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.212.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-212-123.mxp53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 01:58:50 GMT
content-encoding: gzip
via: 1.1 7e5d12e915857fb2d78e5869a77d7b1c.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: MXP53-P3
age: 64984
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Bnt47IArnWrw6GCVdZ0b_SHo5mzCqa-Y39yF884iw9evM-kv562DMg==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 5D14 3 KB
3 KB 162ms
45ms Image
image/png 18.245.187.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1701979610&Signature=d1H1ZfGlqbYmfK9yVlIw4I15iRNvaKkKch6HXU~r8q2oZ4blcX1jYDLWGzo0UZ~Q2p5s6lKNLENKZnof8153c8KwcYczCMCD0N3K8n1Vd-v9FLZluUjoG0wgBKQOam2PvVMuryhef5LX1VQFzBpCzmDnsooKDh8EKnjB0WDTjovxU317fSIpdMB98vd2lmMIg1llCQEtoNKyX~9iuuSUMZioFKdq~hBAQ-Xi5nDRFh1LF3M2P2yG3FjvzBAk-7q90HScNZN8XpThXo4U8mFJ8FldjAqYC5Sl6u5klcqUivcbCdUG9q3Oqxy89G5~4gF-4zPFKjSCngeTteUUIwh2Hg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1181746742151021&output=html&h=90&adk=1773158521&adf=2910926905&w=728&lmt=1701979307&ad_type=text_image&format=728x90_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=0F53FF&color_text=000000&color_url=008000&url=https%3A%2F%2Flelive.weebly.com%2F&ea=0&host=pub-1188695032238888&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701979307554&bpp=177&bdt=1050&idt=441&shv=r20231205&mjsv=m202311300101&ptt=5&saldr=sd&abxe=1&prev_fmts=468x60_as%2C728x90_as&correlator=8492969922840&frm=20&pv=1&ga_vid=1248546258.1701979308&ga_sid=1701979308&ga_hid=640980279&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=110&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079929%2C31079979%2C44795921%2C31079954%2C44807764%2C44808148%2C44808284%2C95320230%2C31079987&oid=2&pvsid=2576826132042316&tmod=1449287864&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeEbr%7Cp&abl=XS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=444
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.187.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-187-11.lhr5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 07 Dec 2023 12:12:15 GMT
via: 1.1 aeeb25fbc1dcc39846d0f257e045d3be.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: LHR5-P3
age: 28176
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: TpBuanNuoIv3yj8LdW1EoKWVVvA9Nf0xTVvn9GTI_3yJf6OnD50fmQ==

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 6E53 28 B
54 B 60ms
57ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Goog-Request-Time: 1701979310524
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/yV8FdhSmz2Y?wmode=opaque
X-YouTube-Client-Version: 1.20231128.01.01
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHMFpQZzhuLVVDRSisycirBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1701979308314&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1080%2C638&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 07 Dec 2023 20:01:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 07 Dec 2023 20:01:50 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 114ms
113ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231205&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcb9b01d5d7ace22181d0919adb698675281c1a4f26a0591549e25e3a926460c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12241
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 228B 28 B
54 B 87ms
84ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Goog-Request-Time: 1701979310631
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/StpFz8qbB44?wmode=opaque
X-YouTube-Client-Version: 1.20231128.01.01
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtHMFpQZzhuLVVDRSisycirBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1701979308317&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1080%2C638&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 07 Dec 2023 20:01:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 07 Dec 2023 20:01:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 20:01:50 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ADEA 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 24145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 13:19:25 GMT
expires: Fri, 06 Dec 2024 13:19:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9438 829 B
560 B 51ms
51ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

207486769c2e0943556d3f03968e51cdc08b799b1d31f57cf5dc83d1ef2672a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_4wlI7e0NRvzMeLJLKl2Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lelive.weebly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_4wlI7e0NRvzMeLJLKl2Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:01:50 GMT
expires: Thu, 07 Dec 2023 20:01:50 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 4344 28 B
54 B 58ms
57ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Goog-Request-Time: 1701979310941
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/MzIH2rn72NE?wmode=opaque
X-YouTube-Client-Version: 1.20231128.01.01
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: Cgt2TmUxVVhFS29ITSirycirBjIICgJERRICEgA%3D
X-YouTube-Ad-Signals: dt=1701979308255&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1080%2C638&vis=1&wgl=true&ca_type=image

Response headers

date: Thu, 07 Dec 2023 20:01:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Thu, 07 Dec 2023 20:01:50 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame ADEA 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:17:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 19:17:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9438 0
0 73ms
73ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231205&jk=2576826132042316&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ADEA 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?QroWQQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:01:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 5D14 16 B
209 B 93ms
92ms Fetch
application/json 3.10.29.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-10-29-13.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Dec 2023 20:01:51 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 184ms
50ms Preflight 3.10.29.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.29.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-29-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Thu, 07 Dec 2023 20:01:51 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D14 0
20 B 73ms
73ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8722412938657&version=m202309260101&ct=77&x=1&cor=10962992385944744000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 20:01:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231205&jk=2576826132042316&bg=!hYalhsnNAAY3kmNgF5I7ADQBe5WfOD0DalaCjYwxGdy7Y85GPYh_M77mPMWPjYNrUl8o3E09l-rKeKKLRWYs_JcDAKJcAgAAAERSAAAAAmgBB5kC-QMzohqR10N1_ARBw7itTNdReFnTnCE7FtLS7mJxQP8IfCbF51Qcd_2PCu9LrwdR3yd66c1Q9zDNVf9KnQa-S369laUXVYMG1WHQJec0Kyb-KnCt5Ti-74bg6cD9EVEKTDQ-3mNL9iyS0_hKIotlyPJwA9lovxUZjg4iAQ1w2EpTruFsR_Psx7LZ5pbJtw3vGr2j0JLWjJp2fac_YbzInKYCIHnm047wynVk8qAu8KyOUAoZoeMSTSQSBALnXyxkXdLt24mhJDWZusQd_xjB2QHc0UC000lh8_j35ur6n-HllsJDtRfOaeX8LpKMdoIEArMU9Wg0WdGWcBuJBkwEzirMGZRFPGfJN-ulCHMDErTnxLFU4iTmbMpGCzlhbT-K7S2IYu6kipChMFkEGFEP3kBWOi6K0ppsgaGw3ZnNdsFnh8WhurRQdP8fyzIRo3oqoSP5EwOhIwHT2VdjSUgKqrnK8a9grIEmyyrh1i_FOOvldiN8-_jPf5aKnro_HVGl_bW73RfCyoWMFIi8MqCkgAVCxl-Mtscc89VisroSLdYnGULX9caT0Yak1D1McqdTYq91Siy5DsYFo06uQTjUN2oSK4BTyRvDe0epC484lOkftIy7e_aQcuCLp375OBJE0IIstRV7WryDdhIMldapBdr3H6d6abEV00hhSGUnTO_8PyaB4c9fOdLskcxiLchzzhN3b3rKn3bLdFQF5SzQXf-4oaz36H1AvaatoVOSkbjXAm4yhy-ZageQYFBIiXOgUQGvGNQVuhY6vCjuOudfmgTJH89SjoR8oET2vvUOh0YU0rzGcas5KxeV3CHS7FQuwYHulBfwL8vS-F00pGVvS1MeVRNZ_juRhStRGSrS16juVqp59T3s6DO-xUw304TIekzbqbiDpWxwnt28AY2iX1cH8AcNCTh58TOl_JFKXmBS6Y-wwZj4xvndzFJur-NerjDG9kJIIoua5SQgyj8zy4b1wFsRU0m8PVF8RD6Pul3sjNqKZbnLTyWo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lelive.weebly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

283 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lelive.weebly.com/	1969-12-31 23:59:59	Name: is_mobile Value: 0
lelive.weebly.com/	1970-01-20 17:06:28	Name: language Value: de_DE
.weebly.com/	1969-12-31 23:59:59	Name: sto-id-editor Value: EMFHBMAK
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: lm32hyNGOvk
.youtube.com/	1970-01-20 21:05:31	Name: VISITOR_INFO1_LIVE Value: vNe1UXEKoHM
.weebly.com/	1970-01-21 02:07:55	Name: __gads Value: ID=2631426f98406626:T=1701979308:RT=1701979308:S=ALNI_MbML1a03j6vl8PG5oKZ50VVD_Gg8Q
.weebly.com/	1970-01-21 02:07:55	Name: __gpi Value: UID=00000d0f66c36042:T=1701979308:RT=1701979308:S=ALNI_MYBkt9VZQWpaerQJLBbMF7cfUwWow
.doubleclick.net/	1970-01-21 02:07:55	Name: IDE Value: AHWqTUmuqba-oKSTCtIDYxZVSf5Bmm-Fdpe98mhcIR2zsUJJhpMRNn2GIGXGm2V2
lelive.weebly.com/	1970-01-20 16:46:21	Name: _snow_ses.db5b Value: *
lelive.weebly.com/	1970-01-21 02:22:19	Name: _snow_id.db5b Value: 8a6d7570-7bae-498b-b955-12b2f5a4f5ba.1701979309.1.1701979309.1701979309.9854aa0a-9182-45cb-8423-fbf934b4c9de
.weebly.com/	1970-01-21 02:22:19	Name: _ga_6ELBCSBKW3 Value: GS1.1.1701979309.1.0.1701979309.0.0.0
.casalemedia.com/	1970-01-21 01:31:55	Name: CMID Value: ZXIkrXHBdLAU.r1uBWv4ywAA
.casalemedia.com/	1970-01-20 18:55:55	Name: CMPS Value: 3252
.casalemedia.com/	1970-01-20 18:55:55	Name: CMPRO Value: 3252
.doubleclick.net/	1970-01-20 16:46:22	Name: DSID Value: NO_DATA
.weebly.com/	1970-01-21 02:22:19	Name: _ga Value: GA1.2.1248546258.1701979308
.weebly.com/	1970-01-20 16:47:45	Name: _gid Value: GA1.2.1101172428.1701979309
.weebly.com/	1970-01-20 16:46:19	Name: _gat_gtag_UA_131254328_2 Value: 1
.adnxs.com/	1970-01-20 18:55:55	Name: uuid2 Value: 2770546553833940878
.adnxs.com/	1970-01-20 18:55:55	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E><idyL9!]tbPl1M>e)ZlrFUfJ+tGXxoa>j<3`Ft'ShQJo]OHN?D9VZ1rWYvpbN0[`UJ3If)y3KL9D3I?+)-BVnB
.doubleclick.net/	1970-01-20 21:05:31	Name: APC Value: AfxxVi61wCX7Rpxpvw26yyE-9KLLbWN7ZJyVeA2Xo58iNnyHA5X-EA
.googleadservices.com/	1970-01-20 18:55:55	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 17:29:31	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 18:55:55	Name: 8lcfmzhxc8d6_uid Value: 31472437e9c3f5cc
.retailads.net/	1970-01-20 17:29:31	Name: ppb2172 Value: 3369967619
.office-partner.de/	1970-01-21 02:22:19	Name: source Value: {"webgains_webgains":{"timestamp":1701979310209,"clickCookie":false}}
.futalis.de/	1970-01-20 18:12:43	Name: raSIDb Value: 3369967619
ec.editmysite.com/	1970-01-21 01:31:55	Name: sp Value: f5934b54-fae6-4a7f-86cb-15ef6ff7adec

29 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=728943538380729393&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=000000&bgcolor=000000&linkcolor=FFFFFF&textcolor=CCCCCC&urlcolor=999999(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=728943538380729393&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=000000&bgcolor=000000&linkcolor=FFFFFF&textcolor=CCCCCC&urlcolor=999999(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=505443558143390018&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=505443558143390018&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=624358142503171732&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=624358142503171732&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=462033732328113390&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=462033732328113390&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=640257324145581103&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=640257324145581103&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=552702152350086236&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=234x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=552702152350086236&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=234x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=421482100300384280&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=421482100300384280&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=728x90&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=313710685213427552&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=313710685213427552&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=525252718564449301&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=300x250&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=525252718564449301&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=300x250&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=103887850534687975&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=103887850534687975&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=892243738160099283&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=892243738160099283&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=117595008979775322&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=117595008979775322&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=552573448432664685&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=552573448432664685&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=885823029419344753&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.weebly.com/weebly/apps/serveAds.php?type=adsense&elementid=885823029419344753&ineditor=0&subdomain=lelive.weebly.com&pubid=pub-1181746742151021&adformat=468x60&adtype=text_image&bordercolor=FFFFFF&bgcolor=FFFFFF&linkcolor=0F53FF&textcolor=000000&urlcolor=008000(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
deprecation	warning	URL: https://cdn2.editmysite.com/js/jquery-1.8.3.min.js(Line 1) Message: Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adv.office-partner.de
ajax.googleapis.com
analytics.webgains.io
api.webgains.io
bam.nr-data.net
cdn.jsdelivr.net
cdn.retailads.net
cdn.track.production.webgains.team
cdn2.editmysite.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
ec.editmysite.com
files.widgetic.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90001.redintelligence.net
i.ytimg.com
ib.adnxs.com
jnn-pa.googleapis.com
js-agent.newrelic.com
lelive.weebly.com
medialead.de
pagead2.googlesyndication.com
pv.medialead.de
region1.google-analytics.com
ssl.google-analytics.com
static.doubleclick.net
tpc.googlesyndication.com
track.webgains.com
widgetic.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.weebly.com
www.youtube.com
yt3.ggpht.com
142.250.185.134
142.250.185.166
151.101.194.137
162.247.243.29
167.233.14.134
172.217.16.194
172.64.151.101
176.9.26.250
18.245.187.11
185.89.210.90
199.34.228.53
199.34.228.54
2001:4860:4802:32::178
2001:4860:4802:34::36
216.58.206.34
2606:4700:3036::6815:531
2606:4700::6810:5914
2a00:1450:4001:800::200a
2a00:1450:4001:802::200a
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2016
2a00:1450:4001:813::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2001
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2003
2a01:4f8:d0a:2321::2
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:400::302
2a0b:4d07:101::1
3.10.29.13
3.11.198.160
3.160.212.123
44.240.236.222
46.4.10.49
74.115.50.110
91.121.248.44
94.23.99.218
05e491862fdeabca3a0384115c2bb97d7b898711503cc4b1e04709a5d25548e4
06e9d4c0c519d72b481e8f1f427b568f5468ce0eb9cb1cc0a554ac3925970070
07a4b5165d6774cd96961838ea564cda76ae205fdd7e06b1962a34ca096030f1
094a6590bee6ff08b4562f09ee54e0b4c0ef6ae9a0698f1e4dd82f3ad9687d5e
0a5731d2729b20fafee927cdc4db10c5642c95f42f2e5547deefe96791b7d2ab
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd96385c468e88e956e93a67afe7be85de76f3c0f3780b4f78fdcba7901ff5a
0cfbd18a308599498691e5c5bcea11d5826b7d039388de71f6c6760797a78037
0cfc72687bf236ba651d0aab3205c0e3cd474d5fa987f1ab1e8fe749f0680acf
0de8e4c324d432c31c6dc4b2c14dabf492a0a935d8faf65bc1e3cbd3ecf4fa3c
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f36970c4589bf8845df35684216f48995ea1b8f60b94a81647f39ef140e6b7f
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
115f8c95a42cff5953894d4caebab4a0a743ece7b38f3a9b225d094eae5e37f1
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cb008aaed1aabc56491ab1f185a8e9ef880be41c28c05971875febb211ad43d
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
207486769c2e0943556d3f03968e51cdc08b799b1d31f57cf5dc83d1ef2672a6
207ec261a8530654204ada78a03b0cc6c129c09bac87013c3a8bb3bedfe84be6
20f297290d2dcb56a2eca6afa2f0adae9302a8706d145d089619c1e1d34bd0ea
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
251a983a1b4b2cc76542aa398ae6b3499978a788860b54a8081d35d7a843303c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27e1872f996204c8622b2f5ecc29ba3e0f73aa3d7d53c0669947e564b228e0ae
2829e73e900aef1b3608efa7458c3cfc249e334cd561b2d33ecd84a6ef189cf8
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2a053aa3281e9a0a9043afa198b2218c2e30ddd31072efce24508f0d8259a65c
2b6fb0ac94d87d6b40064bf2f8d3bb86b12763753c22f80a300e379a2c43a4f8
2b8fd3d2568e7df7597ff4f2de76bf46f35c3298cd19a65ed4a8e2ecc1337f92
30bf665890ae0a63e4f917a03fb52d5b1c53f8c67c686ca2732c2656599cd862
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320242e458ff727cf119b25be7eed579317dad053ffe30beb9ca473f9c2eaf8f
32e9a29e78dd65b80e20711f9ebba6658041be0433d3816fbee838224ce8236d
357edc2ca94f087808b7e0c5baf4dc65a30184bb9e8f106ab804a429ce1a8981
3704514135a2ee6042c185a2822cdecba0b26192fccd0f92fbae1dd383668c71
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3d82a30f93efc36ce7c910d93e783da263c69d71fce36b40c74bad6761e6f784
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6f25619d461dfcd8bcb4b8714133844f7482db353d46108db9979034f50e52
3f51a01c8989bd397354804ea0654ac0ec72f83db3b7cf4327a379b8c9151e05
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec
442291eae283f9703ac8165e034146c1fa4d5644ea4cddd0fda6113b0cb8ede6
45a8badf06824c87461905a8b1871fc3ca3eb5934cee490deadad743ebf99661
45ea1febaa3bfa8f5c4711c1ed96c1971654f98d5bcc5cf69d90a555f79a0c9e
48ea13cf7f03e447f96b6fa72496d962cdb27cd611a5b4e643354f85f800b9f0
4a96107fbabc6086da1301ac2553295a823d37bdbc49c61efaab62b966b25f1a
4a9ed5659968e2191d404b3b2c3ed088f172c3acefe53685091af1723f32f0fe
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6329a84811954311b5424bbab6ac2dcc70441841a9b1fd441e3315cf540a2e
4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd
4dc93ba28625d775dd7e9298da5dcb6f7feb5581d35ed9263b80b546b2bff072
4ecc34627d4103fbb8d709b714d9489ee16f6f15a153fab36fca0df2dcaf2a77
512144cf1c61200783d13a788847078c6b881924bd9e709526d9a1a1f22a25c3
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
542b06715445bac737aaa67c8eb5e5047a4e7518a0e0f81b5c3fafd54d677efc
547d8a2c5735d4241fd8ee7e6b3b4bda7c0f354db645cbf7dad403fea10788a6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
580ef6409e067a4ec4a427400c7d6216184869e2da53343df20753cc1f8a46cd
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
588bac8f54ccb8ab638a61c7f03d7bb9fe82a6b51f3a69de89b313970f6c5fa0
593fec175b00a1f118f77bb8ed378e857e9f1225f0fc019fcea508b27da53cf0
5a630b41e7c3d34392bcb150a5731b6261bc6314d71d5db8407a646af15bf8af
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b277a3eb7148a66052c62db5593e7d067eba2416f763a999e7f0332da1a1fef
5b6bd64c8f7d37dd7bd34e3760cfffa93a982937376e2c02708f63c35c645a07
5bae180e27200935c17d52f102255c8f973050e79c461f18c73fc3eb7d454d0b
5feb822d8698f127f0f85d3edf620c63ff5189509fb85992c1d74abbd25d83ee
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
648e766bf519673f9a90cc336cbecede80dcbe3419b43d36ecbb25d88f5584a3
65c01c07a2dd8d094569a5979d032045eb833bd489b00503dc7ac320b4b284e6
66b9bd62e2a6489437cc7b3fbcd931b99bdef0731d8abc27faae0cc7184626ff
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
692fb6d0172aaf378428ac4cf4c73e80ae57fed66494994eb81534593117f17a
6a1e6ac7f7b1d2e2e475daa6928a1bdb04501b4085f59291ad373b0c90ae1c66
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d78ef2f662f5d46e6f413692e17f19c592a701035e01f7be6165768af75d195
6d92b423128d6db2e717ad525bbda8e0ae7a3f9ac71701ae75bb509332d0df68
6db05de4d4e7ecaa14dfe6556d74f500bc3c9fd86ee4a47f59419e5d134cc0b9
72c08283066d0cfa8e04e210801ea9d8f9975cc7f45f77c16c3085f246424378
7343a41c30c877d5d86760570273a164fa736cfe79c111c8c40e1785c42452d0
73ba0f5e3000b016d82851828b4fc6ce832c3bf4cc3d65a6f9c0441ffda988ab
7e3f976c2c4dde40f1a02ee46c1b1fe52274e3b5504330001f430e8c49cee197
7ea7eb2db1daff0d7aa92a53783cec476e61fd78cad5750960db0e78fe161a7b
865cb87de9fc4d6530edce21f0103107abae6abe45cabdff2ad9af067b3d8e0a
8b319d4dd784833c24348df0c14fcdf5fcae5ee17d96bfd82cc8955a7a1e2774
8bc12ea7d68fffddf5dc2f7ac10a44c78087b1e7f7fe046fcfb7d3c77198d3f4
92474dab3fd79343744bfa92bd6c566d1e6a8445d9d5ff892d702106ef08934c
926b9bea9a4dd853c38e61ece4814e42e48811867e9bd010603586bd7cbbab8c
92e5b01fdfb274bc715d8ad5a4ff8ef7262d7467a23657e88f4562c05adbffdb
97ab411811d4436c975b63b44078385f3b31c9a09fa8d86ee05e24505ddee13b
9d528ac974c663cd81cae91c0b1f7f07c936f255a5f42899e9d55658b707ab34
9f95e234907d6a21b8b3768caca177f7b4003689bdd974f1ec7c16ea96cee6c0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a28396880470a28e0525bdc0ea326ffb811de7de13662d02f7530dbbe3f12d90
a3d8afcbc68d3ae65312e50ce252f5eb4cb817d3fe39452bd37a76f896ab5921
a514218b6fac90685ccb8c2186fd46d4814143e8bfe3bdf6daf8355fb9728116
a6ad81a5bdcc28da5f738e93a832360b512e1f008a911431b71fafc1a20bcea9
a77e9b9f1fbd8add9ed32669720bab49a6e03a650c6c35a469dfd228ce21afd1
a80bd413f7dd15ff49d22ce8b5e99be2cea10ad2021f6408949ccf4d0a49191f
a81551f948932bc38d1b9d329a865d6050adf2da9dae6ec60395c51c6af06054
a859cebdde9b57c94d1e5e9dee2c3e42aff28bb99644deef15d7e15dff566450
a8d94874a66894f07f2a9e37b4bf6b6ecf9b0632b637105030b32bcdc40285a7
aba64b03e6b3d874c1f7a95f59585bcdf9e8ca799dcbf9069080494291811db9
abbdd64ea16cc46a1ccc953a281ba5fa95e4cb2017adea38c4a0a946ef9403b1
ae383c13a7416134d3f1e3ef1871f65d995fda66806f24813465a63f58bbee71
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d6d3457ddbc28733708a97511fcd0f5ab4adfc553f667319d8a3b2c5fd9fa7
b4f2de5b6b0ce67eb0bdb6bdb1a0272ce6c6a17d9632ec9a090565d339836ab1
bcb9b01d5d7ace22181d0919adb698675281c1a4f26a0591549e25e3a926460c
bd4d2e29f503390e4951af9232fc43780b43d349647188d8f3f600835f16afb7
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
bfb005fb6578c55a5c29ae597abda1f1e4c482701dd5c4cba3c3959bd995639f
c420c2545efebcdcedd9fd7e48fe093a8c888f6726710197c0f1adff13b39cf0
c5a6377b1a832edaf4f0bce669025bd18f83d8b0d8e8c145690d41d5f028f389
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c8940e16900c33a13c6a9994a213fadcf255d68672e054f5b7b52b379122e5be
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c92cb0522b1d208dc559aa35f8a3c3ce7b922ab57a5475691ef9b13e453d912a
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cd87b79a03050ec23f88ab2f24bfcfb9d736ebe19c858b72b1d2b4d904fb4049
cf91769ae11889ad46b8090d0d4d58a4621f2bcea35d1d8d96ea5e38ba34ee73
d03367ebb95f62ae997c8c23a1c22fcc066d70109f5c835ac62adff4b93e2545
d3d5738d3976bcf37180ece5a4aec5a3340ea8b117e23212d53251a40012a4b6
d6ce93a92222ddec5150f9d4788ea2e4df4108d21666ed8a47a3977c8abb1363
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9db7c9438341739da9d00bbdbfc7e11dbd8195bd41449bf91ba0b7283bee844
da215ae452ce0f274cc606474fe749f8a6db9551543d94e22beefd29d37ae49a
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7256bfdd2d91fc7f7879d997bc466869be4e81d3914afcf8547b09c3422f19
e06baca13f25df9c7d684fc1b1fdfbbbb95070a1d5a9cd648632da7bccc90b96
e14430a71349a408afb658f0e495e5f15723da8d183ee851b98aefea80d8be14
e35cdae965132932644d580706fba96e1b54e9affbe3abab406e54e95d17a0cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4753034e14b95b379f1bcf041ea0c16174120f54f45d6f1438e8e461e400796
e8106b06fab14948098cae97983eafbe1a60643ac725b2a029e4da57d43854df
e8821034e71a6846405afa2bf49ff6c54799c542462e165c0e1a722c1ecccaab
e8fce53e602b22e525d06ba31b166bb4ff461319bc9ae53caad095d185a4d15b
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec55a4bf94cf9d4245ea503b57dc7fdd599f25cb0031d0387d4bc44117138c6d
ed7f436e9bab0f5aa264bad7e82352a7afd3f604130d303c73d56ead4545c807
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03fc3b1a0c54b12cfbe8d9054a3a625934c4d4cd77658dbdbb4cef1792669f8
f31b80562610135edd91a86ec7f243c5eeaec2ec08337e6a20c2d135d8e217da
f3749da4aa655d3afdfd14a2aceca6e4e25e4b41f22495f4e06731652cfb3ed4
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f6a292094eb84a9196e1e8aa4f09104f08848ad4ba6001ad1157252f1ca81b13
f79ac0ee603222655ae5aa87a575abbdab4f577d680d0c0f39ab2cba0ad3fc5f
f9b54eb46a8dd9a7eeeff163e368f71c3dfe239aca607f073d1340027677fc16
fb8ac19290b47436b2ca6a29aab9f613ffbc444fc2a945f4856d2681f2010807
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fc4663da00c4539006af9a2947643febf424d9b96d2dff229d242ac5d2287cbd
fd8844e07a245a7492968fae4fcbd9b7d6455ae634d1919d596ebe39cd056587

lelive.weebly.com Open in urlscan Pro 199.34.228.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

242 Requests

95 %HTTPS

54 %IPv6

29 Domains

46 Subdomains

45 IPs

5 Countries

9572 kBTransfer

22947 kBSize

28 Cookies

6 Outgoing links

Page URL History

Redirected requests

242 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lelive.weebly.com Open in urlscan Pro
199.34.228.54 Public Scan

Screenshot
Live screenshot

Full Image

242
Requests

95 %
HTTPS

54 %
IPv6

29
Domains

46
Subdomains

45
IPs

5
Countries

9572 kB
Transfer

22947 kB
Size

28
Cookies

242 HTTP transactions
6 data transactions