urlscan.io logo urlscan.io
SecurityTrails logo

getsection8.net Open in urlscan Pro
209.212.148.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk/rd/u0Ekaxa0QaZK0qAo32263SvrQ1034
Effective URL: https://getsection8.net/unsubscribe.php
Submission: On February 19 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 48 IPs in 6 countries across 37 domains to perform 87 HTTP transactions. The main IP is 209.212.148.3, located in United States and belongs to ASN-GIGENET, US. The main domain is getsection8.net.
TLS certificate: Issued by R3 on January 27th 2022. Valid for: 3 months.
This is the only time getsection8.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 5.161.77.149 213230 (HETZNER-C...)
6 209.212.148.3 32181 (ASN-GIGENET)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 13.32.99.54 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 18.66.248.25 16509 (AMAZON-02)
2 54.164.242.12 14618 (AMAZON-AES)
1 2620:116:800d... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
1 192.184.68.247 14618 (AMAZON-AES)
5 142.250.184.226 15169 (GOOGLE)
2 3 18.185.196.75 16509 (AMAZON-02)
2 35.163.158.84 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
1 51.89.20.86 16276 (OVH)
2 34.210.253.33 16509 (AMAZON-02)
1 185.33.221.11 29990 (ASN-APPNEX)
1 34.149.20.76 15169 (GOOGLE)
2 35.244.159.8 15169 (GOOGLE)
1 178.250.0.165 44788 (ASN-CRITE...)
1 213.19.147.43 3356 (LEVEL3)
1 185.255.84.151 200271 (IGUANE-)
1 216.52.2.48 30282 (AS-INAPCD...)
1 178.162.133.150 60781 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 54.164.46.147 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.129.108 54113 (FASTLY)
2 6 13.248.245.213 16509 (AMAZON-02)
1 67.202.105.32 32748 (STEADFAST)
1 15.197.193.217 16509 (AMAZON-02)
1 1 34.102.163.6 15169 (GOOGLE)
2 142.250.184.194 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2 52.46.154.242 16509 (AMAZON-02)
1 1 64.202.112.95 22075 (AS-OUTBRAIN)
1 2 185.33.221.14 29990 (ASN-APPNEX)
87 48
2    5.161.77.149 (United States)

ASN213230 (HETZNER-CLOUD2-AS, DE)
PTR: static.149.77.161.5.clients.your-server.de
toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk
6    209.212.148.3 (United States)

ASN32181 (ASN-GIGENET, US)
PTR: ip-209.212.148.3.hosted.by.gigenet.com
getsection8.net
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    13.32.99.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-54.fra60.r.cloudfront.net
api.pushnami.com
3    2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
eb.proper.io
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.66.248.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-25.dus51.r.cloudfront.net
cdn.pushnami.com
2    54.164.242.12 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-242-12.compute-1.amazonaws.com
trc.pushnami.com
1    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2600:9000:223f:d600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    192.184.68.247 (United States)

ASN14618 (AMAZON-AES, US)
pixel.quantserve.com
5    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
3    18.185.196.75 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-196-75.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    35.163.158.84 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-158-84.us-west-2.compute.amazonaws.com
usync.proper.io
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    51.89.20.86 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p18.id5-sync.com
id5-sync.com
2    34.210.253.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-253-33.us-west-2.compute.amazonaws.com
bids.proper.io
1    185.33.221.11 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
propermedia-d.openx.net
u.openx.net
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    213.19.147.43 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
79ab094f63348aa58f9a665712eb2f69.safeframe.googlesyndication.com
5    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    54.164.46.147 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-46-147.compute-1.amazonaws.com
psp.pushnami.com
5    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
6    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
de.tynt.com
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2a05:d018:d29:3605:68cd:a251:4c84:bc1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    52.46.154.242 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
Apex Domain
Subdomains		 Transfer
11 googlesyndication.com
79ab094f63348aa58f9a665712eb2f69.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
41 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
160 KB
8 pushnami.com
api.pushnami.com — Cisco Umbrella Rank: 4223
cdn.pushnami.com — Cisco Umbrella Rank: 27222
trc.pushnami.com — Cisco Umbrella Rank: 4399
psp.pushnami.com — Cisco Umbrella Rank: 15025
70 KB
7 proper.io
global.proper.io — Cisco Umbrella Rank: 7964
usync.proper.io — Cisco Umbrella Rank: 4627
bids.proper.io — Cisco Umbrella Rank: 8554
eb.proper.io — Cisco Umbrella Rank: 10756
120 KB
6 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 356
2 KB
6 getsection8.net
getsection8.net
208 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 346
111 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
acdn.adnxs.com — Cisco Umbrella Rank: 547
secure.adnxs.com — Cisco Umbrella Rank: 350
3 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
2 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
2 KB
3 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 250
fonts.googleapis.com — Cisco Umbrella Rank: 35
32 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
706 B
2 openx.net
propermedia-d.openx.net — Cisco Umbrella Rank: 11235
u.openx.net — Cisco Umbrella Rank: 636
469 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1902
24 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 829
pixel.quantserve.com — Cisco Umbrella Rank: 374
10 KB
2 gstatic.com
fonts.gstatic.com
53 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
12 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610
40 KB
2 uk-citizens.co.uk
toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk
522 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 523
301 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 212
593 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 439
705 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 1554
250 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
265 B
1 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1078
289 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 9027
792 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1414
849 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
712 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3906
547 B
1 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1196
171 B
1 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 736
216 B
1 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1312
349 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 493
533 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 770
2 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 800
12 KB
0 rlcdn.com Failed
api.rlcdn.com Failed
87 37
Domain Requested by
6 eb2.3lift.com 2 redirects global.proper.io
eb2.3lift.com
6 getsection8.net toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk
getsection8.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
getsection8.net
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 securepubads.g.doubleclick.net global.proper.io
securepubads.g.doubleclick.net
getsection8.net
3 x.bidswitch.net 2 redirects eb2.3lift.com
2 secure.adnxs.com 1 redirects
2 s.amazon-adsystem.com 1 redirects eb2.3lift.com
2 cm.g.doubleclick.net eb2.3lift.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 psp.pushnami.com api.pushnami.com
2 bids.proper.io global.proper.io
2 ups.analytics.yahoo.com 2 redirects
2 usync.proper.io getsection8.net
2 script.4dex.io global.proper.io
script.4dex.io
2 trc.pushnami.com api.pushnami.com
2 cdn.pushnami.com api.pushnami.com
2 fonts.gstatic.com fonts.googleapis.com
2 global.proper.io getsection8.net
global.proper.io
2 api.pushnami.com getsection8.net
api.pushnami.com
2 fonts.googleapis.com getsection8.net
securepubads.g.doubleclick.net
2 cdnjs.cloudflare.com getsection8.net
2 maxcdn.bootstrapcdn.com getsection8.net
2 toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk 1 redirects
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 px.ads.linkedin.com eb2.3lift.com
1 ad.mrtnsvr.com 1 redirects
1 match.adsrvr.org eb2.3lift.com
1 de.tynt.com global.proper.io
1 u.openx.net global.proper.io
1 acdn.adnxs.com global.proper.io
1 googleads.g.doubleclick.net getsection8.net
1 eb.proper.io global.proper.io
1 79ab094f63348aa58f9a665712eb2f69.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 apex.go.sonobi.com global.proper.io
1 ap.lijit.com global.proper.io
1 hb-api.omnitagjs.com global.proper.io
1 tag.1rx.io global.proper.io
1 bidder.criteo.com global.proper.io
1 propermedia-d.openx.net global.proper.io
1 ssc.33across.com global.proper.io
1 ib.adnxs.com global.proper.io
1 id5-sync.com global.proper.io
1 pixel.quantserve.com getsection8.net
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com global.proper.io
1 use.fontawesome.com getsection8.net
1 ajax.googleapis.com getsection8.net
0 api.rlcdn.com Failed global.proper.io
87 54

This site contains links to these domains. Also see Links.

Domain
sovrn.com
Subject Issuer Validity Valid
getsection8.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.pushnami.com
Amazon		 2021-04-18 -
2022-05-17		 a year crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.id5-sync.com
R3		 2021-12-20 -
2022-03-20		 3 months crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2022-01-10 -
2023-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-01-23 -
2022-04-23		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-12-06 -
2022-06-06		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh

This page contains 10 frames:

Primary Page: https://getsection8.net/unsubscribe.php
Frame ID: 89AECCD07E0C221616D37AE14110A706
Requests: 52 HTTP requests in this frame

Frame: https://79ab094f63348aa58f9a665712eb2f69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E08B802B1C75B2E26B9C9C11954FD4C1
Requests: 1 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: F0AAD872DCD89CE622487102D2BD6050
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 121CBAC81D6A4E05A4358E4E085942F3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E2AB0394535D92289BEB1C87D002C094
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Frame ID: 924C761DB2737ECA7D6321794CEF83E0
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 97732679857856A4BBE97842CA271C11
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: BA525F5EFB0B8B86C181CC92D3CF60AF
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 1A6C52015ABB74078F419E74592E9B95
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/v2?m=xch&rt=html&id=aP1Yb8S0Kr67vWaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 6B7DEE8903517289124F4EB6BEFC4BB2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

GetSection8.net

Page URL History Show full URLs

  1. http://toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk/rd/u0Ekaxa0QaZK0qAo32263SvrQ1034 Page URL
  2. http://toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk/track/u0Ekaxa0QaZK0qAo32263SvrQ1034 HTTP 302
    https://getsection8.net/unsubscribe.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

87
Requests

87 %
HTTPS

41 %
IPv6

37
Domains

54
Subdomains

48
IPs

6
Countries

910 kB
Transfer

2590 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk/rd/u0Ekaxa0QaZK0qAo32263SvrQ1034 Page URL
  2. http://toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk/track/u0Ekaxa0QaZK0qAo32263SvrQ1034 HTTP 302
    https://getsection8.net/unsubscribe.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db1f60a4c-910a-46bb-b2df-1e5b327fb09c%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_0ab39120_9aae73d1_1 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db1f60a4c-910a-46bb-b2df-1e5b327fb09c%26uid%3D%24%7BBSW_UUID%7D?&callback=window.proper_0ab39120_9aae73d1_1 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b1f60a4c-910a-46bb-b2df-1e5b327fb09c&uid=1372eb2e-1f74-4727-959a-9b27cbd96b0e
Request Chain 28
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_7f2117ce_f1242557_2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_7f2117ce_f1242557_2&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-CvS0wt9E2uEROU8xLLwTJfe6R5OD7aHs~A
Request Chain 69
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 74
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 78
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=5VhYwgqfM&dongle=u6nf
Request Chain 80
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1NjQwNzAyNDM2MjkyNzg3MjAxMw%3D%3D
Request Chain 82
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1356407024362927872013?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-97MvD21E2oTMJft4bSg3qgpyD_iePD4QCgDktic4HA--~A&dongle=0883
Request Chain 84
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=1356407024362927872013 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1356407024362927872013&dcc=t
Request Chain 86
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 87
  • https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
  • https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
u0Ekaxa0QaZK0qAo32263SvrQ1034
toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk/rd/ 		235 B
352 B 		Document
General
Check archive.org
Download Go to
Full URL
http://toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk/rd/u0Ekaxa0QaZK0qAo32263SvrQ1034
Protocol
HTTP/1.1
Server
5.161.77.149 , United States, ASN213230 (HETZNER-CLOUD2-AS, DE),
Reverse DNS
static.149.77.161.5.clients.your-server.de
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Date
Sat, 19 Feb 2022 13:31:20 GMT
Content-Length
235
Primary Request unsubscribe.php
getsection8.net/
Redirect Chain
  • http://toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk/track/u0Ekaxa0QaZK0qAo32263SvrQ1034
  • https://getsection8.net/unsubscribe.php
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://getsection8.net/unsubscribe.php
Requested by
Host: toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk
URL: http://toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk/rd/u0Ekaxa0QaZK0qAo32263SvrQ1034
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
9887b2ef73a3373dcbfbac2ab2c5635739c673d57a8c4c2c4b19dbe2c829b430

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk/rd/u0Ekaxa0QaZK0qAo32263SvrQ1034

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
server
Apache
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-encoding
gzip
content-length
2494
content-type
text/html; charset=UTF-8

Redirect headers

Content-Type
text/html; charset=utf-8
Location
https://getsection8.net/unsubscribe.php
Date
Sat, 19 Feb 2022 13:31:20 GMT
Content-Length
62
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
15962239
cdn-cachedat
08/11/2021 05:41:31
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
5759c9333c257f35a65d438eeda69e0d
cf-ray
6dffdae17e8f83a2-MXP
cdn-requestcountrycode
EG
cdn-status
200
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 22:33:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53884
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Feb 2023 22:33:17 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
147162
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6646
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7CRhYENeHi%2Bpl3RS9o2Ojjs87etq1dcCX1yptP75fwO5%2FniGxAC2gYS03nqQ7XHnlaigR6FI2MntUFQkO77T63BmZlRECd3cveC5yfiZDDH3wuTgdVc2SwWs0ZidBN8W%2FM6P4%2Byw05EKhO%2FhcwqXScs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6dffdae17a0c0f56-MXP
expires
Thu, 09 Feb 2023 13:31:21 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
15970349
cdn-cachedat
2021-08-02 21:50:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
092f0212928b1588c5a802e32dff9f4a
cf-ray
6dffdae17e9483a2-MXP
cdn-requestcountrycode
EG
cdn-status
200
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/ 		3 KB
987 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Quicksand:wght@300;500;700&display=swap
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c1e1a1b01fe6b7a0503291eb13751f06493e258b6538bf3a8e2f4bf0dfb6d9eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 13:26:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 19 Feb 2022 13:31:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Feb 2022 13:31:21 GMT
styles.css
getsection8.net/templates/getsection8.net/css/ 		25 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getsection8.net/templates/getsection8.net/css/styles.css
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
46260a517999b586fbfc84721c39263768a34ad5014a27626f1c4bc8e24bb4fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 14:48:57 GMT
server
Apache
etag
"6311-5bdbc952cec38-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
5302
all.css
use.fontawesome.com/releases/v5.7.0/css/ 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.0/css/all.css
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae

Request headers

Referer
https://getsection8.net/
Origin
https://getsection8.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65221
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
4TE7Q8948AVZ2KP1
x-amz-id-2
RQeVDtX9W55CjKI2NhDJ7DownPFNN0vK91OA2RlBJfYiQCp5D1A/y1SlwFEAMUBv75ZF3RQX4sM=
last-modified
Wed, 30 Jun 2021 15:45:15 GMT
server
cloudflare
etag
W/"251d28bd755f5269a4531df8a81d5664"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TK3KLx2aPAiJLrZdmTOuqguLy%2B0JklMJra7sjg6xOW4cUKKGxZ4xxt3uPz8tIobHRW1kBiXSlezVxerqaHPMpDX7qqPkGSvwIAa5klp4hjth%2BYqIaOddOVMJguIn5fvWu6scGt%2FuDnQUw%2BcAi0HTra%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6dffdae18a59375c-MXP
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 		70 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1358492
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4216
timing-allow-origin
*
last-modified
Mon, 07 Sep 2020 12:33:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f5628a2-11846"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FD5uafzm9ELEES47iIs0DPApOfNWhgsbySW53M48ZnV%2FVj2SOzF1iPiSjTe5C6Ww3WpMiB3slf%2BgcRigqTzzj9puuR%2BvUrptyATyCbGDNpq8v0fXZzAUGq2m8EC0ZTssQgHiAq9DFgNhJCEoY%2BHWzJU"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6dffdae17a0a0f56-MXP
expires
Thu, 09 Feb 2023 13:31:21 GMT
tipped.js
getsection8.net/templates/getsection8.net/js/ 		74 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getsection8.net/templates/getsection8.net/js/tipped.js
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
7b0fc94d83150b73dc566b933bc5c823621e210de6d45621d1101207202d0a15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 14:49:05 GMT
server
Apache
etag
"12680-5bdbc95a230a4-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
19556
tipped.css
getsection8.net/templates/getsection8.net/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://getsection8.net/templates/getsection8.net/css/tipped.css
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
aa892a3e8ae2d858596e031c41aa9c5368d94d5da554a4dd4cf10ae942df4377

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
content-encoding
gzip
last-modified
Wed, 17 Mar 2021 14:48:59 GMT
server
Apache
etag
"3508-5bdbc9541abf3-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2833
site-logo.svg
getsection8.net/templates/getsection8.net/images/svg/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getsection8.net/templates/getsection8.net/images/svg/site-logo.svg
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
f93639795106f75b775f8d426790744336118a4fce1a0a491ffd093c75658842

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/unsubscribe.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
last-modified
Wed, 17 Mar 2021 14:49:04 GMT
server
Apache
accept-ranges
bytes
etag
"2baf-5bdbc9590cbcf"
content-length
11183
content-type
image/svg+xml
5f5bf03e705e760013ae6eb6
api.pushnami.com/scripts/v1/pushnami-adv/ 		250 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-54.fra60.r.cloudfront.net
Software
/
Resource Hash
94c7fcd7c8b4cfe7aad8bd1c32e6546d8ba73c3d85ebf6485d9fcf3a2a1ec1c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:28:42 GMT
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
age
158
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-pop
FRA60-P3
content-encoding
gzip
x-amz-cf-id
SNawxHHFD7EzStJT6xfjVWF99D3jL6oPAUYJIZw0gZBUzvGDFmIgJw==
getsection8.min.js
global.proper.io/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/getsection8.min.js
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a3f4d60e2e9d4c5de61cb81ea2ec9219f60fa5e0b8255b603e6113aebce4148

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Dec 2021 18:36:51 GMT
server
cloudflare
age
65220
etag
W/"61afa9c3-3d30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6dffdae439700e26-MXP
expires
Sat, 19 Feb 2022 13:36:21 GMT
banner_bg1.jpg
getsection8.net/templates/getsection8.net/images/ 		166 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getsection8.net/templates/getsection8.net/images/banner_bg1.jpg
Requested by
Host: getsection8.net
URL: https://getsection8.net/templates/getsection8.net/css/styles.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.212.148.3 , United States, ASN32181 (ASN-GIGENET, US),
Reverse DNS
ip-209.212.148.3.hosted.by.gigenet.com
Software
Apache /
Resource Hash
f83d01332c1d361463eb8f25f0e87a89e57352a5539e5d00d46326b8fcd6713b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/templates/getsection8.net/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
last-modified
Wed, 17 Mar 2021 14:49:03 GMT
server
Apache
accept-ranges
bytes
etag
"29895-5bdbc9580fa2c"
content-length
170133
content-type
image/jpeg
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v28/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v28/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quicksand:wght@300;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a77bc9cd8df8f7680ab07cf42d9aef3147f5c6fc7fe2050ccee4ea11b22c6cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://getsection8.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 09:11:00 GMT
x-content-type-options
nosniff
age
361221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25700
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:28:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Feb 2023 09:11:00 GMT
opt-in-overlay-type4.css
cdn.pushnami.com/css/opt-in/ 		1 KB
737 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pushnami.com/css/opt-in/opt-in-overlay-type4.css
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-25.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e8d074002a43635a8a80b3552a3edf05f3f6ad4219af7a52f2c3098ee3f8694

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Mon, 19 Apr 2021 18:28:09 GMT
server
AmazonS3
age
2225
etag
W/"c5ee4c59ed2ee3d04fa153d1dfedd989"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date
Sat, 19 Feb 2022 12:54:48 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
pQwrwpajEoictdJLvgpzaBYDbf5v5BpK4Ls895vGNzotGiB4xnbV-g==
opt-in-overlay-type4.js
cdn.pushnami.com/js/opt-in/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushnami.com/js/opt-in/opt-in-overlay-type4.js
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-25.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44cd3ca67f3b675c14c819242c8b85d25ffc2c791d3d099d80d554854cf0ea17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
last-modified
Thu, 20 Aug 2020 21:20:50 GMT
server
AmazonS3
age
2225
etag
W/"63362787b89d459953a241ec66b81701"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
date
Sat, 19 Feb 2022 12:54:48 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
v7SDdKSKwooMifLxK7cGJpE1GLLReAiE4uj_Cq-MVbnvOTYO0O-eFg==
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.242.12 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-242-12.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://getsection8.net/
key
5f5bf03e705e760013ae6eb6
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 19 Feb 2022 13:31:22 GMT
cache-control
no-cache
content-type
text/html; charset=utf-8
content-length
2
access-control-expose-headers
WWW-Authenticate,Server-Authorization
track
trc.pushnami.com/api/push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.242.12 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-242-12.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
key
Origin
https://getsection8.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-max-age
86400
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
latest.js
global.proper.io/payloads/ 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/latest.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/getsection8.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc0c4f5c3d6acef428e5aa92fada14b3238a6f318b6a6fc9b0c5a4c1397611ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 19 Jan 2022 20:36:58 GMT
server
cloudflare
age
2562936
etag
W/"61e8766a-6f913"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6dffdae49a2e0e26-MXP
expires
Sat, 19 Feb 2022 13:36:21 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sat, 26 Feb 2022 13:31:21 GMT
localstore.js
script.4dex.io/ 		483 B
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1807
content-type
application/javascript
x-amz-request-id
tx31ca1f9ef63a4ee0ab840-00620977f5
x-amz-id-2
tx31ca1f9ef63a4ee0ab840-00620977f5
last-modified
Sun, 13 Feb 2022 21:27:35 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7OVWTJypbMAomEFxjNPCYqh1Dm54%2FtntDt7MRY8ea3kE9Pooi2cfWonnOrXiZ9rmQm81lu%2BlSxVI87XGGQSMVhDNlj1zwozm6QifCdYQkzbI1bZaI3abLABu%2FXUCrPvm8Rc0DcBcEe4JMZYm"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1644787655409471
cache-control
public, max-age=1800
cf-ray
6dffdae5e93f59a1-MXP
expires
Sat, 19 Feb 2022 14:01:21 GMT
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:08:22 GMT
content-encoding
gzip
age
1380
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 03 Nov 2021 22:03:49 GMT
server
AmazonS3
etag
W/"ebff52074a206856b4f1993710373d93"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
EQjMGXSw0yQ8zc1oa70A35GGlj1o3An7sSB9Y5ItCf0eej_RZcnQGQ==
pixel;r=1929761587;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fgetsection8.net%2Funsubscribe.php;ref=http%3A%2F%2Ftoiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk%2F;uht=2;fpan=1;fpa=P0-862953987-164527748...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1929761587;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fgetsection8.net%2Funsubscribe.php;ref=http%3A%2F%2Ftoiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk%2F;uht=2;fpan=1;fpa=P0-862953987-1645277481904;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;d=getsection8.net;je=0;sr=1600x1200x24;dst=0;et=1645277481904;tzo=0;ogl=
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.68.247 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 13:31:22 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65295
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx50ba1ae0892c4e2dab709-00620f509b
x-amz-id-2
tx50ba1ae0892c4e2dab709-00620f509b
last-modified
Sun, 13 Feb 2022 21:27:34 GMT
server
cloudflare
etag
W/"30fd6d2dd89cb7d26d6396caca2f6c6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvXxiUa5p40AXmeCnoNNHqDSikGzesb8Kp3J66FJKjY8BIDFsR7fqQ1EWjSJU5S%2Fz5oYNWazaqa%2BAbcpadhZkP2IWaFeb5O7VWtyy1uZkNtxQkfYHXoQSpr%2FixHvZJDIbWtoq%2BOKBfwVDI0L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1644787654356307
cf-ray
6dffdae6aa1a83ac-MXP
access-control-allow-headers
Authorization
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
63e61a12e2ffd38ad4f225cccb848320cc935061b431a2d7654e16cc0a846513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27505
x-xss-protection
0
server
sffe
etag
"1136 / 827 of 1000 / last-modified: 1645225517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Feb 2022 13:31:22 GMT
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db1f60a4c-910a-46bb-b2df-1e5b327fb09c%26uid%3D%24%7BBSW_UUID%7D?&callback=window....
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db1f60a4c-910a-46bb-b2df-1e5b327fb09c%26uid%3D%24%7BBSW_UUID%7D?&callback=w...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b1f60a4c-910a-46bb-b2df-1e5b327fb09c&uid=1372eb2e-1f74-4727-959a-9b27cbd96b0e
183 B
385 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b1f60a4c-910a-46bb-b2df-1e5b327fb09c&uid=1372eb2e-1f74-4727-959a-9b27cbd96b0e
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H2
Server
35.163.158.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-158-84.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e52a3ed1b2cb7c20f32998441fa4d3d97947590f2c9ef27bc2ab148066b9a24e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 19 Feb 2022 13:31:22 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

Location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b1f60a4c-910a-46bb-b2df-1e5b327fb09c&uid=1372eb2e-1f74-4727-959a-9b27cbd96b0e
Date
Sat, 19 Feb 2022 13:31:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_7f2117ce_f1242557_2
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_7f2117ce_f1242557_2&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-CvS0wt9E2uEROU8xLLwTJfe6R5OD7aHs~A
151 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-CvS0wt9E2uEROU8xLLwTJfe6R5OD7aHs~A
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H2
Server
35.163.158.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-158-84.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
150d4539d374b78d482e68a599939f877892eb52323c743e0a5d7c58eaf2976b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 19 Feb 2022 13:31:22 GMT
server
nginx/1.18.0
content-length
151
content-type
text/javascript

Redirect headers

location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-CvS0wt9E2uEROU8xLLwTJfe6R5OD7aHs~A
date
Sat, 19 Feb 2022 13:31:22 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
445.json
id5-sync.com/g/v2/ 		213 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.20.86 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p18.id5-sync.com
Software
/
Resource Hash
9a4f7c0104eb2f5bcdbcfef430cc4be25f84c57a04c352649abdcdbd6e6d5fcf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://getsection8.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://getsection8.net
Date
Sat, 19 Feb 2022 13:31:21 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.253.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-253-33.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getsection8.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 19 Feb 2022 13:31:22 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
pubads_impl_2022021401.js
securepubads.g.doubleclick.net/gpt/ 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:28:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123280
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 09:43:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 19 Feb 2023 13:28:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		70 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=getsection8.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
cb779776dea26fd43226f666c09f97c20113dfc96996e9d316a214ba849ba56f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Feb 2022 13:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70
x-xss-protection
0
expires
Sat, 19 Feb 2022 13:31:22 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://getsection8.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 13:31:22 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0f8d8327-8f1d-4426-865e-b6d607675b9f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://getsection8.net
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
ssc.33across.com/api/v1/ 		87 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
ce5b46ee06061a1b347a5d42eda325ff6d4177235d824d1377477811b30adec9

Request headers

Referer
https://getsection8.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 19 Feb 2022 13:31:22 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://getsection8.net
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
arj
propermedia-d.openx.net/w/1.0/ 		73 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fgetsection8.net%2Funsubscribe.php&jr=http%3A%2F%2Ftoiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=728x90&auid=545732602&aumfs=100&dddid=158044b6-3541-4359-9fb7-b1e90f543b7b&divIds=openx-faef1940-60ac-40e9-a0c0-5841d635dbc6&be=1&bc=hb_pb_3.0.1&nocache=1645277482046&schain=1.0%2C1!proper.io%2C4df7e9c7-90e3-11eb-8272-06ef03bc0096%2C1&id5id=0&_pubcid=b1f60a4c-910a-46bb-b2df-1e5b327fb09c
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
aae1190206a99a6ba9a01fa8506b23c9540b8a2aacb7f55302c9d2271936e36d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 13:31:22 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://getsection8.net
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.5.0&cb=83485640196&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://getsection8.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 19 Feb 2022 13:31:21 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://getsection8.net
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
mvo
tag.1rx.io/rmp/234446/0/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/234446/0/mvo?z=1r&hbv=6.5,2.1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getsection8.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://getsection8.net
pragma
no-cache
date
Sat, 19 Feb 2022 13:31:22 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		199 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=http%3A%2F%2Ftoiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk%2F
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
e9f37203d349aa272a470813094c01bca91beb9e120b57beabc039c0f0c5df3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://getsection8.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 13:31:21 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://getsection8.net
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
199
expires
0
bid
ap.lijit.com/rtb/ 		45 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.5.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
a6c10cf3d0c345df8ad9650effea1cf51388a1936fa25853a6c923548f55a5ee

Request headers

Referer
https://getsection8.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 19 Feb 2022 13:31:22 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://getsection8.net
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
65
trinity.json
apex.go.sonobi.com/ 		100 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22bbf6b2ea551b898a28be%22%3A%22bbf6b2ea551b898a28be%7C728x90%7C0.1%22%7D&ref=https%3A%2F%2Fgetsection8.net%2Funsubscribe.php&s=724a6371-baf4-4a7c-95f8-395cddd5bf75&pv=3ec85c91-2a5c-49be-94cf-64b33b8eca4d&vp=desktop&lib_name=prebid&lib_v=6.5.0&us=1&ius=1&userid=%7B%22id5id%22%3A%7B%22uid%22%3A%220%22%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%2C%22sharedid%22%3A%22b1f60a4c-910a-46bb-b2df-1e5b327fb09c%22%2C%22pubcid%22%3A%22b1f60a4c-910a-46bb-b2df-1e5b327fb09c%22%7D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%224df7e9c7-90e3-11eb-8272-06ef03bc0096%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
45b19da7c2a5a6e4f1b909ed157306cbfb970aa9af412a712a00dee0316f859e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 13:31:22 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://getsection8.net
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
125
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=getsection8.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Feb 2022 13:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=getsection8.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Feb 2022 13:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3816501774346726&correlator=1253604912486267&eid=31063378%2C31065010%2C31063247&output=ldjh&gdfp_req=1&vrg=2022021401&ptt=17&impl=fifs&tfcd=0&sc=1&sfv=1-0-38&ecs=20220219&iu_parts=5376056%3A22536698973%2Cgetsection8_dynamic_sticky%2Cdynamic_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1%7C728x90&ppid=b1f60a4c-910a-46bb-b2df-1e5b327fb09c&prev_scp=proper_slot%3D4.01%26proper_sticky%3Dtrue%26proper_floor_728x90%3D1.00%26proper_floor_sticky_horizontal%3D1.00%26proper_floor%3D0.10%26refresh_count%3D0&eri=1&cust_params=post_id%3Dunknown%26member%3Dno%26split_version%3D10402%26proper_site%3Dgetsection8%26proper_page%3D1%26s_depth%3D1%26tags%3D%257C%257C%257C%257C%257C%257C%257C%257C62_desktop%252C%257C%257C%257C%257C%257C%257C%257C%257C62&cookie_enabled=1&bc=31&abxe=1&dt=1645277482454&lmt=1645277482&dlt=1645277481101&idt=976&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=2728238180&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fgetsection8.net%2Funsubscribe.php&ref=http%3A%2F%2Ftoiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=580137706.1645277482&ga_sid=1645277482&ga_hid=288693250&ga_fc=false&fws=640&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f4393aee92784f781e0b3d8c7329c34fb4b6aad437ab50e470ddc387ec9a0ad0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11601
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://getsection8.net
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
79ab094f63348aa58f9a665712eb2f69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E08B 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://79ab094f63348aa58f9a665712eb2f69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 19 Feb 2022 13:31:22 GMT
expires
Sun, 19 Feb 2023 13:31:22 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s2s
eb.proper.io/ 		373 B
884 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f825cb2583dac73d56db47a172ad65e903d0ca0ffe48b1a06bbc99c30b02c7f

Request headers

Referer
https://getsection8.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 13:31:22 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://getsection8.net
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
dur:197
cf-ray
6dffdaea1d440e26-MXP
expires
-1
hub
api.pushnami.com/scripts/v1/ Frame F0AA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-54.fra60.r.cloudfront.net
Software
/
Resource Hash
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/

Response headers

content-type
text/html; charset=utf-8
date
Sat, 19 Feb 2022 13:16:12 GMT
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-headers
X-Requested-With
content-security-policy
default-src 'unsafe-inline' *
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
cache-control
no-cache
content-encoding
gzip
vary
accept-encoding
x-cache
Hit from cloudfront
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
qsQMfpthWNw7cAT2wAmEHbBeDZjcgn7sF8HNWbAk2xoXAn0bXazewQ==
age
910
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c72659bec2957fe7d11d64fd336a9a0afdcc65e7e7d6c2fab8bd0cf0f8176fd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a21bfb683c6f547ea23fafa34b51e87bffb2c65d75151be2355291eb918bd06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 19 Feb 2022 13:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9809
x-xss-protection
0
psp
psp.pushnami.com/api/ 		2 B
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/5f5bf03e705e760013ae6eb6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.46.147 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-46-147.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://getsection8.net/
key
5f5bf03e705e760013ae6eb6
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://getsection8.net
date
Sat, 19 Feb 2022 13:31:22 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
accept-encoding
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.46.147 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-46-147.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
key
Origin
https://getsection8.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 19 Feb 2022 13:31:22 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://getsection8.net
access-control-allow-credentials
true
access-control-expose-headers
content-type, content-length, etag
access-control-max-age
600
access-control-allow-headers
key
access-control-allow-methods
POST
cache-control
no-cache
vary
accept-encoding
content-encoding
gzip
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 19 Feb 2022 13:31:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 121C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sat, 19 Feb 2022 13:20:00 GMT
expires
Sun, 19 Feb 2023 13:20:00 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
682
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame E2AB 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e2095a69a79f907d33d54c4a0a60cbe73010b43d5f5f1ce37dced5b786fe6fa7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WqAmsNJV0u87IuOBSlSjtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 19 Feb 2022 13:31:22 GMT
date
Sat, 19 Feb 2022 13:31:22 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-WqAmsNJV0u87IuOBSlSjtQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js
pagead2.googlesyndication.com/bg/ Frame 121C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/RTAFWjK1oaY5MR175eart5uncqyuFBD5-f7_3Cl3Idw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 11:26:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
7474
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13529
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 11:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Feb 2023 11:26:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E2AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021401&jk=3816501774346726&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012202072236000/ Frame 924C 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
416692
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61519
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"609f9f524fc23ab6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 924C 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
416692
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5708
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4c9170e21c83610c"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 924C 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
416692
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29623
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f660f99fdfd5d6c6"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 924C 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
416692
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1844
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b0f41eb8e6d0a727"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012202072236000/v0/ Frame 924C 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012202072236000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
416692
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13623
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 17:46:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"14164defe327400f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 17:46:30 GMT
css
fonts.googleapis.com/ Frame 924C 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 19 Feb 2022 12:26:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 19 Feb 2022 13:31:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 19 Feb 2022 13:31:22 GMT
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 924C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 04:31:38 GMT
x-content-type-options
nosniff
server
cafe
age
32384
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
11660698925711390587
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Sun, 20 Feb 2022 04:31:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 924C 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
13097
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 20 Feb 2022 09:53:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 924C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CC7OmKvEQYvutHvKAjuwPjIOPQJSlvJVo-uKfs7kNi-bp8fseEAEg2Oq2IGCV0rCCuAegAZKZq_wCyAEG4AIAqAMBqgT-AU_QvA8vzCB-SqysUr7ROVtvoZmWe3H9ZVLBtk-iqcsYfGzMu36dza-uKVxzAKKCLfAxFp2LTpFB1PZd77DVHRpz6nm8rAPMu5QRZViBmZCrADoCSN57TpiqaBTwCSieOnIjCaEv-pnyrxVEgkN8hodudb7zdZkBqzUZeEYAO1sbOyhDCWkwVl1XhOTD-dnUqQvvrI1sFB4BuOC3BQpsjgvGwGcWGtqFJ0pe3aSWhIwPCuSzSBha_9kiqrpEkk80YbzopfFXxejXT4hSz1HdoFyKsTpRHS_wccoHeuJWpvnET2_nzGvfQKs59frYUAqXCYog3-argWz-r_2AMH8XwAT50PWZtAPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH1ubUgwGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDcyWXSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTUwNTE5NDY5ODk4NDgzODKACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNjg5NzkwMjE5MTcxNDgzMxjQnBI&sigh=CKp1YHSrX04&uach_m=[UACH]&template_id=492
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
truncated
/ Frame 924C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ba91cea7dc6b01815f430fddc2d1fabaee97e536d713309476bdfec4250e1be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v41/ Frame 924C 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v41/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://getsection8.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 00:52:22 GMT
x-content-type-options
nosniff
age
131940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28196
x-xss-protection
0
last-modified
Tue, 18 Jan 2022 17:53:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 18 Feb 2023 00:52:22 GMT
generate_204
tpc.googlesyndication.com/ Frame 121C 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bYY4uQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 924C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: getsection8.net
URL: https://getsection8.net/unsubscribe.php
Protocol
H2
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date
Sat, 19 Feb 2022 13:31:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021401&jk=3816501774346726&bg=!sbKlsvbNAAbf-5Dq3_s7ACkAdvg8WsEJGLzgeFR23Mh470KoF5TVKTDdSN69f9p9dxlLAnhilKFXFwIAAACVUgAAAAJoAQeZAtMG4cs4CiixUvD_fyi-ZokcbNGLetrD28LNzFV3Oo6Lx_M8YoL6y5FmctfaMPNLzOaD6IAZSVfdYl0hwhNQDNOw9HAg5UOJTCag_VXy68_qWxf0B3UZA9uvLwtOXjSmqEC8eVKHUDKxayIjiD477RS69E7UxA5vbRi-UowDHai_301pMjkGfcWMzxR4zFif9PvyPmnnr5Cl71KxTMIfp0LzpxCCit_2yp8-8IFxUsuBWj5JCANQNc8zVsdk1JcmlStBme8ZdwDHRpiNnIg6hJ9oMim57_EbxIBPAXZguFHlh6FZzAay_o-6d2x0b1kBqfLVJ2exFokiBVjKQZQMI-8lDZYWP1_jSPF5AN6Le05C7o49COOlsYDChrSmYnRDE9MqB-Av0rKZSQLZ7cUMAzYltbIordFpSqVI8lLhwGHe5eFEk90p0Vfd2m6HUIrAQVkn0kMwYc_e-DRxhYQzWjfa89f_nAxk1iX4muzHpFSH6_lLYyiTN3tx6laUNk7j1Fn74xF5NuSsKfYr5Sna-3SWWt3jbfzK2J1zGtstVYeZr0gbDg6kj_h4CmhsXIARCH989cVLbgX6PaQxJk1sOoSCq7oGGvkuxsjylAg6Q8pGOSGlct9cl4DvzqZI8RbtPRXr8dyLCMKUjwl7yF3qQxa6LcbQTryC9uGvvaZa73zxhtmRnkTR3cNsCpmZEl7QhXBNOliuK9wc9JM5aVnxrPJ_dlW1YPksp4Vp-RXJooitg2EM4LrWG758biDjXTuEpeN8pzlQiBchuKT32FkpZouGIsKpVys9THaOTuueNS9RgoF4ruGrP6SABGuFuLlXJH4OHCYqBQDyFbh1sc-5_JsOMyYT7f6hw1NDp74TQORPlGoiHHENFvVPRO1pn0cyIV896CqNcC3QLXiVsgMpcjHairmzuLzB-5c2XRoBLSNL2CzoDqSurQXgolzxOQLLR4PObkk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 13:31:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.253.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-253-33.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://getsection8.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 19 Feb 2022 13:31:23 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
activeview
pagead2.googlesyndication.com/pcs/ Frame 924C 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0_-GVU1e4ZKCPu0VawsGdU4i_fj3Q9bllc3KLE1aK_ObC1PMPupcBwyre25mjJdYUIw2aySB3g64Ee4rnN8CzKUrGTyHUx0TmNQQ6NDOfpocDKPGXqA&sai=AMfl-YRB5-1IOEOglB1b5rbQxNoYMoU9i_sP2g_MdaaflecxEZwmZ9r2qc1pd60XdSGYag__aJN1QRXxD6h4zNzoKTuSXucu_GcpRdbES5umMX9gniyqOJ_nrJkxlp9g9ND3&sig=Cg0ArKJSzE04gHba1GcuEAE&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=180&tls=1180&g=100&h=100&tt=1181&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2728238180
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 13:31:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 9773 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Sat, 19 Feb 2022 13:31:25 GMT
Age
24998819
X-Served-By
cache-lga21980-LGA, cache-hhn4030-HHN
X-Cache
HIT, HIT
X-Cache-Hits
194520, 746458
X-Timer
S1645277486.829363,VS0,VE0
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame BA52
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
badcda69fc7ce2d1c24ce3a5603d1de1cf8ff08e7aabad3ff6073e0802fd3dda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/

Response headers

date
Sat, 19 Feb 2022 13:31:25 GMT
content-type
text/html; charset=utf-8
content-length
460
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate

Redirect headers

date
Sat, 19 Feb 2022 13:31:25 GMT
content-length
0
location
/sync?&ld=1
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
u.openx.net/w/1.0/ Frame 1A6C 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Sat, 19 Feb 2022 13:31:25 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v2
de.tynt.com/deb/ Frame 6B7D 		75 B
289 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&rt=html&id=aP1Yb8S0Kr67vWaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://getsection8.net/

Response headers

cache-control
max-age=86400
expires
Sun, 20 Feb 2022 13:31:26 GMT
referrer-policy
unsafe-url
content-type
text/html
content-length
75
date
Sat, 19 Feb 2022 13:31:25 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
generic
match.adsrvr.org/track/cmf/ Frame BA52 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 13:31:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuidmid=7976&xuid=5VhYwgqfM&dongle=u6nf
eb2.3lift.com/ Frame BA52
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=5VhYwgqfM&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=5VhYwgqfM&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:25 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=5VhYwgqfM&dongle=u6nf
date
Sat, 19 Feb 2022 13:31:25 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame BA52 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 13:31:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BA52
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1NjQwNzAyNDM2MjkyNzg3MjAxMw%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1NjQwNzAyNDM2MjkyNzg3MjAxMw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 13:31:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTM1NjQwNzAyNDM2MjkyNzg3MjAxMw%3D%3D
date
Sat, 19 Feb 2022 13:31:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame BA52 		0
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1356407024362927872013&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:25 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 9664D688D23848B3AF52501E45DEBCB8 Ref B: FRAEDGE1319 Ref C: 2022-02-19T13:31:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXYXwQbCFuI3K0yJxNCmw==
xuid
eb2.3lift.com/ Frame BA52
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1356407024362927872013?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-97MvD21E2oTMJft4bSg3qgpyD_iePD4QCgDktic4HA--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-97MvD21E2oTMJft4bSg3qgpyD_iePD4QCgDktic4HA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 19 Feb 2022 13:31:26 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
2
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-97MvD21E2oTMJft4bSg3qgpyD_iePD4QCgDktic4HA--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
c.gif
c.bing.com/ Frame BA52 		42 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1356407024362927872013&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 19 Feb 2022 13:31:25 GMT
etag
"7f9eac45e25d81:0"
last-modified
Fri, 18 Feb 2022 21:27:03 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D76DDCE407214FD38561F77169D642D6 Ref B: FRAEDGE1421 Ref C: 2022-02-19T13:31:25Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame BA52
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=1356407024362927872013
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1356407024362927872013&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1356407024362927872013&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.154.242 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 13:31:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3V34CDTR6TX6VCDF9ZXJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=1356407024362927872013&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame BA52 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=1356407024362927872013&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.196.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-196-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Sat, 19 Feb 2022 13:31:25 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame BA52
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sat, 19 Feb 2022 13:31:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Sat, 19 Feb 2022 13:31:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
bounce
secure.adnxs.com/ Frame 9773
Redirect Chain
  • https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
  • https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Protocol
HTTP/1.1
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 13:31:25 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9131a3a3-c2fd-4062-a1ce-b8b2fc895f7c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 19 Feb 2022 13:31:25 GMT
X-Proxy-Origin
217.64.151.68; 217.64.151.68; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d686b3fc-4294-4c4d-afe7-2576c58c1789
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=72

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 function| structuredClone function| $ function| jQuery function| Popper object| bootstrap object| Tipped function| getUrlVars function| openOffer object| properSpecialOps object| propertag object| pushWrap function| showFbChkOptIn object| mailnamiPromptModule boolean| isOSXSafari undefined| safariScript undefined| o object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| bowser object| mailnami object| Pushnami boolean| payload_loaded object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia object| googletag object| _qevents function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName object| TraceKit function| UAParser string| PBJS_USER_ID_OPTOUT_NAME object| device object| ADAGIO string| SYNC_ENDPOINT string| NON_MEASURABLE number| accountId function| quantserve function| __qc object| ezt object| _qoptions function| qtrack string| proper_ad_page_uuid function| proper_0ab39120_9aae73d1_1 function| proper_7f2117ce_f1242557_2 number| proper_rps string| proper_ad_session_uuid object| ggeac object| google_js_reporting_queue string| x object| sas object| apntag object| _ADAGIO undefined| google_measure_js_timing object| response object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| CrossStorageClient object| pushnamiStorage function| uuid object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests object| ebData

30 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQ7bW4kfEvCgoI4gEQ7bW4kfEvCgoI5gEQ7bW4kfEvCgoIhwIQ7bW4kfEvCgkICRDttbiR8S8KCQg6EO21uJHxLwoJCAsQ7bW4kfEvCgoIjAIQ7bW4kfEvCgoIngIQ7bW4kfEvCgkIXxDttbiR8S8=
.mrtnsvr.com/sync Name: userId
Value: 5VhYwgqfM
getsection8.net/ Name: PHPSESSID
Value: 510ef019597731feac4e3a7a087c8866
getsection8.net/ Name: sharedid
Value: b1f60a4c-910a-46bb-b2df-1e5b327fb09c
getsection8.net/ Name: sharedid_last
Value: Sat%2C%2019%20Feb%202022%2013%3A31%3A21%20GMT
getsection8.net/ Name: _lr_retry_request
Value: true
getsection8.net/ Name: _lr_env_src_ats
Value: false
.yahoo.com/ Name: A3
Value: d=AQABBCrxEGICEFLqJhzorN6_V2CeGI96qM8FEgEBAQFCEmIaYgAAAAAA_eMAAA&S=AQAAAurk4vSihLVx4Nn6vFxvNsY
.analytics.yahoo.com/ Name: IDSYNC
Value: 190z~23bp
.bidswitch.net/ Name: tuuid
Value: 1372eb2e-1f74-4727-959a-9b27cbd96b0e
.bidswitch.net/ Name: c
Value: 1645277482
.bidswitch.net/ Name: tuuid_lu
Value: 1645277482
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB5A
Value: s569|YhDxL
.quantserve.com/ Name: mc
Value: 6210f12a-6ea4a-d18a5-44dd8
.getsection8.net/ Name: __qca
Value: P0-862953987-1645277481904
.proper.io/ Name: verizon_media
Value: y-CvS0wt9E2uEROU8xLLwTJfe6R5OD7aHs~A
.proper.io/ Name: mediagrid
Value: 1372eb2e-1f74-4727-959a-9b27cbd96b0e
.getsection8.net/ Name: __gads
Value: ID=d18386dc2adde37a-224edc2f47cd0099:T=1645277482:S=ALNI_MaHrO6lZaeJpnfcfAJzgKZGP3zoXQ
.getsection8.net/ Name: properSessionData
Value: eyJ1dWlkIjoiY2NiYWZmOTEtZmI2Ni00OGY1LWFkOGUtMTMwMTJiZDQzYWQ2IiwiZGVwdGgiOjEsInJlZmVycmVyIjoiaHR0cDovL3RvaXllemZ4eGFyNTZicWpwa3J0MzAzamwudWstY2l0aXplbnMuY28udWsvIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLjAwMTAxLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6eyJvcGVueCI6MSwic292cm4iOjEsImNyaXRlbyI6MSwic29ub2JpIjoxLCJhcHBuZXh1cyI6MSwiYWR5b3VsaWtlIjoxLCJyaHl0aG1vbmUiOjEsInRyaXBsZWxpZnQiOjEsInRoaXJ0eXRocmVlYWNyb3NzIjoxfSwibGFzdF90aHJlc2hvbGQiOjB9
.doubleclick.net/ Name: IDE
Value: AHWqTUkH3gGcI6mP5idf-SG8mjtkgjCCWifptlnuQel4XZPE5SIzwQyLjBzCptjNacU
.proper.io/ Name: __cf_bm
Value: ZZiJzG5VyvFG3E9Z_ajGz7IB7vf8NVhliJ3MbN3nCZ8-1645277481-0-ASEooCSKO4JsutteVeQikx3mruw7BnVFGuR0D%2BoZpxCNc9D8NsfYITt%2FeV6SIszQ5Jt8TjItaFs3%2FluuskySeLayRpKyIzWGqanCZAtPFif5
.doubleclick.net/ Name: DSID
Value: NO_DATA
.3lift.com/ Name: tluid
Value: 1356407024362927872013
.bing.com/ Name: MUID
Value: 068AA707E2FE693E1AABB657E39568EE
.adnxs.com/ Name: uuid2
Value: 8196890286753803990
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&faabb69a-c739-4d22-83c0-0c93007f7b4a"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDUyNzc0ODU7MjswMjEivB3DLxwca9kVDXy4liJ1kds0gBxCX31OBJzlBHmkEQ==
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2655:u=1:x=1:i=1645277485:t=1645363885:v=2:sig=AQHarHj-Rcx7Q5Vx1G7k6qPPSY5yVbA_"

5 Console Messages

Source Level URL
Text
other error URL: https://getsection8.net/unsubscribe.php
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
javascript error URL: https://getsection8.net/unsubscribe.php
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=72' from origin 'https://getsection8.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=72
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.ampproject.org/rtv/012202072236000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=5VhYwgqfM&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

79ab094f63348aa58f9a665712eb2f69.safeframe.googlesyndication.com
acdn.adnxs.com
ad.mrtnsvr.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
apex.go.sonobi.com
api.pushnami.com
api.rlcdn.com
b1sync.zemanta.com
bidder.criteo.com
bids.proper.io
c.bing.com
cdn.ampproject.org
cdn.pushnami.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
de.tynt.com
eb.proper.io
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
getsection8.net
global.proper.io
googleads.g.doubleclick.net
hb-api.omnitagjs.com
ib.adnxs.com
id5-sync.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
propermedia-d.openx.net
psp.pushnami.com
px.ads.linkedin.com
rules.quantcount.com
s.amazon-adsystem.com
script.4dex.io
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssc.33across.com
tag.1rx.io
toiyezfxxar56bqjpkrt303jl.uk-citizens.co.uk
tpc.googlesyndication.com
trc.pushnami.com
u.openx.net
ups.analytics.yahoo.com
use.fontawesome.com
usync.proper.io
www.google.com
x.bidswitch.net
api.rlcdn.com
13.248.245.213
13.32.99.54
142.250.184.194
142.250.184.226
15.197.193.217
151.101.129.108
178.162.133.150
178.250.0.165
18.156.0.31
18.185.196.75
18.66.248.25
185.255.84.151
185.33.221.11
185.33.221.14
192.184.68.247
209.212.148.3
213.19.147.43
216.52.2.48
2600:9000:223f:d600:6:44e3:f8c0:93a1
2606:4700:20::681a:8a9
2606:4700::6810:125e
2606:4700::6811:4f22
2606:4700::6812:acf
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200a
2a00:1450:4001:808::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a05:d018:d29:3605:68cd:a251:4c84:bc1
2a06:98c1:3121::7
34.102.163.6
34.149.20.76
34.210.253.33
35.163.158.84
35.244.159.8
5.161.77.149
51.89.20.86
52.46.154.242
54.164.242.12
54.164.46.147
64.202.112.95
67.202.105.32
05e2888e835d97fe6e4cfb256f62f47d5dccf6d9ac202ea9d82a6bc2b1716c1d
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
150d4539d374b78d482e68a599939f877892eb52323c743e0a5d7c58eaf2976b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1a3f4d60e2e9d4c5de61cb81ea2ec9219f60fa5e0b8255b603e6113aebce4148
1a77bc9cd8df8f7680ab07cf42d9aef3147f5c6fc7fe2050ccee4ea11b22c6cd
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2ba91cea7dc6b01815f430fddc2d1fabaee97e536d713309476bdfec4250e1be
332dd9d8872171a7ce122129c088ef587eb876ee04f178f5e62310dff3747514
372ddb86deaa3e11e5a4b1eec16924bcd6e6232bc8bab79338426b2faff7e7dd
44cd3ca67f3b675c14c819242c8b85d25ffc2c791d3d099d80d554854cf0ea17
4530055a32b5a1a639311d7be5e6abb79ba772acae1410f9f9feffdc297721dc
45b19da7c2a5a6e4f1b909ed157306cbfb970aa9af412a712a00dee0316f859e
46260a517999b586fbfc84721c39263768a34ad5014a27626f1c4bc8e24bb4fe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e61a12e2ffd38ad4f225cccb848320cc935061b431a2d7654e16cc0a846513
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6a21bfb683c6f547ea23fafa34b51e87bffb2c65d75151be2355291eb918bd06
7b0fc94d83150b73dc566b933bc5c823621e210de6d45621d1101207202d0a15
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8838c15a093042dda8446ae18d93db16218d1c8810dae5cfa21e0e889dc0ec68
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2dcb9912e96ad6472e010d4e66d67c647dfc385f09d652c1ff8d4d752baf14
8f825cb2583dac73d56db47a172ad65e903d0ca0ffe48b1a06bbc99c30b02c7f
93b1f78578f169d4f472ecda3c79d72e81fa9e199bdb979d13139f5ddbe5a06d
94c7fcd7c8b4cfe7aad8bd1c32e6546d8ba73c3d85ebf6485d9fcf3a2a1ec1c3
9887b2ef73a3373dcbfbac2ab2c5635739c673d57a8c4c2c4b19dbe2c829b430
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4f7c0104eb2f5bcdbcfef430cc4be25f84c57a04c352649abdcdbd6e6d5fcf
9e8d074002a43635a8a80b3552a3edf05f3f6ad4219af7a52f2c3098ee3f8694
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c10cf3d0c345df8ad9650effea1cf51388a1936fa25853a6c923548f55a5ee
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa892a3e8ae2d858596e031c41aa9c5368d94d5da554a4dd4cf10ae942df4377
aae1190206a99a6ba9a01fa8506b23c9540b8a2aacb7f55302c9d2271936e36d
af42f8a986eefec222a68474cc9c9591028b07b082157631d810ecbbf4a652fe
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
badcda69fc7ce2d1c24ce3a5603d1de1cf8ff08e7aabad3ff6073e0802fd3dda
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c1e1a1b01fe6b7a0503291eb13751f06493e258b6538bf3a8e2f4bf0dfb6d9eb
c72659bec2957fe7d11d64fd336a9a0afdcc65e7e7d6c2fab8bd0cf0f8176fd8
cb779776dea26fd43226f666c09f97c20113dfc96996e9d316a214ba849ba56f
cc0c4f5c3d6acef428e5aa92fada14b3238a6f318b6a6fc9b0c5a4c1397611ae
cd01ea3cd56c3f77b2d294910bbe09a139ee76ffe85a9d00f7d512606987d865
ce5b46ee06061a1b347a5d42eda325ff6d4177235d824d1377477811b30adec9
d3ef00ccf0d1329768a9546012c96ecb5ac031695b0418da9ae3297979ad60bb
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e2095a69a79f907d33d54c4a0a60cbe73010b43d5f5f1ce37dced5b786fe6fa7
e3ad8c90cec1318c90852dc018d75e7afadcb71c36508344fc1c133021007bb3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52a3ed1b2cb7c20f32998441fa4d3d97947590f2c9ef27bc2ab148066b9a24e
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9f37203d349aa272a470813094c01bca91beb9e120b57beabc039c0f0c5df3c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4393aee92784f781e0b3d8c7329c34fb4b6aad437ab50e470ddc387ec9a0ad0
f83d01332c1d361463eb8f25f0e87a89e57352a5539e5d00d46326b8fcd6713b
f93639795106f75b775f8d426790744336118a4fce1a0a491ffd093c75658842