shtu.be Open in urlscan Pro
2606:4700:3032::6815:452c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://23.94.148.10/510005/2/RFQ-20.02.2024.php
Effective URL:
https://shtu.be/ppfor/ffww/c284b8
Submission: On February 21 via manual (February 21st 2024, 1:20:58 pm UTC) from DE — Scanned from DE

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 10 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3032::6815:452c, located in United States and belongs to CLOUDFLARENET, US. The main domain is shtu.be.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 8th 2024. Valid for: a year.

This is the only time shtu.be was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	23.94.148.10 23.94.148.10	36352 (AS-COLOCR...) (AS-COLOCROSSING)
2 7	2606:4700:303... 2606:4700:3032::6815:452c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
44	14

1 23.94.148.10 (Boston, United States) 1 redirects

ASN36352 (AS-COLOCROSSING, CA)
PTR: 23-94-148-10-host.colocrossing.com

23.94.148.10	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3032::6815:452c (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

shtu.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	327 KB
11	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 353	217 KB
7	shtu.be 2 redirects shtu.be	20 KB
4	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	52 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
2	google.com mts0.google.com — Cisco Umbrella Rank: 3938 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	49 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	2 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2000	248 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	90 KB
44	10

	Domain	Requested by
11	cdn.jsdelivr.net	shtu.be cdn.jsdelivr.net
9	pagead2.googlesyndication.com	shtu.be pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	shtu.be	2 redirects shtu.be
4	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
2	www.googleadservices.com
1	www.google.com	tpc.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	mts0.google.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	shtu.be
44	13

This site contains no links.

Subject Issuer	Validity	Valid
shtu.be Cloudflare Inc ECC CA-3	`2024-01-08` - `2024-12-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://shtu.be/ppfor/ffww/c284b8
Frame ID: 24851941295529046ED1F4A959BF6CAA
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: D7B87E922208033FB699A09394D020EB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9014453167611078&output=html&h=280&slotname=1913794818&adk=3549257253&adf=1801062927&pi=t.ma~as.1913794818&w=1200&fwrn=4&fwrnh=100&lmt=1708521654&rafmt=1&format=1200x280&url=https%3A%2F%2Fshtu.be%2Fppfor%2Fffww%2Fc284b8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708521654494&bpp=3&bdt=211&idt=152&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&correlator=4456649779350&frm=20&pv=2&ga_vid=1325224446.1708521655&ga_sid=1708521655&ga_hid=1535594306&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=152&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C44795922%2C95322745%2C95324581%2C95325066%2C31081233%2C95320376%2C95324155%2C95324161&oid=2&pvsid=4385145661044503&tmod=1926865581&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=159
Frame ID: 739C6C705BF094470FEC57201DC132EC
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9014453167611078&output=html&adk=1812271804&adf=3025194257&lmt=1708521654&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fshtu.be%2Fppfor%2Fffww%2Fc284b8&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708521654509&bpp=1&bdt=226&idt=152&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4456649779350&frm=20&pv=1&ga_vid=1325224446.1708521655&ga_sid=1708521655&ga_hid=1535594306&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C44795922%2C95322745%2C95324581%2C95325066%2C31081233%2C95320376%2C95324155%2C95324161&oid=2&pvsid=4385145661044503&tmod=1926865581&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=155
Frame ID: D945C3A3F129C43CA479C7C864994D4E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js
Frame ID: F481E07231D02EF63F643372D75D9F72
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1B02EC8EE92889264EB4E697FCE1F94B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2F7974F5BDD36F05385C7899B581EF62
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SHORTEN URL

Page URL History Show full URLs

http://23.94.148.10/510005/2/RFQ-20.02.2024.php HTTP 301
http://shtu.be/c284b8 HTTP 301
https://shtu.be/c284b8 HTTP 301
https://shtu.be/ppfor/ffww/c284b8 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

44
Requests

98 %
HTTPS

86 %
IPv6

10
Domains

13
Subdomains

14
IPs

2
Countries

757 kB
Transfer

2147 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://23.94.148.10/510005/2/RFQ-20.02.2024.php HTTP 301
http://shtu.be/c284b8 HTTP 301
https://shtu.be/c284b8 HTTP 301
https://shtu.be/ppfor/ffww/c284b8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://googleads.g.doubleclick.net/pagead/adview?ai=CKBu8tvjVZZCjLODGvPIP3bK_4ArSr7PEdO3TmJmKEsvLrZfeGhABIMuQpDZglcKggrAHoAHk4aLQKMgBCakCrZ_3QvUQsj6oAwHIA8sEqgTaAU_Q12tI3kMymGyTJ2Y_FprqrVWuTnEa9ZVDtrhqq-R0XNq4tjJOiruKg-Z5CWxe1Q2ZzTKCAECtr-2A2cfznwJlM8ULUItzsD5Yk82SB_Lm-ZWdp3E6zufSJw-BUjy-UULDKYPMqsKECgCQqRP3pdgblI53TBhpyIjiGlL09rkNgvaYD9VLV89dOc0nnKBHgeUFIB1E8kaDXRuXUhSPPV4-eNibsCVRFfocTqWMpXOKQQrpN1fncKBWR_E3KAv44CyJgNF1iZCqTMOId7JEbjz3jhDMNmCuAmGywASy7bnAiQSIBdPZv8RAkgUECAQYAZIFBAgFGASgBi6AB-SZ868DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwUQp8qHAdIIJgiA4YAQEAEYHzICqgI6CYBAgICEgICECEi9_cE6WL-mxZLDvIQDmgkfaHR0cHM6Ly93d3cucmVpa2ktYmVyZ3N0ZWluLmRlL4AKAcgLAbgTiATYEwrQFQGAFwGyFxwKGggAEhRwdWItOTAxNDQ1MzE2NzYxMTA3OBgA&sigh=_0HsTIm1Ywg&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_hD-_jqr8XAtbHlinxW07N916_8m-AcP4VPdT1hT_K8pe7B9m5nOvTuAkvLESplN8MDn3TMSInlrDHbiae0KMxAaOOZDaO0SldPwYAQ&template_id=520&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216207722233766370989%22,%22debug_reporting%22:true,%22destination%22:%22https://reiki-bergstein.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210905759972%22],%2222%22:[%22true%22],%224%22:[%2202-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221100089578957271457%22}&andc=true

44 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request c284b8 Show response
shtu.be/ppfor/ffww/
Redirect Chain

http://23.94.148.10/510005/2/RFQ-20.02.2024.php
http://shtu.be/c284b8
https://shtu.be/c284b8
https://shtu.be/ppfor/ffww/c284b8

6 KB
2 KB

363ms
362ms

Document
text/html

2606:4700:3032::6815:452c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shtu.be/ppfor/ffww/c284b8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:452c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1f9545263c296054e08419f44cb2accfeda40af8b846e91f603015801c9bdcb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0 no-store no-cache
cf-cache-status: DYNAMIC
cf-ray: 858f4a111e62429b-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 21 Feb 2024 13:20:54 GMT
expires: Wed, 21 Feb 2024 13:20:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kisDoFScfoX5aJtODfWC%2BhP1ElCperu4xyCfE%2BANIKB8lc1ocf5A7wFA203zfg%2Bisqcif1pm6eY0ViCet7NZk62blKyEa%2BWAVQVqd%2FxSXitNL4QG%2FWYZKrDo%2FaZHLWacWShbkH0F"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0 no-store no-cache
cf-cache-status: DYNAMIC
cf-ray: 858f4a0bdf82429b-EWR
content-type: text/html; charset=utf-8
date: Wed, 21 Feb 2024 13:20:53 GMT
expires: Wed, 21 Feb 2024 13:20:53 GMT
location: /ppfor/ffww/c284b8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqafTVtN%2FP3aqw2h8srD8mowCHfmqe7r%2BRZGmWe2dBA852w5yxC88AuOs%2FzsYCxQheUZ%2B63SlBujK1tK6ppVjt4plvpKm3fw9BPLh%2BvAeJl99BiKmMscMwOvxYPMTNKB1pu36Aa2"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 160 KB
25 KB 41ms
22ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css

Requested by

Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1672360
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220101-FRA, cache-lga21964-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvFA58Ns1cZZ2fsVHpFdjLTVhxgmaWw4acTGxTq3YUucjigSADDtrYmQHxaspOq%2FkcSh8Bymi0eSYjdIKTryZG9jRyNAKZkEWWWA2dRVeDdIrATH0ujAINyBN7n0UqAH%2F2ljaFIiuYdh1EHZ65A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 858f4a13689f18d5-FRA

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/ 79 KB
11 KB 40ms
21ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css

Requested by

Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1506223
x-jsd-version: 1.8.1
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220090-FRA, cache-lga21930-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OofRiz6bwxo5D2IBLuBhN%2Begw6mjmaZM68O5nNmVhTTdJ6acS7Aea2MQ%2FvMS%2Bey29rUcCXkUKSuViDiOzXmpPmWBLf5%2FFjB4evth4FIUKLarty0E10mlLEci%2FaMj2JYE1uYamUtohwPZeti4Jis%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 858f4a1368a018d5-FRA

GET
H2 200 ekko-lightbox.min.css
cdn.jsdelivr.net/npm/ekko-lightbox@5.3.0/dist/ 7 KB
3 KB 39ms
19ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/ekko-lightbox@5.3.0/dist/ekko-lightbox.min.css

Requested by

Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

060991b2a75807681a90e14ab6cfdbc63ceb8edb180482d0fa29c15e0754707f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1639697
x-jsd-version: 5.3.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220109-FRA, cache-lga21932-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"1cbe-Uzb/sbV2bYr2JNBLlJ4LOfag6Fw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwUTL51S7fV0Zd5E4mznbKsVBLU0sZBPn7%2FjBK0msYgUDI6RDU4SpjTXgoHES0s7LQBN%2BQYcwZEGM%2FJ02QIuNjJ7LVItZwjc8H0RkId1GDo0DATDJB%2Fy5a1BFyC1IG1RdjtMQ8uAtgDgMrEu0yQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 858f4a1368a218d5-FRA

GET
H2 200 bootstrap-select.min.css
cdn.jsdelivr.net/npm/bootstrap-select@1.14.0-beta3/dist/css/ 12 KB
3 KB 43ms
24ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-select@1.14.0-beta3/dist/css/bootstrap-select.min.css

Requested by

Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7300c976e6ccb2f209700618e445d4640b902f14a510bc45610971becc5d62cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7384793
x-jsd-version: 1.14.0-beta3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"2e31-n6rgf2v6FhKuTrVvoK4WnJtCtJQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDJVrYUxL%2BCMIzmJ7iV76xEyTrTtf%2FOC0%2F79n5yrZy2PE%2BMtMppmsdDj1PxW9KCy%2FDFkzSWIFC3XV9gbkmoDwPArD7EHoORdajqu2VNn%2BHobO1EIaCPJzZj85IkHoOcASAk8nbVJm97pRJWk4x0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 858f4a13689b18d5-FRA

GET
H2 200 pretty-checkbox.min.css
cdn.jsdelivr.net/npm/pretty-checkbox@3.0/dist/ 19 KB
3 KB 36ms
17ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/pretty-checkbox@3.0/dist/pretty-checkbox.min.css

Requested by

Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08d7830746349ff8a17d3234078ea1e46c33f0b1d29752484151d9c60a0d625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 30016
x-jsd-version: 3.0.3
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220105-FRA, cache-lga21941-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"4b56-fF0noLObvYApNnMFBFgmODIkGTo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTzAKGuRg3uGI7nsyzp3bGyTTyUG8zPdmzXImgCl1XiV3PxQCCkjxkU69P5ByhBUPZZDZE43eWwGs%2FMuY4pMxm0TzCj%2B%2BIMfIme10tmSwHlcBhmmFoIziNHu7hDCL9KQAgzIjiqvhovbfRlLibA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 858f4a13689c18d5-FRA

GET
H3 200 jxbbs2022.06.06.css
shtu.be/static/ 19 KB
4 KB 207ms
205ms Stylesheet
text/css 2606:4700:3032::6815:452c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shtu.be/static/jxbbs2022.06.06.css
Requested by: Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:452c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dbb0cd9ba4f7f42e057aca8a0594ee9e60298f2b984be1f6431155c09b6f889

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/ppfor/ffww/c284b8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1242
cf-polished: origSize=23618
surrogate-control: public, max-age=2592000
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 04 Jun 2022 07:59:22 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26%2BWqvDY1tOZMpNr0M0N3B6bZlDiCVlgw4gAuWMzvtH09JEeccV3j9CGX8%2F1mdGwn3bZODCRxiV1Obj%2FgMydmf5r305O7AaXJO3Vdap4iWVIC9CSbWpti25LEh7riYKnACb0EB9M"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 858f4a13999857b2-IAD
expires: Fri, 22 Mar 2024 13:00:12 GMT

GET
H3 200 vspacing.min.css
shtu.be/static/ 12 KB
2 KB 110ms
108ms Stylesheet
text/css 2606:4700:3032::6815:452c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shtu.be/static/vspacing.min.css
Requested by: Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:452c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f2dd5b01bee5bc2fc68956ae9097ef89a6072814af05c0d85d4187f32b2ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/ppfor/ffww/c284b8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 02 Apr 2022 10:20:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1242
surrogate-control: public, max-age=2592000
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlfrYZRDkVOyDnS9WBIYPBL2boxXA4HQMPSbXeVozsQdG6Ysyf0jjXJzAN0UIinMPNaIiTSclKE2UMzfjPjwXw0rk%2F0xHd7WVhVabTUv1lVpI0%2B2Tn71z6Ma6R3gmN7jjNf%2F3bRi"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 858f4a13999b57b2-IAD
alt-svc: h3=":443"; ma=86400
expires: Fri, 22 Mar 2024 13:00:12 GMT

GET
H3 200 bootstrap-colors.css
shtu.be/static/ 43 KB
6 KB 114ms
112ms Stylesheet
text/css 2606:4700:3032::6815:452c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shtu.be/static/bootstrap-colors.css
Requested by: Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:452c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a998714a9c296d9e52fed0fb51a8a953b43fe51e7be739fbb30ab694e3acc1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/ppfor/ffww/c284b8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1242
cf-polished: origSize=52931
surrogate-control: public, max-age=2592000
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 02 Apr 2022 10:20:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nx1dAEFqCIwSBV%2FjaV2%2BeYm%2BIYVtD%2Bgw5oSQC24Yn2hlfqATDubJhUwuudJkn37ubv4lfOXbBGDzerBTxHmglUe8D%2F8tkpFY0JMyzSG9vjUIT%2BiE9GB6x9l5O8ov2uK450Ojbnof"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 858f4a13999c57b2-IAD
expires: Fri, 22 Mar 2024 13:00:12 GMT

GET
H3 200 bootstrap-colors-themes.css
shtu.be/static/ 32 KB
5 KB 111ms
110ms Stylesheet
text/css 2606:4700:3032::6815:452c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shtu.be/static/bootstrap-colors-themes.css
Requested by: Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:452c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1049e41d680f008916fe5e4d4fc426940842ef0956074bd8bb9f7fb682b782a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/ppfor/ffww/c284b8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1242
cf-polished: origSize=38452
surrogate-control: public, max-age=2592000
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 02 Apr 2022 10:20:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=855Ec6DxIQLuUuJVz2Q8E8FrqNvS%2FXzaKex4ZBrvPyl%2Fbn5YvAgWMa8SZpwESO5bxL7zKQJQEf8G5mWdIo8SeNbIU3lceqXifGQB1tQ6vXyUEYRKMZV%2BZIHkNbBrk8HD76ZCFohK"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=2592000
cf-ray: 858f4a13999e57b2-IAD
expires: Fri, 22 Mar 2024 13:00:12 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 75ms
53ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14e2018c8ede59b2a34c6a85744514623650247102747a57e29c452b2d61762b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51304
x-xss-protection: 0
server: cafe
etag: 16430577185242642645
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Wed, 21 Feb 2024 13:20:54 GMT

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.6.0/dist/ 87 KB
32 KB 49ms
30ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.min.js

Requested by

Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1672342
x-jsd-version: 3.6.0
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230088-FRA, cache-lga21949-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"15d9d-uC0jjU4x/fYYuuisEabIEsA90NQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MacOIunvk6p1RuQGNYGm10AJy2CvF6YbXSr5A%2F5or12rHvCXhX6xjxrrAKNY%2BuDSI%2ByYawccv6DyK7rK6DUR0Y0ayzenj%2Fh0mLakJkVCJzwbPCZv1ChkvtMC7mqJ24OUbppvWJlODCVBhmdh4oI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 858f4a1368ad18d5-FRA

GET
H2 200 jquery.validate.min.js Show response
cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/ 24 KB
8 KB 47ms
29ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery-validation@1.19.1/dist/jquery.validate.min.js

Requested by

Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1672327
x-jsd-version: 1.19.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220040-FRA, cache-lga21934-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"5f38-DaTFNbUL203/o7X64+mZru4TfLU"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfVjkVjWYkpb8oah%2FUyM7UjHY%2Bh9QGd%2FTd8PUNM%2BC8Hg4Qod7UgCETon599vsDeO%2FFY26a932Z6e%2FmZyAFo1spBbtchQ%2FvB73iGtFKzYt2CPilC%2BJ%2FGmAjMXAKKZ29SMATXydMdtBzph2Ud6D3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 858f4a1368af18d5-FRA

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 76 KB
24 KB 43ms
25ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js

Requested by

Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7299284
x-jsd-version: 5.1.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230101-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ku4mdVV1Z4qqJU3CfnxDbB8NiPnzGUXT%2BbTTp9tCFZGIFHFjnFl%2FBreppe1cyaiLAuTzGM3ujSpdEoZ7yp81wChaKlQGvgjrWWs5Ef0rmu17SHb7F9i3V1D04X3jokI2fGLO2USfBFSa2sAMhn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 858f4a1368a318d5-FRA

GET
H2 200 dayjs.min.js Show response
cdn.jsdelivr.net/npm/dayjs@1.9.3/ 6 KB
3 KB 36ms
18ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/dayjs@1.9.3/dayjs.min.js

Requested by

Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b72da63eb045ffc8dc25ed7e25f18ce65d87b18b3bcc46ecf9fe97d27a2b79ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9081602
x-jsd-version: 1.9.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230034-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"190a-Rw2SSdiIQm5t+PGkA13ciVD6Ajc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sSVYbgcY9KlJ8sCM6fjm7oSBDHCmhmIAj%2FZFEFPKOfHc0MrmNnlRshYy0WbGeWVX4n3b9HOHpPqRlak%2FyEasMuPelZKQHU3%2B9oaZnW48RF8UfKFNMeZQQLpz07UR65RQ0FTfGYDYOygtS5ftb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 858f4a1368a518d5-FRA

GET
H2 200 lazysizes.min.js Show response
cdn.jsdelivr.net/npm/lazysizes@5.2.2/ 8 KB
4 KB 46ms
28ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lazysizes@5.2.2/lazysizes.min.js

Requested by

Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb649fcae62177dfe63e67081ddceb830b5ce1f05a4184e9bbb7d87ac4b8f4e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8841301
x-jsd-version: 5.2.2
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230021-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1e5b-cs7X5+eMy3YMQFDX7hLYbDhnF1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSnOXBj52f5Q3DyGW03%2FptGgeAdJbBCE51bj77gl86ehFe7RGLYN%2BAeA5iMGsFpALZBBm5h292ihGgr3Eb6tdZW21bRmRCOX3ZrnA6zqyJcV0Tv6py9zzooWxzq3bZKFEzOdjBzktCwBTDS1Htg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 858f4a1368a818d5-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
90 KB 75ms
26ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6FQTKVJCYW

Requested by

Host: shtu.be
URL: https://shtu.be/ppfor/ffww/c284b8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

efe0b8a10b2110f7334b43abc339604f884af3f2a6180c67293a31842920b3dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 21 Feb 2024 13:20:54 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame D7B8 9 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shtu.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Feb 2024 19:17:33 GMT
etag: 3890843268177463596
expires: Tue, 05 Mar 2024 19:17:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/fonts/ 100 KB
101 KB 25ms
15ms Font
font/woff2 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/fonts/bootstrap-icons.woff2?524846017b983fc8ded9325d94ed40f3

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
Origin: https://shtu.be
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7371310
x-jsd-version: 1.8.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 102536
x-served-by: cache-fra-eddf8230049-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"19088-HKXox9L7jp1grRof6ypG6Ywkij0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gfnjcmgm2DcMfIx1JGoOY%2Bu8I%2FHkbiaeHXmQCVMaTL6jrkWm7hXy5GGNHVkxBri%2F8CEML35AonCtd3EUfPTDJRrEvbqjre8cvRjNH2oWRDOoe3FfX62rnN%2FQVuGG9YKoTPtymyEGeb2OriFMz20%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 858f4a144fc790da-FRA

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/ 407 KB
138 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9014453167611078&plah=shtu.be&aplac=true&bust=31081233

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9992ef075b6a22f5cc3800e7c760efa611be14154daea0f18242dcd010a4ef0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141264
x-xss-protection: 0
server: cafe
etag: 18058850034113426132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 13:20:54 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
248 B 37ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6FQTKVJCYW&gtm=45je42h0v892032111za200&_p=1708521654503&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1325224446.1708521655&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708521654&sct=1&seg=0&dl=https%3A%2F%2Fshtu.be%2Fppfor%2Fffww%2Fc284b8&dt=SHORTEN%20URL&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2581
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FQTKVJCYW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 13:20:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shtu.be
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 739C 156 KB
47 KB 931ms
930ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9014453167611078&output=html&h=280&slotname=1913794818&adk=3549257253&adf=1801062927&pi=t.ma~as.1913794818&w=1200&fwrn=4&fwrnh=100&lmt=1708521654&rafmt=1&format=1200x280&url=https%3A%2F%2Fshtu.be%2Fppfor%2Fffww%2Fc284b8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708521654494&bpp=3&bdt=211&idt=152&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&correlator=4456649779350&frm=20&pv=2&ga_vid=1325224446.1708521655&ga_sid=1708521655&ga_hid=1535594306&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=152&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C44795922%2C95322745%2C95324581%2C95325066%2C31081233%2C95320376%2C95324155%2C95324161&oid=2&pvsid=4385145661044503&tmod=1926865581&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=159

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9014453167611078&plah=shtu.be&aplac=true&bust=31081233

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c672df4eb1109551d546ef0e9881d922be3a310c97ace95d74d564607846ad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shtu.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 48313
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 13:20:55 GMT
expires: Wed, 21 Feb 2024 13:20:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D945 0
188 B 253ms
252ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9014453167611078&output=html&adk=1812271804&adf=3025194257&lmt=1708521654&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2Fshtu.be%2Fppfor%2Fffww%2Fc284b8&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708521654509&bpp=1&bdt=226&idt=152&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=4456649779350&frm=20&pv=1&ga_vid=1325224446.1708521655&ga_sid=1708521655&ga_hid=1535594306&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C44795922%2C95322745%2C95324581%2C95325066%2C31081233%2C95320376%2C95324155%2C95324161&oid=2&pvsid=4385145661044503&tmod=1926865581&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=155

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shtu.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 13:20:54 GMT
expires: Wed, 21 Feb 2024 13:20:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 739C 14 KB
2 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9014453167611078&output=html&h=280&slotname=1913794818&adk=3549257253&adf=1801062927&pi=t.ma~as.1913794818&w=1200&fwrn=4&fwrnh=100&lmt=1708521654&rafmt=1&format=1200x280&url=https%3A%2F%2Fshtu.be%2Fppfor%2Fffww%2Fc284b8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708521654494&bpp=3&bdt=211&idt=152&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&correlator=4456649779350&frm=20&pv=2&ga_vid=1325224446.1708521655&ga_sid=1708521655&ga_hid=1535594306&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=152&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C44795922%2C95322745%2C95324581%2C95325066%2C31081233%2C95320376%2C95324155%2C95324161&oid=2&pvsid=4385145661044503&tmod=1926865581&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=159

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 21 Feb 2024 13:20:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 21 Feb 2024 13:10:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Feb 2024 13:20:55 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 739C 2 KB
875 B 32ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 16:59:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 739C 23 KB
9 KB 27ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 12:32:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 12:32:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 739C 3 KB
1 KB 28ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 12:32:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2890
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Mar 2024 12:32:45 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 739C 20 KB
8 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 16:59:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 739C 204 KB
61 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 12:58:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62854
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=windows-874
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Feb 2024 13:58:35 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 739C 36 KB
15 KB 58ms
15ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:44:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20211
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 21 May 2024 07:44:04 GMT

GET
H2 400 data=gq5fMRymf8FZpdON26IVWlgr6lRAb6jovGxaFZoFobCNPTnUU3mQjqi0iLaqkRFtt0q2U30h9IBdhHiVUVnzcw
mts0.google.com/vt/ Frame 739C 0
0 66ms
15ms Image
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mts0.google.com/vt/data=gq5fMRymf8FZpdON26IVWlgr6lRAb6jovGxaFZoFobCNPTnUU3mQjqi0iLaqkRFtt0q2U30h9IBdhHiVUVnzcw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9014453167611078&output=html&h=280&slotname=1913794818&adk=3549257253&adf=1801062927&pi=t.ma~as.1913794818&w=1200&fwrn=4&fwrnh=100&lmt=1708521654&rafmt=1&format=1200x280&url=https%3A%2F%2Fshtu.be%2Fppfor%2Fffww%2Fc284b8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708521654494&bpp=3&bdt=211&idt=152&shv=r20240215&mjsv=m202402140101&ptt=9&saldr=aa&abxe=1&correlator=4456649779350&frm=20&pv=2&ga_vid=1325224446.1708521655&ga_sid=1708521655&ga_hid=1535594306&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=152&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C44795922%2C95322745%2C95324581%2C95325066%2C31081233%2C95320376%2C95324155%2C95324161&oid=2&pvsid=4385145661044503&tmod=1926865581&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=159
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 739C 297 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 739C 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 739C 462 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 739C 465 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 739C 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9da86053b2414a856324939ac6f68f8c11a8a85ce909a8bf88788949e2a0dc4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 739C 33 KB
34 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 20 Feb 2024 04:01:15 GMT
x-content-type-options: nosniff
age: 119980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Feb 2025 04:01:15 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 739C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CKBu8tvjVZZCjLODGvPIP3bK_4ArSr7PEdO3TmJmKEsvLrZfeGhABIMuQpDZglcKggrAHoAHk4aLQKMgBCakCrZ_3QvUQsj6oAwHIA8sEqgTaAU_Q12tI3kMymGyTJ2Y_FprqrVWuTnEa9ZV...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216207722233766370989%22,%22debug_reporting%22:true,%22destination%22:%22https://reiki-bergstein.de%22,%22event_report_wind...

0
0

55ms
39ms

Fetch
text/css

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216207722233766370989%22,%22debug_reporting%22:true,%22destination%22:%22https://reiki-bergstein.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210905759972%22],%2222%22:[%22true%22],%224%22:[%2202-21%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221100089578957271457%22}&andc=true

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:55 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16207722233766370989","debug_reporting":true,"destination":"https://reiki-bergstein.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10905759972"],"22":["true"],"4":["02-21"],"6":["true"]},"priority":"500","source_event_id":"1100089578957271457"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 21 Feb 2024 13:20:55 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 21 Feb 2024 13:20:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16207722233766370989","debug_reporting":true,"destination":"https://reiki-bergstein.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10905759972"],"22":["true"],"4":["02-21"],"6":["true"]},"priority":"500","source_event_id":"1100089578957271457"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 68ms
52ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7657fc44468101ae942652696b0bc026289d94671313ce3f2ac390a1c2cc0247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12280
x-xss-protection: 0

GET
H3 200 Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js Show response
pagead2.googlesyndication.com/bg/ Frame F481 51 KB
19 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Mxl_QHRpF3ASJ-0UJYy-xnBnh_t8qFAxMnyvqBA6J-g.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:42:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19812
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Feb 2025 07:42:55 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 70ms
40ms Preflight
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 21 Feb 2024 13:20:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Feb 2024 13:20:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1B02 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shtu.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 430
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 13:13:45 GMT
expires: Thu, 20 Feb 2025 13:13:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2F79 829 B
1 KB 46ms
24ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

350a32ce9eef11f4fc5d7029a617757094e69dcf41d6c6e8d2c84b08861f4357

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dtChY_UJrm7dxlHPwQdlZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shtu.be/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dtChY_UJrm7dxlHPwQdlZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Feb 2024 13:20:55 GMT
expires: Wed, 21 Feb 2024 13:20:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1B02 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 10:58:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Feb 2025 10:58:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2F79 0
0 39ms
39ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=4385145661044503&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1B02 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TwIwdA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 13:20:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
40ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=4385145661044503&bg=!zM-lz4DNAAZN4L4YbeA7ADQBe5WfOBDijQqEJsWdV1TooQm9pvSiEdLLA3jO7Wkiqb6l6sQOmnYutAbA0ISgfVk1OBvbAgAAAC9SAAAAAmgBBwoAFmxG6JcS6SkWwGY1C4srVvnl0qBhgCKZAr7sOS87R5W-lR3pi1phrnXgbi4vJGDk1VtXH_QPGgVkXkBUjRcsUWYHsafxOa34lxG4fGPdZDIAwzyQ2SzgCEgDfgwOBhr2dVlMLnt7iNcHEg3Y6rSa5_7ZAJySEo_O8yZHsCohv6UTUqnxJnBPpnKyg2eC2EP3tRYn0KVp97Yr5rfquEME3wzkU11-QccCCBP9gGaiz6gNq6EYXuRpuUk1KKXVYujSentvjURlNZmOkxq3BfsgRNNfmYFeW6baSIslFDw8PkKUizUmwgRZbo5tPwjwzplRXO4wBQB7Z6s64yUTY8F2_vfikhQzXvj8WDC5RyUSlwIETaGG3TtlTgGF-ibzMvk34Hb3zRI-HNnomS5HCQ7FoTfwBHRb-apWFdmSHES31O1teymK930KhIMfmquBRN2HUX7Ioeim0CM9j8MVcYKFDlukWesCumo0tuKqZ8pKP15RR8hkFDB7l3xWP4JQsk2Akj8E1HELl6Cirvh1ofxzhDXGA77Dc6y7U3TpoViOFcA2kkxfSFFiSMQV9AwyWGobcKxBNlIOE-wkUVAw4SKEoirDkEHWy2k5dq7Hps0SgkK_gvoqhz4yqSzr96Pzt23NrM7EGNx349cdNhqDqtM5OKBH1kF3pMeR0lUrBrxFKNOmW4_2k6c3KyDVi5UO1ENxOWVDSWQztojLI0e3Wj1LNnTfnSJcgjj-8hLSJ7PqB_WWVtcaD2A5yPGfQsyr2wNsGckxQYC_RJ9JDsQEWIdb8suvLR3d9bmMkWQWEjmRofw14qIUjbaD3qcUr67Sk9lHY6k1b4yGc-Mvm4HFSOHQOsI08RFbSgEmU2oRJaCSpGGNgvRCCNUzkBGWpcYOML3byccbAmLIK37KwXQ2czW5aiW5QvLgxHbafmgSuGs-KoR6SOIwoM_IljrWB8rV1N-MIbf0cO6Pyf8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shtu.be/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 739C 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9rTgzdG3CUibsj5d2oFpkPpg-lBLm0qEWJbehSx2nzzeyvvd3XwU6ltbpQ_Gj_Tyn45N0rfDMmvTRK1hlvLig0knBgTumakCXdA2rFUCWsCpyYJySI5ddTbrJUqdi9bTrETZwex3oucTCY6HLVjA4mCItPRqD6auxDg&sai=AMfl-YQnmDm_Xu3q8Ht4lAlVNR7vU-AzwhLn4Jtvfutsc5-cWqTqyvUl15gI6FV0RdoGQUwmauOZGHWiQVbpvZvS7qDAe7Oeet67sJXbVY5QeewEXTsC6GJy97JxNVvseHyL-5jvLMML1jZGR7ERK7Svig&sig=Cg0ArKJSzNtBwln7FrcYEAE&cid=CAQSTwAvHhf_hD-_jqr8XAtbHlinxW07N916_8m-AcP4VPdT1hT_K8pe7B9m5nOvTuAkvLESplN8MDn3TMSInlrDHbiae0KMxAaOOZDaO0SldPwYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240220&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3549257253&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=445445500&rst=1708521654654&rpt=1032&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Feb 2024 13:20:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
shtu.be/	1970-01-20 18:49:45	Name: sessionID Value: 51944694-1453-4e8a-b959-66800bb44ebc
shtu.be/	1970-01-20 18:49:45	Name: lan Value: en
.shtu.be/	1970-01-21 04:11:21	Name: _ga Value: GA1.1.1325224446.1708521655
.shtu.be/	1970-01-21 04:11:21	Name: _ga_6FQTKVJCYW Value: GS1.1.1708521654.1.0.1708521654.0.0.0
.shtu.be/	1970-01-21 03:56:57	Name: __gads Value: ID=b36fa41bd28d4198:T=1708521654:RT=1708521654:S=ALNI_MYL5bTVrZh5WWg-MRd4kaC75-QHHQ
.shtu.be/	1970-01-21 03:56:57	Name: __gpi Value: UID=00000d5e45be493b:T=1708521654:RT=1708521654:S=ALNI_MY1WZ45iIk8d1SQVnPbOCH9tq20vQ
.shtu.be/	1970-01-20 22:54:33	Name: __eoi Value: ID=cac92fd6244ebceb:T=1708521654:RT=1708521654:S=AA-AfjaVW6ua5l875q41UBK8lLAB
.doubleclick.net/	1970-01-21 03:56:57	Name: IDE Value: AHWqTUk6ElBHpIE0Ud_AmRLAeOGqeRGgFMU5i7NCjDXZf2Zsc17jNF2MGG9EQw3cOG8
.googleadservices.com/	1970-01-20 20:44:57	Name: ar_debug Value: 1

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://shtu.be/ppfor/ffww/c284b8 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shtu.be/ppfor/ffww/c284b8 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://mts0.google.com/vt/data=gq5fMRymf8FZpdON26IVWlgr6lRAb6jovGxaFZoFobCNPTnUU3mQjqi0iLaqkRFtt0q2U30h9IBdhHiVUVnzcw Message: Failed to load resource: the server responded with a status of 400 ()
other	warning	URL: https://shtu.be/ppfor/ffww/c284b8 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shtu.be/ppfor/ffww/c284b8 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shtu.be/ppfor/ffww/c284b8 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://shtu.be/ppfor/ffww/c284b8 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mts0.google.com
pagead2.googlesyndication.com
region1.google-analytics.com
shtu.be
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
142.250.184.226
2001:4860:4802:34::36
23.94.148.10
2606:4700:3032::6815:452c
2606:4700::6810:5914
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2004
2a00:1450:4001:827::2008
2a00:1450:4001:828::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
060991b2a75807681a90e14ab6cfdbc63ceb8edb180482d0fa29c15e0754707f
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
1049e41d680f008916fe5e4d4fc426940842ef0956074bd8bb9f7fb682b782a0
14e2018c8ede59b2a34c6a85744514623650247102747a57e29c452b2d61762b
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2a998714a9c296d9e52fed0fb51a8a953b43fe51e7be739fbb30ab694e3acc1c
2dbb0cd9ba4f7f42e057aca8a0594ee9e60298f2b984be1f6431155c09b6f889
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33197f40746917701227ed14258cbec6706787fb7ca85031327cafa8103a27e8
350a32ce9eef11f4fc5d7029a617757094e69dcf41d6c6e8d2c84b08861f4357
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
48639bd7695fc270e23859d9b74231f49bc78f05e3a96ed0332a9b0b80d8c2e4
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c672df4eb1109551d546ef0e9881d922be3a310c97ace95d74d564607846ad1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f2dd5b01bee5bc2fc68956ae9097ef89a6072814af05c0d85d4187f32b2ada
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
7300c976e6ccb2f209700618e445d4640b902f14a510bc45610971becc5d62cf
7657fc44468101ae942652696b0bc026289d94671313ce3f2ac390a1c2cc0247
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9da86053b2414a856324939ac6f68f8c11a8a85ce909a8bf88788949e2a0dc4c
a1f9545263c296054e08419f44cb2accfeda40af8b846e91f603015801c9bdcb
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
b08d7830746349ff8a17d3234078ea1e46c33f0b1d29752484151d9c60a0d625
b0f074179d185032b4a2d0e7b1f3476b0626039334a638d47f84ef44990616b2
b72da63eb045ffc8dc25ed7e25f18ce65d87b18b3bcc46ecf9fe97d27a2b79ba
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13
c9992ef075b6a22f5cc3800e7c760efa611be14154daea0f18242dcd010a4ef0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe0b8a10b2110f7334b43abc339604f884af3f2a6180c67293a31842920b3dc
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
fb649fcae62177dfe63e67081ddceb830b5ce1f05a4184e9bbb7d87ac4b8f4e5
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

shtu.be Open in urlscan Pro 2606:4700:3032::6815:452c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

98 %HTTPS

86 %IPv6

10 Domains

13 Subdomains

14 IPs

2 Countries

757 kBTransfer

2147 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shtu.be Open in urlscan Pro
2606:4700:3032::6815:452c Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

98 %
HTTPS

86 %
IPv6

10
Domains

13
Subdomains

14
IPs

2
Countries

757 kB
Transfer

2147 kB
Size

9
Cookies

44 HTTP transactions
5 data transactions