prosettings.net Open in urlscan Pro
2606:4700:3108::ac42:28f2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://prosettings.net/
Effective URL:
https://prosettings.net/
Submission Tags: tranco_l324
Submission: On November 06 via api (November 6th 2021, 2:48:39 am UTC) from DE — Scanned from DE

Summary HTTP 133 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 19 domains to perform 133 HTTP transactions. The main IP is 2606:4700:3108::ac42:28f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is prosettings.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 28th 2021. Valid for: a year.

This is the only time prosettings.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	2606:4700:310... 2606:4700:3108::ac42:28f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6812:24e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:91a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4513	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
12	178.79.242.139 178.79.242.139	22822 (LLNW) (LLNW)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
21	54.156.83.163 54.156.83.163	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	54.228.109.135 54.228.109.135	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	52.72.126.250 52.72.126.250	14618 (AMAZON-AES) (AMAZON-AES)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	44.194.55.212 44.194.55.212	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400e:810::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:d000:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
1 6	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3 4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
133	23

39 2606:4700:3108::ac42:28f2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

prosettings.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:24e (United States)

ASN13335 (CLOUDFLARENET, US)

s.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.nitropay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:91a (United States)

ASN13335 (CLOUDFLARENET, US)

instant.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 178.79.242.139 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-139.fra.llnw.net

player.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
config.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn5.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 54.156.83.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-83-163.compute-1.amazonaws.com

pixel.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.228.109.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-109-135.eu-west-1.compute.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.126.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-126-250.compute-1.amazonaws.com

trafficmanager.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.194.55.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-55-212.compute-1.amazonaws.com

lreprx-server.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:810::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:d000:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.236 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	prosettings.net 1 redirects prosettings.net	969 KB
37	anyclip.com player.anyclip.com config.anyclip.com pixel.anyclip.com assets.anyclip.com trafficmanager.anyclip.com cdn5.anyclip.com lreprx-server.anyclip.com	428 KB
10	googleapis.com imasdk.googleapis.com	973 KB
10	nitropay.com s.nitropay.com tracker.nitropay.com	243 KB
8	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	145 KB
7	googlesyndication.com pagead2.googlesyndication.com	39 KB
6	openx.net 1 redirects u.openx.net eu-u.openx.net us-u.openx.net	1 KB
4	2mdn.net s0.2mdn.net	50 KB
3	springserve.com vid.springserve.com vpaid.springserve.com	90 KB
2	adform.net 2 redirects c1.adform.net	925 B
2	gstatic.com csi.gstatic.com	381 B
2	google-analytics.com www.google-analytics.com	20 KB
2	ad-delivery.net ad-delivery.net	1 KB
1	adnxs.com ib.adnxs.com	1 KB
1	adsrvr.org match.adsrvr.org	265 B
1	quantserve.com 1 redirects pixel.quantserve.com	498 B
1	mathtag.com 1 redirects sync.mathtag.com	612 B
1	googletagmanager.com www.googletagmanager.com	40 KB
1	instant.page instant.page	1 KB
133	19

	Domain	Requested by
39	prosettings.net	1 redirects prosettings.net
21	pixel.anyclip.com	prosettings.net
10	imasdk.googleapis.com	player.anyclip.com s.nitropay.com imasdk.googleapis.com vpaid.springserve.com
8	s.nitropay.com	prosettings.net s.nitropay.com
7	pagead2.googlesyndication.com	srcdoc imasdk.googleapis.com
6	assets.anyclip.com	player.anyclip.com prosettings.net
4	cm.g.doubleclick.net	3 redirects u.openx.net
4	s0.2mdn.net	player.anyclip.com s.nitropay.com imasdk.googleapis.com
4	player.anyclip.com	s.nitropay.com imasdk.googleapis.com
3	securepubads.g.doubleclick.net	s.nitropay.com securepubads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	us-u.openx.net	u.openx.net
2	eu-u.openx.net	u.openx.net
2	u.openx.net	1 redirects vpaid.springserve.com
2	csi.gstatic.com	imasdk.googleapis.com
2	lreprx-server.anyclip.com	imasdk.googleapis.com
2	trafficmanager.anyclip.com	player.anyclip.com
2	vid.springserve.com	player.anyclip.com
2	www.google-analytics.com	s.nitropay.com www.google-analytics.com
2	tracker.nitropay.com	s.nitropay.com prosettings.net
2	ad-delivery.net	prosettings.net
1	ib.adnxs.com	vpaid.springserve.com
1	match.adsrvr.org	u.openx.net
1	pixel.quantserve.com	1 redirects
1	sync.mathtag.com	1 redirects
1	vpaid.springserve.com	player.anyclip.com
1	cdn5.anyclip.com	prosettings.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	config.anyclip.com	s.nitropay.com
1	www.googletagmanager.com	prosettings.net
1	instant.page	prosettings.net
133	31

This site contains links to these domains. Also see Links.

Domain
twitter.com
discord.gg
www.youtube.com
anyclip.com
nitropay.com

Subject Issuer	Validity	Valid
prosettings.net Cloudflare Inc ECC CA-3	`2021-04-28` - `2022-04-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.anyclip.com Go Daddy Secure Certificate Authority - G2	`2020-07-13` - `2022-07-13`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.springserve.com Amazon	`2021-09-27` - `2022-10-26`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://prosettings.net/
Frame ID: 7277FAFBA0AC61F0A304EF7BAE8611B0
Requests: 97 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Frame ID: FE5CE76AB9B0A6C7C09E169A39D10936
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6332DBE31C18DC565C2C48BEED1C13B6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 64045F59D45A9F6757CDC4EB6D0925C3
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Frame ID: AD206D7AEB3B2CC4B933B8D5238B1E3D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5716744E029837AA78E16BE92FDBE5B7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 78793163C11AD035EE2DFFD28500366A
Requests: 7 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Frame ID: 09D35E0F93A39D3EE787425492555476
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Frame ID: ED1949C358D0551AB85AD3E822B08F35
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 963D59907E1B019B7D10517CDF656FB6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ProSettings.net - The Best Settings and Setups in Esports

Page URL History Show full URLs

http://prosettings.net/ HTTP 301
https://prosettings.net/ Page URL

Page Statistics

133
Requests

93 %
HTTPS

52 %
IPv6

19
Domains

31
Subdomains

23
IPs

6
Countries

3003 kB
Transfer

8469 kB
Size

19
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/ProSettings

Search URL Search Domain Scan URL

URL: https://discord.gg/UjY5XcwGvA

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCPvFDCdvT9z_mx9mqUlxnzQ

Search URL Search Domain Scan URL

URL: https://twitter.com/prosettings

Search URL Search Domain Scan URL

URL: https://anyclip.com/?source=logo&wid=0011r00002Mc2QW_14401

Search URL Search Domain Scan URL

URL: https://anyclip.com/?source=powered&wid=0011r00002Mc2QW_14401
Title: Powered by AnyClip

Search URL Search Domain Scan URL

URL: https://anyclip.com/privacy-policy/?source=policy&wid=0011r00002Mc2QW_14401
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://nitropay.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://prosettings.net/ HTTP 301
https://prosettings.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://u.openx.net/w/1.0/pd?us_privacy=1--- HTTP 302
https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---

Request Chain 119

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=30506185-ed04-4b00-8908-2acf9123c370

Request Chain 120

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=KW3VIHo43SAyb48hKz_AJXpk3Scyb94kLDle0Isx

Request Chain 121

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4533075648421269585

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjE3MjRhYjYtODc2My0yMDQyLWY2NzAtZGM0ODZjZDYwNDZj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjE3MjRhYjYtODc2My0yMDQyLWY2NzAtZGM0ODZjZDYwNDZj&google_tc=

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOrmBig0d5xPgzDFyDuSKVs&google_cver=1

133 HTTP transactions
-3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
prosettings.net/
Redirect Chain

http://prosettings.net/
https://prosettings.net/

274 KB
26 KB

100ms
57ms

Document
text/html

2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2b4636ed8badd400495933250c0a76a6931bf111de91e8be9a83a020fe663ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-type: text/html; charset=UTF-8
cf-ray: 6a9b00e6aa1459fb-MXP
age: 764
cache-control: max-age=600, public, s-maxage=86400
expires: Sat, 06 Nov 2021 01:43:02 GMT
last-modified: Sat, 06 Nov 2021 01:33:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
cdn-cache-control: max-age=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: public
x-acd-cms: wordpress
x-acd-status: HIT
x-acd-ttl: 86400
x-content-type-options: nosniff
x-servebolt-plugin: active
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 06 Nov 2021 02:48:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 06 Nov 2021 03:48:33 GMT
Location: https://prosettings.net/
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 6a9b00e62a28d70d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lazy_placeholder.gif
prosettings.net/wp-content/plugins/a3-lazy-load/assets/images/ 34 B
378 B 62ms
59ms Image
image/webp 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prosettings.net/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2803
cf-polished: origFmt=gif, origSize=42
content-disposition: inline; filename="lazy_placeholder.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34
expires: Sat, 13 Nov 2021 02:48:33 GMT
last-modified: Mon, 19 Jul 2021 12:56:30 GMT
server: cloudflare
etag: "2a-5c779775a47c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
vary: Accept
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a9b00e72a7e59fb-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 lato-latin-700.woff2
prosettings.net/wp-content/plugins/prosettings-customization/fonts/ 22 KB
23 KB 61ms
58ms Font
text/plain 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/plugins/prosettings-customization/fonts/lato-latin-700.woff2

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3be792108632d778ecb33ca3e4496758eac777690e135e62297d3f3c3e0ddc0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://prosettings.net/
Origin: https://prosettings.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1107957
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22992
last-modified: Sat, 23 Oct 2021 13:38:35 GMT
server: cloudflare
etag: "59d0-5cf053e9338df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9b00e72a8059fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 style.min.css
prosettings.net/wp-includes/css/dist/block-library/ 79 KB
11 KB 40ms
37ms Stylesheet
text/css 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108884
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 21 Jul 2021 12:40:48 GMT
server: cloudflare
etag: W/"13abe-5c7a17ae378fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a9b00e72a8159fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 critical.css
prosettings.net/wp-content/plugins/prosettings-customization/styles/build/ 724 B
434 B 39ms
37ms Stylesheet
text/css 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/plugins/prosettings-customization/styles/build/critical.css?ver=1.12.7.4

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e897ecc8ee3946081b793623e179c0255975fd02272ea5d52308e5c2e5057c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108884
cf-polished: origSize=840
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 23 Oct 2021 13:38:35 GMT
server: cloudflare
etag: W/"348-5cf053e9345e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=31536000
cf-ray: 6a9b00e72a8259fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 global.css
prosettings.net/wp-content/plugins/prosettings-customization/styles/build/ 144 B
208 B 56ms
53ms Stylesheet
text/css 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/plugins/prosettings-customization/styles/build/global.css?ver=1.12.7.4

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b97c20ef963146bfb5b52bf336b23c71c5d998f794a70fc15ae9dc127388b0d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108884
cf-polished: origSize=183
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 23 Oct 2021 13:38:35 GMT
server: cloudflare
etag: W/"b7-5cf053e9345e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=31536000
cf-ray: 6a9b00e72a8359fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 fonts.css
prosettings.net/wp-content/plugins/prosettings-customization/styles/build/ 798 B
460 B 38ms
35ms Stylesheet
text/css 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/plugins/prosettings-customization/styles/build/fonts.css?ver=1.12.7.4

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80aa91014297a7579e91de1922a7eb33980600e876b69f8adbde8f1655984f7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108884
cf-polished: origSize=940
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 23 Oct 2021 13:38:35 GMT
server: cloudflare
etag: W/"3ac-5cf053e9345e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=31536000
cf-ray: 6a9b00e72a8559fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 ads.css
prosettings.net/wp-content/plugins/prosettings-customization/styles/build/components/ 2 KB
628 B 37ms
34ms Stylesheet
text/css 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/plugins/prosettings-customization/styles/build/components/ads.css?ver=1.12.7.4

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0a9b97577a440d38ae5b8a9ca988a9eb4f2d85449378f3f3a52aed06d393569

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108884
cf-polished: origSize=2425
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 23 Oct 2021 13:38:35 GMT
server: cloudflare
etag: W/"979-5cf053e9345e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=31536000
cf-ray: 6a9b00e73a8759fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 nav.css
prosettings.net/wp-content/plugins/prosettings-customization/styles/build/components/ 3 KB
844 B 64ms
62ms Stylesheet
text/css 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/plugins/prosettings-customization/styles/build/components/nav.css?ver=1.12.7.4

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aaee4de7788b34d4094ffdb565e95a3c588d7d08b8c1688587172679fdf3596b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108884
cf-polished: origSize=3189
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 23 Oct 2021 13:38:35 GMT
server: cloudflare
etag: W/"c75-5cf053e9345e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=31536000
cf-ray: 6a9b00e73a8859fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 page.css
prosettings.net/wp-content/plugins/prosettings-customization/styles/build/templates/ 537 B
264 B 38ms
36ms Stylesheet
text/css 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/plugins/prosettings-customization/styles/build/templates/page.css?ver=1.12.7.4

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac5f3791fa7402047ee60c12f9859cac51c9182d5cd011660bcf0f9dc46b9fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1107954
cf-polished: origSize=571
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 23 Oct 2021 13:38:35 GMT
server: cloudflare
etag: W/"23b-5cf053e9345e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=31536000
cf-ray: 6a9b00e73a8959fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 front-page.css
prosettings.net/wp-content/plugins/prosettings-customization/styles/build/templates/ 324 B
224 B 55ms
53ms Stylesheet
text/css 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/plugins/prosettings-customization/styles/build/templates/front-page.css?ver=1.12.7.4

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85f9996ecd3d28fd3bdc0b49b507a47ab74e01ad9cabb22f3faac768578f6a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1107954
cf-polished: origSize=408
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 23 Oct 2021 13:38:35 GMT
server: cloudflare
etag: W/"198-5cf053e9345e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=31536000
cf-ray: 6a9b00e73a8a59fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 renew.css
prosettings.net/wp-content/themes/pro/framework/dist/css/site/stacks/ 180 KB
32 KB 46ms
44ms Stylesheet
text/css 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/themes/pro/framework/dist/css/site/stacks/renew.css?ver=5.1.2

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88cca2683736f2267e186e71b3bda3e323eae8fcc49d4d33c2728cda257d6d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 564414
cf-polished: origSize=223675
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 30 Oct 2021 14:01:23 GMT
server: cloudflare
etag: W/"369bb-5cf926108d261"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=31536000
cf-ray: 6a9b00e73a8d59fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 jquery.lazyloadxt.fadein.css
prosettings.net/wp-content/plugins/a3-lazy-load/assets/css/ 365 B
294 B 41ms
39ms Stylesheet
text/css 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.fadein.css?ver=5.8.1

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a680a9a11eab21ba500e4a3a47db62838b7106ea7f58ac173703ca594218f32b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108884
cf-polished: origSize=445
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 19 Jul 2021 12:56:30 GMT
server: cloudflare
etag: W/"1bd-5c779775a47c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=31536000
cf-ray: 6a9b00e73a8e59fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 a3_lazy_load.min.css
prosettings.net/wp-content/uploads/sass/ 127 B
290 B 60ms
59ms Stylesheet
text/css 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/uploads/sass/a3_lazy_load.min.css?ver=1628715530

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2803
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 11 Aug 2021 20:58:50 GMT
server: cloudflare
etag: W/"7f-5c94ee2a30ffb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=604800
cf-ray: 6a9b00e73a8f59fb-MXP
expires: Sat, 13 Nov 2021 02:48:33 GMT

GET
H2 200 jquery.min.js Show response
prosettings.net/wp-includes/js/jquery/ 87 KB
31 KB 55ms
53ms Script
application/javascript 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108884
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 21 Jul 2021 12:40:49 GMT
server: cloudflare
etag: W/"15db1-5c7a17ae4a475"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a9b00e73a9159fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 jquery-migrate.min.js Show response
prosettings.net/wp-includes/js/jquery/ 11 KB
4 KB 41ms
40ms Script
application/javascript 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108884
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 01 Jan 2021 07:30:48 GMT
server: cloudflare
etag: W/"2bd8-5b7d1b81f7c1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a9b00e73a9259fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 ads-310.js Show response
s.nitropay.com/ 433 KB
134 KB 92ms
46ms Script
application/javascript 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ads-310.js

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

150d48f34f9baff151e7d5819e9031b3ee96dc67d45b87897c7ba22bc3cb4747

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1635204161
age: 18107
x-guploader-uploadid: ADPycdv6oOcs-1fFUhf9PIXYxwIW7oKePDNFQtsj8NkqvLhatPG7X4UYOb6G7AnxOiJMSY46HQH5mYdynjcIQjxZMxI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=2592000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Nov 2021 21:46:14 GMT
server: cloudflare
etag: W/"5f78f22a26e9fe7256d9678d11db5835:1636148774000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=W0lDkA==, md5=X3jyKibp/nJW2WeNEdtYNQ==
x-goog-generation: 1635204165605495
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Type
cache-control: private, max-age=600
x-goog-stored-content-length: 442980
cf-ray: 6a9b00e7f948374c-MXP
expires: Sat, 06 Nov 2021 09:46:46 GMT

GET
H2 200 aan-310.js Show response
s.nitropay.com/ 78 KB
25 KB 86ms
39ms Script
application/javascript 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/aan-310.js

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c729f5d16f4a59d1030c9191225d8afb1c4f59208627ec7479cff74b5b11d8e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1635204161
age: 18107
x-guploader-uploadid: ADPycdvkWPbJgmuaWpM-1yrsRFgvOTf98oJMiHEokI0Nnky8jY9koiqifZTdPCzIs6mISIJCzDFh5X7f0Tj7_giZdxE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
strict-transport-security: max-age=2592000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Nov 2021 21:46:14 GMT
server: cloudflare
etag: W/"8797577e9bcf0a2ac64925c14730b1f4:1636148774000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=lyDGYw==, md5=h5dXfpvPCirGSSXBRzCx9A==
x-goog-generation: 1635204165551727
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Type
cache-control: private, max-age=600
x-goog-stored-content-length: 79248
cf-ray: 6a9b00e7f94b374c-MXP
expires: Sat, 06 Nov 2021 09:46:46 GMT

GET
H2 200 api.js Show response
prosettings.net/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 26ms
25ms Script
text/javascript 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
vary: Accept-Encoding
cache-control: max-age=604800, public
cf-ray: 6a9b00e7ab1259fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 cs.bb9cc16.js Show response
prosettings.net/wp-content/themes/pro/cornerstone/assets/js/site/ 136 KB
45 KB 31ms
31ms Script
application/javascript 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/themes/pro/cornerstone/assets/js/site/cs.bb9cc16.js

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e36a44198c29251d8270d1ccf9d49a48b16585b0bfaf8b3d0a9ee70d259c2a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 564414
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 30 Oct 2021 14:01:23 GMT
server: cloudflare
etag: W/"21ff4-5cf926108c55b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=31536000
cf-ray: 6a9b00e79afc59fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 x.js Show response
prosettings.net/wp-content/themes/pro/framework/dist/js/site/ 51 KB
15 KB 49ms
48ms Script
application/javascript 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/themes/pro/framework/dist/js/site/x.js?ver=5.1.2

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b4dd204c0d882894bf703003d34deeea43c24bb7e279de7216b3964dda65837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 564414
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 30 Oct 2021 14:01:23 GMT
server: cloudflare
etag: W/"cdde-5cf926108df66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=31536000
cf-ray: 6a9b00e79aff59fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 jquery.lazyloadxt.extra.min.js Show response
prosettings.net/wp-content/plugins/a3-lazy-load/assets/js/ 3 KB
2 KB 48ms
46ms Script
application/javascript 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.4.7

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108882
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 19 Jul 2021 12:56:30 GMT
server: cloudflare
etag: W/"bc7-5c779775a47c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a9b00e7ab0d59fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 jquery.lazyloadxt.srcset.min.js Show response
prosettings.net/wp-content/plugins/a3-lazy-load/assets/js/ 2 KB
838 B 30ms
28ms Script
application/javascript 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.4.7

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108882
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 19 Jul 2021 12:56:30 GMT
server: cloudflare
etag: W/"625-5c779775a47c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a9b00e7ab0e59fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 jquery.lazyloadxt.extend.js Show response
prosettings.net/wp-content/plugins/a3-lazy-load/assets/js/ 953 B
437 B 31ms
29ms Script
application/javascript 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.4.7

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de4ffa402b49132f160a4b72cdf855677151597c0644d51830bb66a20ebd8fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108882
cf-polished: origSize=1045
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 19 Jul 2021 12:56:30 GMT
server: cloudflare
etag: W/"415-5c779775a47c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=31536000
cf-ray: 6a9b00e7ab1059fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 wp-embed.min.js Show response
prosettings.net/wp-includes/js/ 1 KB
827 B 37ms
36ms Script
application/javascript 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-includes/js/wp-embed.min.js?ver=5.8.1

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1108882
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 03 Feb 2021 21:40:36 GMT
server: cloudflare
etag: W/"592-5ba756ff81485"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 6a9b00e7ab1159fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 5.1.0 Show response
instant.page/ 3 KB
1 KB 48ms
20ms Script
text/javascript 2606:4700::6811:91a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://instant.page/5.1.0
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:91a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f

Request headers

Referer: https://prosettings.net/
Origin: https://prosettings.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 6a9b00e7c8655c4a-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 104 KB
40 KB 63ms
27ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NNVPDRP

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b87e3837856f8064dde2f2441c417f050a57629c104833c4c5ff31c309ef8ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40411
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 06 Nov 2021 02:48:33 GMT

GET
H2 200 fa-solid-900.woff2
prosettings.net/wp-content/themes/pro/cornerstone/assets/fonts/ 138 KB
138 KB 35ms
34ms Font
text/plain 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/themes/pro/cornerstone/assets/fonts/fa-solid-900.woff2

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50a24e921e2c7cff6c731fce57043b7bc0ddf62e08730f659d655e40dadc0b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://prosettings.net/
Origin: https://prosettings.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1107956
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 140996
last-modified: Mon, 06 Sep 2021 07:29:49 GMT
server: cloudflare
etag: "226c4-5cb4e9d3850c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9b00e7cb2759fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 fa-brands-400.woff2
prosettings.net/wp-content/themes/pro/cornerstone/assets/fonts/ 77 KB
77 KB 46ms
46ms Font
text/plain 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/wp-content/themes/pro/cornerstone/assets/fonts/fa-brands-400.woff2

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11616d7d5f3434a1bd40ef38316218534ab227def8f934d2f1dee4af79fecda8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://prosettings.net/
Origin: https://prosettings.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1107956
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78464
last-modified: Mon, 06 Sep 2021 07:29:49 GMT
server: cloudflare
etag: "13280-5cb4e9d3850c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6a9b00e7cb2959fb-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 ProSettings_Logo.png
prosettings.net/wp-content/uploads/2019/02/ 5 KB
5 KB 76ms
76ms Image
image/webp 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prosettings.net/wp-content/uploads/2019/02/ProSettings_Logo.png

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83ec55d7df1a8db6b87c932d9642ca0b3d382d74a676a02a9459ab50485bef47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2802
cf-polished: origFmt=png, origSize=5381
content-disposition: inline; filename="ProSettings_Logo.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4734
expires: Sat, 13 Nov 2021 02:48:33 GMT
last-modified: Thu, 13 May 2021 13:53:31 GMT
server: cloudflare
etag: "1505-5c23673e37535"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/webp
vary: Accept
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a9b00e84ba459fb-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Zowie-S2-C-Review-Featured-1684x941.jpg
prosettings.net/wp-content/uploads/ 99 KB
99 KB 153ms
153ms Image
image/jpeg 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prosettings.net/wp-content/uploads/Zowie-S2-C-Review-Featured-1684x941.jpg

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3f8be73bc6410ae1955e49211d6dc3c64b705d354500a6c1f1f5dffa2c704e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=101554, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 101546
expires: Sat, 13 Nov 2021 02:48:33 GMT
last-modified: Tue, 26 Oct 2021 09:18:52 GMT
server: cloudflare
etag: "18cb2-5cf3df7507f7d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a9b00e86bca59fb-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Glorious-Model-D-Wireless-Review-Featured-1584x885.jpg
prosettings.net/wp-content/uploads/ 144 KB
145 KB 139ms
138ms Image
image/jpeg 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prosettings.net/wp-content/uploads/Glorious-Model-D-Wireless-Review-Featured-1584x885.jpg

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b53e3fd330dd3a1833a8d065839c44d41babc9189b7b84b014379495d0584894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=147733, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 147725
expires: Sat, 13 Nov 2021 02:48:33 GMT
last-modified: Thu, 30 Sep 2021 13:26:23 GMT
server: cloudflare
etag: "24115-5cd3664997387"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a9b00e86bcc59fb-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Zowie-EC3-C-Review-Featured-1584x885.jpg
prosettings.net/wp-content/uploads/ 179 KB
179 KB 146ms
145ms Image
image/jpeg 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prosettings.net/wp-content/uploads/Zowie-EC3-C-Review-Featured-1584x885.jpg

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b9217af655ec95087aeaaccd6a5eb729d0baf5ef3b0d23e7b4cbcd8eb067ad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=183038, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 183030
expires: Sat, 13 Nov 2021 02:48:33 GMT
last-modified: Wed, 01 Sep 2021 11:42:48 GMT
server: cloudflare
etag: "2cafe-5caed90cb1bdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a9b00e86bcd59fb-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Logitech-G733-Review-Featured-1584x885.jpg
prosettings.net/wp-content/uploads/ 38 KB
38 KB 159ms
159ms Image
image/jpeg 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prosettings.net/wp-content/uploads/Logitech-G733-Review-Featured-1584x885.jpg

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ae7dfc2a6a24bb9e5aeb4bc32a3c7ea33e99fe4f1753695c4b6d3e4b9d11d0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=38597, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 38589
expires: Sat, 13 Nov 2021 02:48:33 GMT
last-modified: Fri, 27 Aug 2021 12:03:38 GMT
server: cloudflare
etag: "96c5-5ca894610bb26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a9b00e86bd059fb-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 px.gif
ad-delivery.net/ 43 B
931 B 76ms
26ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&rn=1.0641533450943532
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Sat, 06 Nov 2021 02:48:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140
x-guploader-uploadid: ADPycdsFYxHM778tuqCbLiwvAZ82vvXkegM0rPy0FiWcBOSL9nPLM_kUwyuad_aQf0OU9bXA6byQz5DbEW9BgwJQvY4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VhzkzyAsCMRUp2DnaQuAbFuyxbP0lTaBP8xOZbeOwOQmPSDvdIV3z783KdasPBqdb%2BXdUAhLhOgRfTivWXomowrSITATC%2BwKrhcQseN1EUPA2BS%2BakfF9tiNz0NRjPe0rUi0CeBo%2Bf1D3PQ4A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 6a9b00e988f43751-MXP
expires: Sat, 06 Nov 2021 03:46:13 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
336 B 77ms
27ms Image
image/gif 2606:4700:20::ac43:4513
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2&rn=1.0641533450943532
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date: Sat, 06 Nov 2021 02:48:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 140
x-guploader-uploadid: ADPycdsFYxHM778tuqCbLiwvAZ82vvXkegM0rPy0FiWcBOSL9nPLM_kUwyuad_aQf0OU9bXA6byQz5DbEW9BgwJQvY4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-type: image/gif
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dGA1V4IcTcV7gGShfQy6W5epgBuMZhTWIhGAudDxUsfZdME2sjmdMyhVZL5VMrcUF6GiPE9EI1gBLtBSsRmyWK5Wu8veRB08VM%2B4SsFVrBxpbg4UnjlNnePY7jyUZw3znEM6ptS0inuPAn7WTA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1620242732037093
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 6a9b00e988f53751-MXP
expires: Sat, 06 Nov 2021 03:46:13 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 43ms
20ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-310.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

a0082e6ede7f12643600a2a20a4be05ccb8c93dfe293d5282f9e352004fa6614

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1035 / 517 of 1000 / last-modified: 1636149998"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27091
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 Nov 2021 02:48:33 GMT

GET
H2 200 ncmp-46ee8ef.min.js Show response
s.nitropay.com/ 215 KB
39 KB 27ms
26ms Script
text/javascript 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/ncmp-46ee8ef.min.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-310.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48ebcd4b263cd885d213d66e8295c73fc1b5c0f7cd2cbb7f7d4da1bd807a4bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 1973
x-guploader-uploadid: ADPycdvRcOmoeXSUn-RQ_VxLpi_JlSOkjtnWJhsdGUnnMWWUSHDfiI71gZtJFWUljVhNFENKk6pMEB2jCYlybbwqEXE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 20 Oct 2021 08:48:24 GMT
server: cloudflare
etag: W/"f5ecf621be609d845663104645269a9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=BkhKnA==, md5=9ez2Ib5gnYRWYxBGRSaanA==
x-goog-generation: 1634719704046221
access-control-allow-origin: *
content-type: text/javascript
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 220349
cf-ray: 6a9b00e97a0b374c-MXP
expires: Sun, 06 Nov 2022 02:48:33 GMT

GET
H2 200 analytics
tracker.nitropay.com/sites/310/ 0
0 187ms
141ms Fetch 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.nitropay.com/sites/310/analytics?ab=eyJocmVmIjoiaHR0cHM6Ly9wcm9zZXR0aW5ncy5uZXQvIiwidiI6OTB9

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-310.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
cf-ray: 6a9b00e9df4df91b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK lre.js Show response
player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/ 1 MB
322 KB 39ms
11ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-310.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: f01448c555b670db4af1b8950af7544560020a59b26cb61bcd9abea08ad86465

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: FxqIMfbleg6NUpI1G2QgrCORH_KaBqtb
Content-Encoding: gzip
Age: 47628
Content-Length: 328830
x-amz-request-id: XCSS79F7R3AKHMX2
x-amz-id-2: fkVF494FN2/JuhOqiTRsPu9ZiO9sON25QB6lhL2anESHoMtgEpI9J2C9jPdAmBsrNWZN3DsDEHw=
Last-Modified: Sun, 31 Oct 2021 11:15:17 GMT
Server: AmazonS3
Date: Sat, 06 Nov 2021 02:48:33 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
Accept-Ranges: bytes
X-LLID: 505dac0f63ddaae377164433deded6f4
Expires: Fri, 05 Nov 2021 13:35:45 GMT

GET
H2 200 close2.svg
s.nitropay.com/assets/ 2 KB
1 KB 23ms
23ms Image
image/svg+xml 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/assets/close2.svg

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c88a474a0da990ae60dd29896977db99b563094424d8c04b74b9e5939182b3d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 3141
x-guploader-uploadid: ADPycdsHiHucAGeQwk8P5oaD0oVKJ-fjTOnhFRWsloqHXLIm31ReJYmM8aFmMJ8t3fsy0OhQAkPd_44iz0_tlt85ukM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 25 Feb 2021 00:09:14 GMT
server: cloudflare
etag: W/"df2d9053cc9b5bb7bc4f92770e7eb13c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=6srNrA==, md5=3y2QU8ybW7e8T5J3Dn6xPA==
x-goog-generation: 1614211754782707
access-control-allow-origin: *
content-type: image/svg+xml
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2374
cf-ray: 6a9b00e9ea40374c-MXP
expires: Sat, 06 Nov 2021 02:56:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 51ms
13ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-310.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 2847
date: Sat, 06 Nov 2021 02:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 06 Nov 2021 04:01:06 GMT

GET
H2 200 frontcsgo-4.jpg
prosettings.net/wp-content/uploads/2020/08/ 13 KB
13 KB 157ms
156ms Image
image/jpeg 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prosettings.net/wp-content/uploads/2020/08/frontcsgo-4.jpg

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68f286aa060e24559c6098dd05176a603d9444fc48055ac5656ae339be17bc52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=13026, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13018
expires: Sat, 13 Nov 2021 02:48:33 GMT
last-modified: Thu, 13 May 2021 12:42:01 GMT
server: cloudflare
etag: "32e2-5c23574237158"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a9b00ea5dac59fb-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 s1mple-frontpage-picture-2.jpg
prosettings.net/wp-content/uploads/2020/10/ 14 KB
14 KB 163ms
162ms Image
image/jpeg 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prosettings.net/wp-content/uploads/2020/10/s1mple-frontpage-picture-2.jpg

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9149240f5fd8bec82d68caaaae9aa70bb91a3c3ca6430efeb5beac3127c20eff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=13858, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13850
expires: Sat, 13 Nov 2021 02:48:33 GMT
last-modified: Thu, 22 Jul 2021 12:42:17 GMT
server: cloudflare
etag: "3622-5c7b59dfd428e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a9b00ea5db059fb-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 niko-frontpage-picture-3.jpg
prosettings.net/wp-content/uploads/2020/11/ 17 KB
17 KB 142ms
141ms Image
image/jpeg 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prosettings.net/wp-content/uploads/2020/11/niko-frontpage-picture-3.jpg

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d5dc96ae79e57b24ad50134c8ed8ec16a6b7868536913ba7f7cdf0c79796618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=17182, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17174
expires: Sat, 13 Nov 2021 02:48:33 GMT
last-modified: Sun, 16 May 2021 02:49:50 GMT
server: cloudflare
etag: "431e-5c26987e73584"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a9b00ea5db159fb-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 coldzera-frontpage-picture-3.jpg
prosettings.net/wp-content/uploads/2021/03/ 10 KB
10 KB 146ms
145ms Image
image/jpeg 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prosettings.net/wp-content/uploads/2021/03/coldzera-frontpage-picture-3.jpg

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21643e277dd844f19db03d3f817484ba22f7e907f60dc37b570d97878a6bdd22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=10501, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10493
expires: Sat, 13 Nov 2021 02:48:33 GMT
last-modified: Thu, 13 May 2021 11:46:21 GMT
server: cloudflare
etag: "2905-5c234ad174fea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a9b00ea5db259fb-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 stewie2k-frontpage-picture-2.jpg
prosettings.net/wp-content/uploads/2020/05/ 15 KB
15 KB 141ms
140ms Image
image/jpeg 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prosettings.net/wp-content/uploads/2020/05/stewie2k-frontpage-picture-2.jpg

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad2b5a90451d8fd198be7ba9788c21481fd7a1d065b040d37bebe2fee3ab29f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=15311, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15303
expires: Sat, 13 Nov 2021 02:48:33 GMT
last-modified: Wed, 04 Aug 2021 21:19:58 GMT
server: cloudflare
etag: "3bcf-5c8c25d55e713"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a9b00ea5db359fb-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 zywoo-frontpage-picture-2.jpg
prosettings.net/wp-content/uploads/2021/01/ 6 KB
7 KB 135ms
134ms Image
image/jpeg 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prosettings.net/wp-content/uploads/2021/01/zywoo-frontpage-picture-2.jpg

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68ce9e10bb6753d99b2a7142a0a4948d9f1291b4bf89086f1f3f6a644f5a9f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=6652, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6644
expires: Sat, 13 Nov 2021 02:48:33 GMT
last-modified: Thu, 13 May 2021 12:14:36 GMT
server: cloudflare
etag: "19fc-5c23512207cf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a9b00ea5db459fb-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 device-frontpage-picture-2.jpg
prosettings.net/wp-content/uploads/2021/04/ 7 KB
7 KB 151ms
150ms Image
image/jpeg 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prosettings.net/wp-content/uploads/2021/04/device-frontpage-picture-2.jpg

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80ca127c8f38627c525fe3f60fd65546771f6e6a5b7a9244d78c3804dae5371a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cf-polished: origSize=7254, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7246
expires: Sat, 13 Nov 2021 02:48:33 GMT
last-modified: Thu, 13 May 2021 11:28:27 GMT
server: cloudflare
etag: "1c56-5c2346d14d1a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6a9b00ea5db559fb-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 23ms
22ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063429

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-310.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 06 Nov 2021 02:48:33 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 122 B
123 B 67ms
52ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=prosettings.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

54542dfb1cc2b6f517dcf842e29e01079cac50a0f4d846f91c4dc00fba17c01b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
expires: Sat, 06 Nov 2021 02:48:33 GMT

POST
H2 204 result Show response
prosettings.net/cdn-cgi/bm/cv/ 0
305 B 21ms
21ms XHR
text/plain 2606:4700:3108::ac42:28f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://prosettings.net/cdn-cgi/bm/cv/result?req_id=6a9b00e6aa1459fb

Requested by

Host: prosettings.net
URL: https://prosettings.net/cdn-cgi/bm/cv/669835187/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:28f2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://prosettings.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
date: Sat, 06 Nov 2021 02:48:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-ray: 6a9b00eabe1559fb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 vendor-list.json Show response
s.nitropay.com/ 293 KB
37 KB 35ms
34ms XHR
application/json 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s.nitropay.com/vendor-list.json

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ncmp-46ee8ef.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf8fb4b661478893cdc01168684edb65856d41eff4281aa41aece0cc1ea1f062

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 39500
x-guploader-uploadid: ADPycdv9gp4GjQt_PZZ-AYz-5iBW0w7UGYPjWHg5ByLyfb8U8fDTFu7EiWbMx-_qlyE_kkV-H9vw0K45rsnlW_7154Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 04 Nov 2021 16:15:03 GMT
server: cloudflare
etag: W/"f6d4528430403c37959019252fe21ec7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=pvI8WA==, md5=9tRShDBAPDeVkBklL+Iexw==
x-goog-generation: 1636042503777307
access-control-allow-origin: *
content-type: application/json
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=604800
x-goog-stored-content-length: 299694
cf-ray: 6a9b00eacfd9f91b-MXP
expires: Fri, 12 Nov 2021 15:45:18 GMT

GET
H/1.1 200
OK conf.js Show response
config.anyclip.com/anyclip-widget/config/prosettingsnet/0011r00002Mc2QW_14401/ 20 KB
4 KB 31ms
7ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://config.anyclip.com/anyclip-widget/config/prosettingsnet/0011r00002Mc2QW_14401/conf.js?cb=460429
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-310.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: b92a11bdd2803a0baab769f46c070950fe9328efa62d4651a470618406b68edb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 40VkT3oqxuR34b9l_3zPOeE4CCTTg.rM
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 22:33:27 GMT
Server: AmazonS3
Age: 45552
Date: Sat, 06 Nov 2021 02:48:33 GMT
Vary: Accept-Encoding
x-amz-id-2: D/w5ld0uRJNw10eCUHXIjtIeIAbarvVEMVBhBoZzGinJWxRfom+JELabmn6d+em71S69xYqCxQA=
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
x-amz-meta-updatedby: jared@anyclip.com
Content-Length: 3670
x-amz-request-id: 70Y8K8SVNV407GP4
X-LLID: bdcfe661a21c173fcc3dd3645fc764a4

GET
H/1.1 200
OK rules.js Show response
player.anyclip.com/anyclip-widget/lre-widget/sps-flow/ 474 B
936 B 7ms
7ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/sps-flow/rules.js
Requested by: Host: s.nitropay.com
URL: https://s.nitropay.com/ads-310.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Dnob.rNfaHkFPCA9eGou8IS.DrpBU9EH
Content-Encoding: gzip
Age: 161784
x-amz-meta-sha256: bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635
Content-Length: 216
x-amz-request-id: 0AD2C118F7F81FB1
x-amz-id-2: 7HkPI7+B5C7IcunixJO7C4idNtfQ8FLMqRRWbLD82w87FYgtWGA4i7/NoLd6iFqdZ0VFgy7r+uk=
Last-Modified: Thu, 30 Apr 2020 15:11:24 GMT
Server: AmazonS3
Date: Sat, 06 Nov 2021 02:48:33 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Thu, 04 Nov 2021 05:53:09 GMT
Cache-Control: public,max-age=60
Accept-Ranges: bytes
X-LLID: 4b0048db0c01dac6d0970d30843918d9
x-amz-meta-s3b-last-modified: 20200430T151051Z

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 307ms
100ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=29&val=vjs&wnx=0&abc=&ty=wlo&v=0&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 306ms
99ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?dom=prosettings.net&cke=true&lan=en-US&plat=Linux+x86_64&net=-&ver=js4.0.14.1059&dev=desktop&os=Windows&bw=Chrome%2C95&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&url=https%3A%2F%2Fprosettings.net%2F&ty=data&rt=29&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H2 200 pixel.png
tracker.nitropay.com/ 73 B
348 B 144ms
144ms Image
image/png 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tracker.nitropay.com/pixel.png?s=310&wb=eyJhZFVuaXRDb2RlIjoiYW55Y2xpcC12aWRlby1wbGF5ZXIiLCJiaWRkZXIiOiJhbnljbGlwIiwiaGVpZ2h0IjoxLCJ3aWR0aCI6MSwiY3BtIjowLCJjcmVhdGl2ZUlkIjoiIiwiaHJlZiI6Imh0dHBzOi8vcHJvc2V0dGluZ3MubmV0LyIsImFjY2VwdGFibGUiOmZhbHNlLCJyZXF1ZXN0SWQiOiJhODlkYmM5OS1mMTcwLTRjM2QtYjJiYS1iNzViYjk4NTRkNTUiLCJ0aW1lVG9SZXNwb25kIjowLCJjIjoiREUiLCJyIjoiSEUiLCJ0aW1lc3RhbXAiOjE2MzYxNjY5MTM3ODF9

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/png
cache-control: no-cache
cf-ray: 6a9b00eb3afe374c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 73

GET
BLOB 200
OK 8778012b-dd92-4425-84fa-7f5572e89fbd
https://prosettings.net/ 417 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://prosettings.net/8778012b-dd92-4425-84fa-7f5572e89fbd
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 102c6b9f2b0d600cd17e63665f3edacf5fe19c6f2ad5e0bd056973c8866783b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 417

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 21ms
20ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=122225463&t=pageview&_s=1&dl=https%3A%2F%2Fprosettings.net%2F&ul=en-us&de=UTF-8&dt=ProSettings.net%20-%20The%20Best%20Settings%20and%20Setups%20in%20Esports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1247307705&gjid=1761771079&cid=263038604.1636166914&tid=UA-69669845-2&_gid=327635666.1636166914&_r=1&gtm=2wgb31NNVPDRP&z=450785323

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://prosettings.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 02:48:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://prosettings.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lang-alt.png
s.nitropay.com/assets/ 2 KB
2 KB 23ms
23ms Image
image/png 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/assets/lang-alt.png

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1967
x-guploader-uploadid: ADPycdsSiwsJlbOq0PmKU-RiGhyQtZEI_PYbXDCD2Ix1ZhrOnDEkB0peju_kilNSOHlczT9NFT0QIu0fT2u11DG6oXc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1887
last-modified: Sun, 14 Jun 2020 01:12:51 GMT
server: cloudflare
etag: "ca072a3965f49a2c242c45d535163a53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
x-goog-generation: 1592097171393463
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1887
accept-ranges: bytes
cf-ray: 6a9b00ec2b70374c-MXP
expires: Sat, 06 Nov 2021 03:15:46 GMT

GET
H2 200 cancel-w.png
s.nitropay.com/assets/ 1 KB
2 KB 22ms
22ms Image
image/png 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/assets/cancel-w.png

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 2381
x-guploader-uploadid: ADPycdvVRSoaeVZTkEYLaSnio9IPsfWyiJJWYTmmXKo4MlXN_PbKi50Y2jRbKIUv1STdCowpODomHivWSJVA9fZtmSA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1302
last-modified: Wed, 26 Sep 2018 06:50:42 GMT
server: cloudflare
etag: "c707b2d501a53bc2c66e98e4e5cabefb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
x-goog-generation: 1537944642617286
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1302
accept-ranges: bytes
cf-ray: 6a9b00ec2b71374c-MXP
expires: Sat, 06 Nov 2021 02:49:34 GMT

GET
H2 200 np-cmp-n2.png
s.nitropay.com/assets/ 3 KB
3 KB 24ms
24ms Image
image/png 2606:4700::6812:24e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.nitropay.com/assets/np-cmp-n2.png

Requested by

Host: prosettings.net
URL: https://prosettings.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:24e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:33 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1967
x-guploader-uploadid: ADPycdvY2aWh0aI4vMoejddJXcIQeLF-VDLNjGgiAGLPCF8U5fXaHz-bpeManC6oMxp-qlxzj_6EmYyVVIHwY3LX8GI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2592
last-modified: Tue, 21 Apr 2020 13:05:46 GMT
server: cloudflare
etag: "940aa5b81e99bbb7414acc474a89bad9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
x-goog-hash: crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
x-goog-generation: 1587474346178492
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 2592
accept-ranges: bytes
cf-ray: 6a9b00ec2b72374c-MXP
expires: Sat, 06 Nov 2021 03:15:46 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 60ms
20ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-69669845-2&cid=263038604.1636166914&jid=1247307705&gjid=1761771079&_gid=327635666.1636166914&_u=YEBAAEAAAAAAAC~&z=1372514021

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://prosettings.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 06 Nov 2021 02:48:34 GMT
content-type: text/plain
access-control-allow-origin: https://prosettings.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H/1.1 200
OK advertising.js
assets.anyclip.com/anyclip-widget/lre-widget/assets/js/ 0
0 34ms
6ms Fetch
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/js/advertising.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: yQR7I__mdWlTGiugUbenyyFFuDDzo_a4
Last-Modified: Mon, 10 Dec 2018 11:26:45 GMT
Server: AmazonS3
Age: 10111
Date: Sat, 06 Nov 2021 02:48:33 GMT
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=14400
x-amz-meta-s3b-last-modified: 20181210T110233Z
Content-Length: 32
Accept-Ranges: bytes
X-LLID: ed172fe45a4fb0ef065bd704c0f58f7c
x-amz-request-id: V164JXPZDBAHPMPP
x-amz-id-2: C+qDFxtf/upgeukaqICpMkhD7IKAwgctSAH33oen5B3GHjxg3XUQlYrLEYogzhhiAAFBdbraRis=
Expires: Sat, 06 Nov 2021 04:00:02 GMT

HEAD
H2 200 ima3.js
imasdk.googleapis.com/js/sdkloader/ 0
0 62ms
22ms Fetch
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 06 Nov 2021 02:48:34 GMT

GET
H2 200 362290
vid.springserve.com/vast/ 22 B
0 101ms
28ms Fetch
application/xml 54.228.109.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/362290
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.109.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-109-135.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 06 Nov 2021 02:48:34 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 22
content-type: application/xml;charset=UTF-8

HEAD
H2 200 loader.js
imasdk.googleapis.com/js/sdkloader/ 0
0 54ms
13ms Fetch
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18310
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 17:06:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Sat, 06 Nov 2021 02:58:05 GMT

HEAD
H2 200 client.js
s0.2mdn.net/instream/video/ 0
0 61ms
21ms Fetch
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 02:48:34 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 369 KB
123 KB 59ms
22ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-310.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cdbb68e93d9fb8a81d427448443a41d21a66c151d4d7ec865e648833f854b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125171
x-xss-protection: 0
expires: Sat, 06 Nov 2021 02:48:34 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 121ms
102ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=211&val=0&wnx=0&abc=&ty=blo&v=0&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 100ms
100ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=329&val=ima&wnx=0&abc=&ty=ami&v=0&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK play-big.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 650 B
1 KB 21ms
7ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/play-big.svg?hash=5b05ff8dbd
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 3cc9389c9cfdbc0fb7c282c3026c3cd9c11894913f4cf60cf9d1140a1415ad0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: P54LBC7dA7.CKZKZL0usNEXn5r08cUmk
Content-Encoding: gzip
Age: 8478
Content-Length: 405
x-amz-request-id: PH30648CG389BT71
x-amz-id-2: GvWQ/hDKhR8K+TRhgQH+JjrzEYKxqftM+0ZEQGn2NZ8BRdoQXcFzufvMCfD7/2X20AjJQQaNgs8=
Last-Modified: Tue, 06 Aug 2019 13:18:15 GMT
Server: AmazonS3
Date: Sat, 06 Nov 2021 02:48:34 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Expires: Sat, 06 Nov 2021 04:27:16 GMT
Cache-Control: public,max-age=14400
Accept-Ranges: bytes
X-LLID: 73cdbbdbeabc0c41d6f76ad518f86eb6
x-amz-meta-s3b-last-modified: 20190806T131201Z

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 100ms
99ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=331&val=1---&wnx=0&abc=&ty=crs&v=0&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H2 200 bridge3.487.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame FE5C 578 KB
190 KB 316ms
14ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-310.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194247
date: Fri, 05 Nov 2021 10:09:33 GMT
expires: Sat, 05 Nov 2022 10:09:33 GMT
last-modified: Mon, 01 Nov 2021 17:03:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 59941
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 361ms
26ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: s.nitropay.com
URL: https://s.nitropay.com/ads-310.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 02:48:34 GMT

GET
H/1.1 200
OK bar-close-btn.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 962 B
1 KB 7ms
6ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/bar-close-btn.svg?hash=5b05ff8dbd
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 9f1acc13d8e5dedd03801ebdafcdf2413f6c9a6bf249a47c26fe9344626c65b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: BYZeWPd_H20v3vgw_xBbc2ZMV_be2IqZ
Content-Encoding: gzip
Age: 8075
x-amz-meta-sha256: 9f1acc13d8e5dedd03801ebdafcdf2413f6c9a6bf249a47c26fe9344626c65b7
Content-Length: 533
x-amz-request-id: B5Q8QS27G1WXWRGE
x-amz-id-2: rDCdNMgVMPM/99bfIlq0RUhdAL1HmtVZPlHLmbWzuVFf2KFmNGq/iRij9ra8Ubqx3uS48qJxk9ppweR7wBlapA==
Last-Modified: Thu, 16 Apr 2020 08:09:29 GMT
Server: AmazonS3
Date: Sat, 06 Nov 2021 02:48:34 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Expires: Sat, 06 Nov 2021 04:33:59 GMT
Cache-Control: public,max-age=14400
Accept-Ranges: bytes
X-LLID: 13157e2b72dafb352ea57b8f7e060f86
x-amz-meta-s3b-last-modified: 20200416T080828Z

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 100ms
100ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=398&val=0&wnx=0&abc=&ty=wre&v=0&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK anyclip-logo-rb.png
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 2 KB
3 KB 7ms
7ms Image
image/png 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/anyclip-logo-rb.png
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: dd06d3cec78769e6dd11ac47b02d3cc2bdc0b8540d47ca3ba3749f2d28b32e58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 6Mm86axJOVH4iqwqUr4fPD3X.sYDjZjH
Age: 5373
x-amz-meta-sha256: dd06d3cec78769e6dd11ac47b02d3cc2bdc0b8540d47ca3ba3749f2d28b32e58
Content-Length: 2051
x-amz-request-id: 6GH6D86MRQZ24T50
x-amz-id-2: Nz3fEaRPxTrWPqEpy//fpfW1wr3sNwmq5boyw7ZgvXYX8OYk875Aofo4GM0ID4ttvsA6liePGXQ=
Last-Modified: Mon, 03 May 2021 12:15:28 GMT
Server: AmazonS3
Date: Sat, 06 Nov 2021 02:48:34 GMT
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sat, 06 Nov 2021 05:19:01 GMT
Cache-Control: public,max-age=14400
Accept-Ranges: bytes
X-LLID: 7707eb973a23da3d86c936bbcd07c382
x-amz-meta-s3b-last-modified: 20210503T121448Z

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 99ms
99ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=414&val=400&wnx=0&abc=&ty=psw&v=0&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 100ms
99ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=414&val=225&wnx=0&abc=&ty=psh&v=0&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 99ms
99ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=426&val=&wnx=0&abc=&ty=cuc&v=0&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

POST
H2 200 playlist Show response
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ 18 KB
4 KB 113ms
113ms Fetch
application/json 52.72.126.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.126.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-126-250.compute-1.amazonaws.com
Software: /
Resource Hash: dc8e4997e378af6b58d4b7869d8593260dc7548689b9fa2814103065b84a9170

Request headers

Referer: https://prosettings.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
content-encoding: gzip
vary: accept-encoding
access-control-allow-methods: GET,POST
content-type: application/json
access-control-allow-origin: https://prosettings.net
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 100ms
100ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=426&val=0&wnx=0&abc=&ty=prq&v=0&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

OPTIONS
H2 200 playlist
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ Frame 0
0 307ms
99ms Preflight
text/plain 52.72.126.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.126.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-126-250.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://prosettings.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://prosettings.net
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
allow: HEAD,POST,GET,OPTIONS

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6332 37 KB
13 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 06 Nov 2021 03:18:40 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 100ms
100ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=874&val=%7B%22userAgent%22%3A%7B%22allow%22%3Atrue%2C%22software%22%3A%7B%22nameCode%22%3A%22chrome%22%2C%22ver%22%3A%2295%22%7D%2C%22os%22%3A%7B%22nameCode%22%3A%22windows%22%2C%22ver%22%3A%2210%22%7D%2C%22hw%22%3A%7B%22type%22%3A%22computer%22%2C%22subType%22%3Anull%7D%7D%7D&wnx=0&abc=&ty=prs&v=1&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 101ms
100ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=875&val=0&wnx=0&abc=&ty=pll&v=1&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK 1634695512108_480x270_thumbnail.jpg
cdn5.anyclip.com/IbZum3wBkmyI_DU5HYld/ 54 KB
55 KB 34ms
11ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/IbZum3wBkmyI_DU5HYld/1634695512108_480x270_thumbnail.jpg?wid=0011r00002Mc2QW_14401
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: c9d495431d94258cfaebc848360591b942aae6924da20137d56ef933f8e4d74d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 02:48:34 GMT
Last-Modified: Wed, 20 Oct 2021 02:05:13 GMT
Server: AmazonS3
Age: 43049
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
x-amz-request-id: T7T45CTSQFJGXXX1
Accept-Ranges: bytes
X-LLID: ae27afc1c346c726659a7a07511f6aa3
Content-Length: 55693
x-amz-id-2: PRA2p9KpHFMMYdBtc488XleqXOFBR8B/9iQlhQFtnnHp+xWx4cyRsdzec+ULikfRISsinuWXO80=
Expires: Sat, 06 Nov 2021 14:51:05 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 99ms
99ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=jfrfu5lngn3ue23npfev6rcvgvefs3de&inx=0&rt=890&val=&wnx=1&abc=&ty=pli&v=1&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK watch.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 364 B
962 B 7ms
7ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/watch.svg?hash=5b05ff8dbd
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: jJ7plitpaP9q57Aey2ETnqu6JQKZQWu3
Content-Encoding: gzip
Age: 8474
x-amz-meta-sha256: 67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d
Content-Length: 250
x-amz-request-id: J40QMBXM7RN6F6TX
x-amz-id-2: kD/KKdYuN/lgDWR37xCaDoWLwkjr6mUz06HIq73igB/Zk+fHM8BwNHjWhyo6ta/g0yMQfdoVZyQ=
Last-Modified: Tue, 04 Aug 2020 10:39:53 GMT
Server: AmazonS3
Date: Sat, 06 Nov 2021 02:48:34 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Expires: Sat, 06 Nov 2021 04:27:20 GMT
Cache-Control: public,max-age=14400
Accept-Ranges: bytes
X-LLID: 1e64fb9af203d9befff24be287a156df
x-amz-meta-s3b-last-modified: 20200804T103752Z

GET
H/1.1 200
OK like.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 401 B
998 B 13ms
6ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/like.svg?hash=5b05ff8dbd
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: AgMuGLHw2p4hvvpUt5__8K6ZhGhprdTJ
Content-Encoding: gzip
Age: 4962
x-amz-meta-sha256: 453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9
Content-Length: 286
x-amz-request-id: J40PZF1B0T79W12D
x-amz-id-2: 3Er4WU+umCNuqDZ0zKW9cAi9woTZVfRv0tIq4hXLOLH0awovyVckOiX9E5mwnwAx/Hp6uw7ot3M=
Last-Modified: Tue, 04 Aug 2020 10:39:58 GMT
Server: AmazonS3
Date: Sat, 06 Nov 2021 02:48:34 GMT
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Expires: Sat, 06 Nov 2021 05:25:52 GMT
Cache-Control: public,max-age=14400
Accept-Ranges: bytes
X-LLID: 2c83bed5145b6b9967260041a7d81826
x-amz-meta-s3b-last-modified: 20200804T103803Z

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 99ms
99ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=jfrfu5lngn3ue23npfev6rcvgvefs3de&inx=0&rt=968&val=1&wnx=1&abc=&ty=flk&v=1&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 99ms
99ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=jfrfu5lngn3ue23npfev6rcvgvefs3de&inx=0&rt=974&val=ad%3Dhttps%253A%252F%252Fpubads.g.doubleclick.net%252Fgampad%252Fads%253Fiu%253D%252F127641337%252FAdPoddingprosettings.net14401%2526description_url%253Dhttps%25253A%25252F%25252Fprosettings.net%25252F%2526env%253Dvp%2526tfcd%253D0%2526impl%253Ds%2526correlator%253D638696821%2526gdfp_req%253D1%2526output%253Dvmap%2526sz%253D640x480%2526unviewed_position_start%253D1%2526ad_rule%253D1%2526vpmute%253D0%2526vpa%253DAuto%2526npa%253D0%2526gdpr_consent%253D_755%2526gdpr%253D%2526cust_params%253Ddomainname%253Dprosettings.net%252526sid%25253DwxyCd2yosODCT2OWsq5U1q3FaJWrFxqe%252526tid%25253D9824614497%252526viewability%25253D1%252526sspblockurl%25253D%26mavs%3D0%26rqcm%3D1%26ast%3D-1%26smb%3D1%26sid%3DwxyCd2yosODCT2OWsq5U1q3FaJWrFxqe%26imaw%3D1%26amd%3D1%26sf%3D0%26page_url%3Dhttps%253A%252F%252Fprosettings.net%252F&wnx=1&abc=&ty=arq&v=1&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=slf&rol=mid&tid=9824614497
Requested by: Host: prosettings.net
URL: https://prosettings.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:34 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H2 200 / Show response
lreprx-server.anyclip.com/ Frame FE5C 1 KB
1 KB 306ms
100ms XHR
text/xml 44.194.55.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lreprx-server.anyclip.com/?ad=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F127641337%2FAdPoddingprosettings.net14401%26description_url%3Dhttps%253A%252F%252Fprosettings.net%252F%26env%3Dvp%26tfcd%3D0%26impl%3Ds%26correlator%3D638696821%26gdfp_req%3D1%26output%3Dvmap%26sz%3D640x480%26unviewed_position_start%3D1%26ad_rule%3D1%26vpmute%3D0%26vpa%3DAuto%26npa%3D0%26gdpr_consent%3D_755%26gdpr%3D%26cust_params%3Ddomainname%3Dprosettings.net%2526sid%253DwxyCd2yosODCT2OWsq5U1q3FaJWrFxqe%2526tid%253D9824614497%2526viewability%253D1%2526sspblockurl%253D&mavs=0&rqcm=1&ast=-1&smb=1&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&imaw=1&amd=1&sf=0&page_url=https%3A%2F%2Fprosettings.net%2F
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.55.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-55-212.compute-1.amazonaws.com
Software: / Express
Resource Hash: ac43b17a8cad041389ec383d7e6dbdf0c24bc5271abf698bab1052180577c033

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Sat, 06 Nov 2021 02:48:35 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 1227
etag: W/"4cb-l2gPaY/cb8v9h8wS1b1DxE73/oE"
content-type: text/xml; charset=utf-8

POST
H2 204 csi
csi.gstatic.com/ Frame FE5C 0
327 B 66ms
23ms Ping
image/gif 2a00:1450:400e:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~kvn7jb81&c=1718885882680&slotId=859442941340&fb=ima_html5-lima&sdkv=h.3.487.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ghmsh_eids=44736284
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 02:48:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6404 51 KB
18 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42d62f70132d70267d7c490a5cf860b011fcafcde494fd5c79a813428f9ba60b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18310
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 17:06:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Sat, 06 Nov 2021 02:58:05 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 99ms
99ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=jfrfu5lngn3ue23npfev6rcvgvefs3de&inx=0&rt=1823&val=&wnx=1&abc=&ty=alo&v=1&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=slf&rol=mid&tid=9824614497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:35 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK lreprx.js Show response
player.anyclip.com/lreprx/js/v1/src/ Frame 6404 70 KB
15 KB 9ms
9ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F127641337%2FAdPoddingprosettings.net14401%26description_url%3Dhttps%253A%252F%252Fprosettings.net%252F%26env%3Dvp%26tfcd%3D0%26impl%3Ds%26correlator%3D638696821%26gdfp_req%3D1%26output%3Dvmap%26sz%3D640x480%26unviewed_position_start%3D1%26ad_rule%3D1%26vpmute%3D0%26vpa%3DAuto%26npa%3D0%26gdpr_consent%3D_755%26gdpr%3D%26cust_params%3Ddomainname%3Dprosettings.net%2526sid%253DwxyCd2yosODCT2OWsq5U1q3FaJWrFxqe%2526tid%253D9824614497%2526viewability%253D1%2526sspblockurl%253D&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&imaw=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 22e17def165292fd4236d10b6915490adb7f84403ee652cfbc3593c049ea9d60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pfJTal_1f2B3Q43OjIrhXhuX80o4h76p
Content-Encoding: gzip
Age: 53789
Content-Length: 14670
x-amz-request-id: 52S6MJCJCJRX246T
x-amz-id-2: dqy4toGly+5TaQprjvpS7CLfUG77cWK7XwhEkrgdFjdx3uR6kWVTt6m7Fc54GaXk3LXDJ0sBq98=
Last-Modified: Sun, 31 Oct 2021 11:50:38 GMT
Server: AmazonS3
Date: Sat, 06 Nov 2021 02:48:35 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
Accept-Ranges: bytes
X-LLID: c487b65e6869c263e276863a5356db78
Expires: Fri, 05 Nov 2021 11:53:06 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6404 369 KB
122 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F127641337%2FAdPoddingprosettings.net14401%26description_url%3Dhttps%253A%252F%252Fprosettings.net%252F%26env%3Dvp%26tfcd%3D0%26impl%3Ds%26correlator%3D638696821%26gdfp_req%3D1%26output%3Dvmap%26sz%3D640x480%26unviewed_position_start%3D1%26ad_rule%3D1%26vpmute%3D0%26vpa%3DAuto%26npa%3D0%26gdpr_consent%3D_755%26gdpr%3D%26cust_params%3Ddomainname%3Dprosettings.net%2526sid%253DwxyCd2yosODCT2OWsq5U1q3FaJWrFxqe%2526tid%253D9824614497%2526viewability%253D1%2526sspblockurl%253D&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&imaw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cdbb68e93d9fb8a81d427448443a41d21a66c151d4d7ec865e648833f854b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125171
x-xss-protection: 0
expires: Sat, 06 Nov 2021 02:48:35 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 100ms
100ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=jfrfu5lngn3ue23npfev6rcvgvefs3de&inx=0&rt=1857&val=1.1.15_194_prod&wnx=1&abc=&ty=xlo&v=1&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:35 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H2 200 bridge3.487.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame AD20 578 KB
190 KB 14ms
14ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194247
date: Fri, 05 Nov 2021 10:09:33 GMT
expires: Sat, 05 Nov 2022 10:09:33 GMT
last-modified: Mon, 01 Nov 2021 17:03:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 59942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6404 44 KB
16 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 02:48:35 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5716 37 KB
13 KB 309ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 06 Nov 2021 03:18:40 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame AD20 0
540 B 40ms
19ms XHR
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F127641337%2FAdPoddingprosettings.net14401&description_url=https%3A%2F%2Fprosettings.net%2F&env=vp&tfcd=0&correlator=3295886430948800&gdfp_req=1&output=xml_vmap1&sz=640x480&unviewed_position_start=1&ad_rule=1&vpmute=0&vpa=auto&npa=0&gdpr_consent=_755&gdpr=1&cust_params=domainname%3Dprosettings.net%26sid%3DwxyCd2yosODCT2OWsq5U1q3FaJWrFxqe%26tid%3D9824614497%26viewability%3D1%26sspblockurl%3D&sdkv=h.3.487.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=4109620286&sdk_apis=2%2C8&sid=EFF4E240-EFC4-479A-BBC6-18FEE547A2EF&eid=44736293&top=https%3A%2F%2Fprosettings.net%2F&url=https%3A%2F%2Fprosettings.net%2F&loc=https%3A%2F%2Fprosettings.net%2F&dlt=1636166915559&idt=181&dt=1636166916185&scor=1600560441439084&ged=ve4_td0_tt0_pd0_la0_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:36 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 108ms
108ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=jfrfu5lngn3ue23npfev6rcvgvefs3de&inx=0&rt=2494&val=An+unexpected+error+occurred+within+the+VPAID+creative.+Refer+to+the+inner+error+for+more+info.+%7C%7C+Error%3A+1010+The+ad+response+was+not+understood+and+cannot+be+parsed.&wnx=1&abc=&ty=aer&v=1&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=slf&rol=mid&tid=9824614497
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:36 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 101ms
100ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=jfrfu5lngn3ue23npfev6rcvgvefs3de&inx=0&rt=2502&val=ad%3Dhttps%253A%252F%252Fvid.springserve.com%252Fvast%252F646402%253Fima%253D4%2526w%253D400%2526h%253D225%2526url%253Dhttps%25253A%25252F%25252Fprosettings.net%25252F%2526cb%253D92716428%2526widgetid%253D0011r00002Mc2QW_14401%2526lob%253D%2526clipid%253Djfrfu5lngn3ue23npfev6rcvgvefs3de%2526key_custom1%253D%255Ew%253D0011r00002Mc2QW_14401%255Ec%253Djfrfu5lngn3ue23npfev6rcvgvefs3de%255Ei%253D1%255Eab%253D%255Ev%253D1%255Ep%253Dprosettingsnet%2526key_custom2%253D%255Ed%253Dprosettings.net%255Eu%253D%255Edv%253D1%255Eco%253DDE%255Epl%253Da%2526gdpr%253D%2526consent%253D%2526viewability%253D1%2526schain%253D1.0%252C1%2521nitropay.com%252C333%252C1%252C%252C%252C%2521anyclip.com%252C0011r00002Mc2QWAAZ%252C1%252C%252C%252C%2526us_privacy%253D1---%2526domain%253Dprosettings.net%26mavs%3D0%26rqcm%3D1%26ast%3D-1%26smb%3D1%26sid%3DwxyCd2yosODCT2OWsq5U1q3FaJWrFxqe%26imaw%3D0%26amd%3D1%26sf%3D0%26page_url%3Dhttps%253A%252F%252Fprosettings.net%252F&wnx=1&abc=&ty=arq&v=1&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a&anx=2&arx=2&crt=0&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:36 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H2 200 / Show response
lreprx-server.anyclip.com/ Frame FE5C 1 KB
1 KB 101ms
101ms XHR
text/xml 44.194.55.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lreprx-server.anyclip.com/?ad=https%3A%2F%2Fvid.springserve.com%2Fvast%2F646402%3Fima%3D4%26w%3D400%26h%3D225%26url%3Dhttps%253A%252F%252Fprosettings.net%252F%26cb%3D92716428%26widgetid%3D0011r00002Mc2QW_14401%26lob%3D%26clipid%3Djfrfu5lngn3ue23npfev6rcvgvefs3de%26key_custom1%3D%5Ew%3D0011r00002Mc2QW_14401%5Ec%3Djfrfu5lngn3ue23npfev6rcvgvefs3de%5Ei%3D1%5Eab%3D%5Ev%3D1%5Ep%3Dprosettingsnet%26key_custom2%3D%5Ed%3Dprosettings.net%5Eu%3D%5Edv%3D1%5Eco%3DDE%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D1%26schain%3D1.0%2C1%21nitropay.com%2C333%2C1%2C%2C%2C%21anyclip.com%2C0011r00002Mc2QWAAZ%2C1%2C%2C%2C%26us_privacy%3D1---%26domain%3Dprosettings.net&mavs=0&rqcm=1&ast=-1&smb=1&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&imaw=0&amd=1&sf=0&page_url=https%3A%2F%2Fprosettings.net%2F
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.194.55.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-194-55-212.compute-1.amazonaws.com
Software: / Express
Resource Hash: 1f856b946c84015599f51d0db640b92642d03b8a968759e07e75fd108a6971dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Sat, 06 Nov 2021 02:48:36 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 1309
etag: W/"51d-MyF7DPxX8wmSLD2fcoZuyfzx1r4"
content-type: text/xml; charset=utf-8

POST
H2 204 csi
csi.gstatic.com/ Frame FE5C 0
54 B 323ms
22ms Ping
image/gif 2a00:1450:400e:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~kvn7jbvm&c=1718885882680&slotId=859442941340&fb=ima_html5-lima&sdkv=h.3.487.0&mrd=4&aab=1&itv=1&met.4=err.kvn7jcei&aec=901
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 02:48:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7879 51 KB
18 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42d62f70132d70267d7c490a5cf860b011fcafcde494fd5c79a813428f9ba60b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18310
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 17:06:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Sat, 06 Nov 2021 02:58:05 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 99ms
99ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=jfrfu5lngn3ue23npfev6rcvgvefs3de&inx=0&rt=3122&val=&wnx=1&abc=&ty=alo&v=1&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a&anx=2&arx=2&crt=0&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:36 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK lreprx.js Show response
player.anyclip.com/lreprx/js/v1/src/ Frame 7879 70 KB
15 KB 8ms
7ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F646402%3Fima%3D4%26w%3D400%26h%3D225%26url%3Dhttps%253A%252F%252Fprosettings.net%252F%26cb%3D92716428%26widgetid%3D0011r00002Mc2QW_14401%26lob%3D%26clipid%3Djfrfu5lngn3ue23npfev6rcvgvefs3de%26key_custom1%3D%5Ew%3D0011r00002Mc2QW_14401%5Ec%3Djfrfu5lngn3ue23npfev6rcvgvefs3de%5Ei%3D1%5Eab%3D%5Ev%3D1%5Ep%3Dprosettingsnet%26key_custom2%3D%5Ed%3Dprosettings.net%5Eu%3D%5Edv%3D1%5Eco%3DDE%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D1%26schain%3D1.0%2C1!nitropay.com%2C333%2C1%2C%2C%2C!anyclip.com%2C0011r00002Mc2QWAAZ%2C1%2C%2C%2C%26us_privacy%3D1---%26domain%3Dprosettings.net&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&imaw=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 22e17def165292fd4236d10b6915490adb7f84403ee652cfbc3593c049ea9d60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: pfJTal_1f2B3Q43OjIrhXhuX80o4h76p
Content-Encoding: gzip
Age: 53790
Content-Length: 14670
x-amz-request-id: 52S6MJCJCJRX246T
x-amz-id-2: dqy4toGly+5TaQprjvpS7CLfUG77cWK7XwhEkrgdFjdx3uR6kWVTt6m7Fc54GaXk3LXDJ0sBq98=
Last-Modified: Sun, 31 Oct 2021 11:50:38 GMT
Server: AmazonS3
Date: Sat, 06 Nov 2021 02:48:36 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
Accept-Ranges: bytes
X-LLID: d5ba0f9f730281468f4acdc7ce122a0b
Expires: Fri, 05 Nov 2021 11:53:06 GMT

GET
H2 200 646402 Show response
vid.springserve.com/vast/ Frame 7879 9 KB
3 KB 98ms
35ms Fetch
application/xml 54.228.109.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/646402?ima=4&w=400&h=225&url=https%3A%2F%2Fprosettings.net%2F&cb=92716428&widgetid=0011r00002Mc2QW_14401&lob=&clipid=jfrfu5lngn3ue23npfev6rcvgvefs3de&key_custom1=^w=0011r00002Mc2QW_14401^c=jfrfu5lngn3ue23npfev6rcvgvefs3de^i=1^ab=^v=1^p=prosettingsnet&key_custom2=^d=prosettings.net^u=^dv=1^co=DE^pl=a&gdpr=&consent=&viewability=1&schain=1.0,1!nitropay.com,333,1,,,!anyclip.com,0011r00002Mc2QWAAZ,1,,,&us_privacy=1---&domain=prosettings.net
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F646402%3Fima%3D4%26w%3D400%26h%3D225%26url%3Dhttps%253A%252F%252Fprosettings.net%252F%26cb%3D92716428%26widgetid%3D0011r00002Mc2QW_14401%26lob%3D%26clipid%3Djfrfu5lngn3ue23npfev6rcvgvefs3de%26key_custom1%3D%5Ew%3D0011r00002Mc2QW_14401%5Ec%3Djfrfu5lngn3ue23npfev6rcvgvefs3de%5Ei%3D1%5Eab%3D%5Ev%3D1%5Ep%3Dprosettingsnet%26key_custom2%3D%5Ed%3Dprosettings.net%5Eu%3D%5Edv%3D1%5Eco%3DDE%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D1%26schain%3D1.0%2C1!nitropay.com%2C333%2C1%2C%2C%2C!anyclip.com%2C0011r00002Mc2QWAAZ%2C1%2C%2C%2C%26us_privacy%3D1---%26domain%3Dprosettings.net&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&imaw=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.109.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-228-109-135.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 60f08365caa0ed9be87b88b91af70e9e4a48233c6f50a09c7f201664ab1262e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://prosettings.net
date: Sat, 06 Nov 2021 02:48:36 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml;charset=UTF-8

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
178 B 99ms
99ms Image
image/gif 54.156.83.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=jfrfu5lngn3ue23npfev6rcvgvefs3de&inx=0&rt=3158&val=1.1.15_194_prod&wnx=1&abc=&ty=xlo&v=1&ext=0&ta=1&lnx=0&us=&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&pid=prosettingsnet&wid=0011r00002Mc2QW_14401&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.83.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-83-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:36 GMT
last-modified: Thu, 26 Aug 2021 15:23:46 GMT
server: nginx
accept-ranges: bytes
etag: "6127b202-23"
content-length: 35
content-type: image/gif

GET
H2 200 vpaid_d700fabb.js Show response
vpaid.springserve.com/production/ Frame 7879 494 KB
87 KB 67ms
9ms Script
application/javascript 2600:9000:2156:d000:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F646402%3Fima%3D4%26w%3D400%26h%3D225%26url%3Dhttps%253A%252F%252Fprosettings.net%252F%26cb%3D92716428%26widgetid%3D0011r00002Mc2QW_14401%26lob%3D%26clipid%3Djfrfu5lngn3ue23npfev6rcvgvefs3de%26key_custom1%3D%5Ew%3D0011r00002Mc2QW_14401%5Ec%3Djfrfu5lngn3ue23npfev6rcvgvefs3de%5Ei%3D1%5Eab%3D%5Ev%3D1%5Ep%3Dprosettingsnet%26key_custom2%3D%5Ed%3Dprosettings.net%5Eu%3D%5Edv%3D1%5Eco%3DDE%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D1%26schain%3D1.0%2C1!nitropay.com%2C333%2C1%2C%2C%2C!anyclip.com%2C0011r00002Mc2QWAAZ%2C1%2C%2C%2C%26us_privacy%3D1---%26domain%3Dprosettings.net&sid=wxyCd2yosODCT2OWsq5U1q3FaJWrFxqe&imaw=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d000:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 15:21:15 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 15:00:52 GMT
server: AmazonS3
age: 646043
etag: W/"00394b9cabf75acc9a4061ae555e3473"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: QCJI9qtJLrRLUVFS972w5A-a3LiznfAM57mLS6NOYV7gJJovPNWrmw==

GET
H2

200

pd Show response
u.openx.net/w/1.0/ Frame 09D3
Redirect Chain

https://u.openx.net/w/1.0/pd?us_privacy=1---
https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---

668 B
753 B

16ms
16ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 3234a4037ae297fc7f0620731a4f45cac55b191f166034d9f414572f0dacce69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sat, 06 Nov 2021 02:48:37 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
date: Sat, 06 Nov 2021 02:48:37 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7879 369 KB
122 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cdbb68e93d9fb8a81d427448443a41d21a66c151d4d7ec865e648833f854b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125171
x-xss-protection: 0
expires: Sat, 06 Nov 2021 02:48:37 GMT

GET
H2 200 bridge3.487.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame ED19 578 KB
190 KB 14ms
13ms Document
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194247
date: Fri, 05 Nov 2021 10:09:33 GMT
expires: Sat, 05 Nov 2022 10:09:33 GMT
last-modified: Mon, 01 Nov 2021 17:03:25 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 59944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 7879 44 KB
16 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 02:48:37 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 963D 37 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prosettings.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:18:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 06 Nov 2021 03:18:40 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 09D3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=30506185-ed04-4b00-8908-2acf9123c370

43 B
106 B

22ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=30506185-ed04-4b00-8908-2acf9123c370
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 02:48:37 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Sat, 06 Nov 2021 02:48:37 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=30506185-ed04-4b00-8908-2acf9123c370
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 06 Nov 2021 02:48:36 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 09D3
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=KW3VIHo43SAyb48hKz_AJXpk3Scyb94kLDle0Isx

43 B
180 B

17ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=KW3VIHo43SAyb48hKz_AJXpk3Scyb94kLDle0Isx
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 02:48:37 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Nov 2021 02:48:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=KW3VIHo43SAyb48hKz_AJXpk3Scyb94kLDle0Isx
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 09D3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4533075648421269585

43 B
106 B

15ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4533075648421269585
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 02:48:37 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Nov 2021 02:48:37 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4533075648421269585
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 09D3 70 B
265 B 100ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=4d1d997c-4e14-7ee6-e390-86f1a634ca0c&gdpr=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 02:48:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 09D3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjE3MjRhYjYtODc2My0yMDQyLWY2NzAtZGM0ODZjZDYwNDZj
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjE3MjRhYjYtODc2My0yMDQyLWY2NzAtZGM0ODZjZDYwNDZj&google_tc=

170 B
188 B

31ms
17ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjE3MjRhYjYtODc2My0yMDQyLWY2NzAtZGM0ODZjZDYwNDZj&google_tc=

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 02:48:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Nov 2021 02:48:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjE3MjRhYjYtODc2My0yMDQyLWY2NzAtZGM0ODZjZDYwNDZj&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 09D3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOrmBig0d5xPgzDFyDuSKVs&google_cver=1

43 B
106 B

15ms
15ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOrmBig0d5xPgzDFyDuSKVs&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?cc=1&us_privacy=1---
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 02:48:37 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Nov 2021 02:48:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOrmBig0d5xPgzDFyDuSKVs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 303 ads Show response
pagead2.googlesyndication.com/gampad/ Frame ED19 136 B
178 B 22ms
21ms XHR
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7103%2FSMG_AnyClip%2Fpreroll%2Ffloor_6&description_url=https%3A%2F%2Fprosettings.net%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&vpmute=0&vpa=auto&url=https%3A%2F%2Fprosettings.net%2F&env=vp&correlator=3751980876044372&ord=1636166916983&cust_params=domainname%3Dprosettings.net&gdpr_consent=_755&gdpr=1&sdkv=h.3.487.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=4109620286&sdk_apis=2%2C8&sid=0B2BDEE6-4660-4783-B711-5F20ACBAA6C4&eid=44751889&dlt=1636166916862&idt=423&dt=1636166917735&scor=3664422151540888&ged=ve4_td1_tt1_pd1_la1000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7879 165 B
1 KB 85ms
67ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_d700fabb.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fd538b2e402ef938d2f37f3b24fa87531e309d66312548f74a3044bc97eae5ac

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://prosettings.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 02:48:37 GMT
X-Proxy-Origin: 185.232.23.183; 185.232.23.183; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 016146f7-c6d7-44f0-85e5-6ea1ea1b008d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://prosettings.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 165
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 303 ads Show response
pagead2.googlesyndication.com/gampad/ Frame ED19 136 B
172 B 21ms
21ms XHR
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F308365556%2C21821515287%2FAnyClipVideo&description_url=https%3A%2F%2Fprosettings.net%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3537406646187308&ord=1636166916983&gdpr_consent=_755&gdpr=1&vpa=auto&vpmute=0&sdkv=h.3.487.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=4109620286&sdk_apis=2%2C8&sid=0B2BDEE6-4660-4783-B711-5F20ACBAA6C4&eid=44751889&url=https%3A%2F%2Fprosettings.net%2F&dlt=1636166916862&idt=423&dt=1636166918360&scor=3396775898327357&ged=ve4_td1_tt1_pd1_la1000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 303 ads Show response
pagead2.googlesyndication.com/gampad/ Frame ED19 136 B
172 B 21ms
21ms XHR
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F308365556%2C21821515287%2FAnyClipVideo&description_url=https%3A%2F%2Fprosettings.net%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2665247285453369&ord=1636166916983&gdpr_consent=_755&gdpr=1&vpa=auto&vpmute=0&sdkv=h.3.487.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&sdki=44d&adk=4109620286&sdk_apis=2%2C8&sid=0B2BDEE6-4660-4783-B711-5F20ACBAA6C4&eid=44751889&url=https%3A%2F%2Fprosettings.net%2F&dlt=1636166916862&idt=423&dt=1636166918889&scor=799494229733772&ged=ve4_td2_tt2_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.487.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nitropay.com/	1970-01-19 22:29:28	Name: __cf_bm Value: 7crm1t4WiefDj6Ht6OmFoh9YaXIZOZ7SXm80aajvlDg-1636166913-0-ASOlwndrHE4tfNime3sh9gGSLY8AQZZbH4ns2N7C83auj2vRX17DaT7txuZ7xx0SQ/OHPM4PX415+wZ6mGBLC2k=
.prosettings.net/	1970-01-19 22:29:28	Name: __cf_bm Value: Bjxu9dcjroKppe69q3vOki1tPspVJRLusnr.sAJe1zQ-1636166913-0-ARlbNpJo+8OD+GOtLzxfyiBloQGqLvKMvwYi8K3pc3Pmli6WsbWVCveCzIkX9OUjt5A5w76LfotAAHCsFKHLFACFdAiPUSkJo4LsXkv/LiZpfCkzM08tSiqmWBrzBEbvYN+UoIOqVjMC25JF/gzs33BZeR/g5lOJ5vWbgVBMOiUe
.prosettings.net/	1970-01-20 16:00:38	Name: _ga Value: GA1.2.263038604.1636166914
.prosettings.net/	1970-01-19 22:30:53	Name: _gid Value: GA1.2.327635666.1636166914
.prosettings.net/	1970-01-19 22:29:26	Name: _gat_UA-69669845-2 Value: 1
prosettings.net/	1970-01-19 23:12:38	Name: ac_user_id Value: acvmnn0b1nh8oa7cc85affb9d3004667722cd00fb226ec76c53ebeb40702cadfa802f9ea9774ea9
prosettings.net/	1970-01-19 22:30:53	Name: ac_lre_frequency06c4eb2c79f9f1401704eb6c6c50689f Value: [1636166914716,1]
.springserve.com/	1970-01-20 07:13:36	Name: ssid Value: cf6243e6-a57f-4811-8a17-3df4fa8d33d4
.springserve.com/	1970-01-20 07:13:36	Name: sst Value: 1636166916983
.openx.net/	1970-01-20 07:15:02	Name: i Value: 9eb1a625-e793-4111-b946-4e19c213f9f1\|1636166917
.openx.net/	1970-01-19 22:51:02	Name: pd Value: v2\|1636166917\|gekin0vNiygu
.quantserve.com/	1970-01-20 00:39:02	Name: d Value: EPoBDAHUJIqsMA
.quantserve.com/	1970-01-20 07:59:41	Name: mc Value: 6185ed05-3b44c-0e802-3313e
.mathtag.com/	1970-01-20 07:55:22	Name: uuid Value: 30506185-ed04-4b00-8908-2acf9123c370
.adform.net/	1970-01-19 23:12:38	Name: C Value: 1
.adform.net/	1970-01-19 23:55:50	Name: uid Value: 4533075648421269585
.doubleclick.net/	1970-01-20 07:51:02	Name: IDE Value: AHWqTUlG7FwIoqRveYW6aNF3BbUdF_eZ3k47d7V2-CET-bMHIlFC-0FF7dmNksjqTFw
.adnxs.com/	1970-01-20 00:39:02	Name: icu Value: ChgI_KphEAoYASABKAEwhdqXjAY4AUABSAEQhdqXjAYYAA..
.adnxs.com/	1970-01-20 00:39:02	Name: uuid2 Value: 1849618375121554103

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74) Message: Origin trial controlled feature not enabled: 'trust-token-redemption'.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 74) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
assets.anyclip.com
c1.adform.net
cdn5.anyclip.com
cm.g.doubleclick.net
config.anyclip.com
csi.gstatic.com
eu-u.openx.net
ib.adnxs.com
imasdk.googleapis.com
instant.page
lreprx-server.anyclip.com
match.adsrvr.org
pagead2.googlesyndication.com
pixel.anyclip.com
pixel.quantserve.com
player.anyclip.com
prosettings.net
s.nitropay.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.mathtag.com
tracker.nitropay.com
trafficmanager.anyclip.com
u.openx.net
us-u.openx.net
vid.springserve.com
vpaid.springserve.com
www.google-analytics.com
www.googletagmanager.com
142.250.185.98
142.250.186.130
178.79.242.139
185.29.132.241
2600:9000:2156:d000:15:6f6c:b180:93a1
2606:4700:20::ac43:4513
2606:4700:3108::ac42:28f2
2606:4700::6811:91a
2606:4700::6812:24e
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:808::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2008
2a00:1450:400c:c08::9d
2a00:1450:400e:810::2003
35.244.159.8
37.157.2.236
37.252.172.38
44.194.55.212
52.223.40.198
52.72.126.250
54.156.83.163
54.228.109.135
01f62119d738e56887c7298650396be3edc28f9bd4b64af4c496048183172630
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
102c6b9f2b0d600cd17e63665f3edacf5fe19c6f2ad5e0bd056973c8866783b2
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
11616d7d5f3434a1bd40ef38316218534ab227def8f934d2f1dee4af79fecda8
150d48f34f9baff151e7d5819e9031b3ee96dc67d45b87897c7ba22bc3cb4747
17d28d80565aea246a542b61a9d2f93c98fb30887bd662de52191d4e87a6fb45
1b4dd204c0d882894bf703003d34deeea43c24bb7e279de7216b3964dda65837
1f856b946c84015599f51d0db640b92642d03b8a968759e07e75fd108a6971dc
21643e277dd844f19db03d3f817484ba22f7e907f60dc37b570d97878a6bdd22
21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16
22e17def165292fd4236d10b6915490adb7f84403ee652cfbc3593c049ea9d60
2ac5f3791fa7402047ee60c12f9859cac51c9182d5cd011660bcf0f9dc46b9fc
2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949
2e36a44198c29251d8270d1ccf9d49a48b16585b0bfaf8b3d0a9ee70d259c2a9
3234a4037ae297fc7f0620731a4f45cac55b191f166034d9f414572f0dacce69
3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e
3be792108632d778ecb33ca3e4496758eac777690e135e62297d3f3c3e0ddc0f
3cc9389c9cfdbc0fb7c282c3026c3cd9c11894913f4cf60cf9d1140a1415ad0a
3cdbb68e93d9fb8a81d427448443a41d21a66c151d4d7ec865e648833f854b2c
42d62f70132d70267d7c490a5cf860b011fcafcde494fd5c79a813428f9ba60b
453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9
4ae7dfc2a6a24bb9e5aeb4bc32a3c7ea33e99fe4f1753695c4b6d3e4b9d11d0f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50a24e921e2c7cff6c731fce57043b7bc0ddf62e08730f659d655e40dadc0b28
54542dfb1cc2b6f517dcf842e29e01079cac50a0f4d846f91c4dc00fba17c01b
5b9217af655ec95087aeaaccd6a5eb729d0baf5ef3b0d23e7b4cbcd8eb067ad7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60f08365caa0ed9be87b88b91af70e9e4a48233c6f50a09c7f201664ab1262e1
67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d
68ce9e10bb6753d99b2a7142a0a4948d9f1291b4bf89086f1f3f6a644f5a9f79
68f286aa060e24559c6098dd05176a603d9444fc48055ac5656ae339be17bc52
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
80aa91014297a7579e91de1922a7eb33980600e876b69f8adbde8f1655984f7a
80ca127c8f38627c525fe3f60fd65546771f6e6a5b7a9244d78c3804dae5371a
83ec55d7df1a8db6b87c932d9642ca0b3d382d74a676a02a9459ab50485bef47
85f9996ecd3d28fd3bdc0b49b507a47ab74e01ad9cabb22f3faac768578f6a41
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
88cca2683736f2267e186e71b3bda3e323eae8fcc49d4d33c2728cda257d6d53
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
8d5dc96ae79e57b24ad50134c8ed8ec16a6b7868536913ba7f7cdf0c79796618
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9149240f5fd8bec82d68caaaae9aa70bb91a3c3ca6430efeb5beac3127c20eff
982978cba17e97a55afa8f4148a5536dc96b7e7804439e0cb4672c1f2b697488
9e897ecc8ee3946081b793623e179c0255975fd02272ea5d52308e5c2e5057c9
9f1acc13d8e5dedd03801ebdafcdf2413f6c9a6bf249a47c26fe9344626c65b7
a0082e6ede7f12643600a2a20a4be05ccb8c93dfe293d5282f9e352004fa6614
a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd
a3f8be73bc6410ae1955e49211d6dc3c64b705d354500a6c1f1f5dffa2c704e1
a48ebcd4b263cd885d213d66e8295c73fc1b5c0f7cd2cbb7f7d4da1bd807a4bf
a680a9a11eab21ba500e4a3a47db62838b7106ea7f58ac173703ca594218f32b
aaee4de7788b34d4094ffdb565e95a3c588d7d08b8c1688587172679fdf3596b
ac43b17a8cad041389ec383d7e6dbdf0c24bc5271abf698bab1052180577c033
ad2b5a90451d8fd198be7ba9788c21481fd7a1d065b040d37bebe2fee3ab29f2
b0a9b97577a440d38ae5b8a9ca988a9eb4f2d85449378f3f3a52aed06d393569
b53e3fd330dd3a1833a8d065839c44d41babc9189b7b84b014379495d0584894
b81c765d2a886e165d497df01133df309111a7971346df5f2c61859cd1709da1
b87e3837856f8064dde2f2441c417f050a57629c104833c4c5ff31c309ef8ebc
b92a11bdd2803a0baab769f46c070950fe9328efa62d4651a470618406b68edb
b97c20ef963146bfb5b52bf336b23c71c5d998f794a70fc15ae9dc127388b0d8
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635
c2b4636ed8badd400495933250c0a76a6931bf111de91e8be9a83a020fe663ed
c729f5d16f4a59d1030c9191225d8afb1c4f59208627ec7479cff74b5b11d8e2
c88a474a0da990ae60dd29896977db99b563094424d8c04b74b9e5939182b3d4
c9d495431d94258cfaebc848360591b942aae6924da20137d56ef933f8e4d74d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8fb4b661478893cdc01168684edb65856d41eff4281aa41aece0cc1ea1f062
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
dc8e4997e378af6b58d4b7869d8593260dc7548689b9fa2814103065b84a9170
dd06d3cec78769e6dd11ac47b02d3cc2bdc0b8540d47ca3ba3749f2d28b32e58
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de4ffa402b49132f160a4b72cdf855677151597c0644d51830bb66a20ebd8fb9
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
ee22953e6e9caf267dd7ec73a99ecc1093bc2dbe9c64344462044d54430e6478
f01448c555b670db4af1b8950af7544560020a59b26cb61bcd9abea08ad86465
fa5c34371df3acd378bd2490d82a32ad6f3b80155e5eee8ad1b937a188993e0f
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd538b2e402ef938d2f37f3b24fa87531e309d66312548f74a3044bc97eae5ac

prosettings.net Open in urlscan Pro 2606:4700:3108::ac42:28f2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

133 Requests

93 %HTTPS

52 %IPv6

19 Domains

31 Subdomains

23 IPs

6 Countries

3003 kBTransfer

8469 kBSize

19 Cookies

8 Outgoing links

Page URL History

Redirected requests

133 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

prosettings.net Open in urlscan Pro
2606:4700:3108::ac42:28f2 Public Scan

Screenshot
Live screenshot

Full Image

133
Requests

93 %
HTTPS

52 %
IPv6

19
Domains

31
Subdomains

23
IPs

6
Countries

3003 kB
Transfer

8469 kB
Size

19
Cookies

133 HTTP transactions
-3 data transactions