coinbase.mobi.w3snoop.com Open in urlscan Pro
18.159.80.129  Public Scan

36 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 103

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 307
• https://ap.lijit.com/pixel?redir=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID&sovrn_retry=true HTTP 307
• https://pb-server.ezoic.com/setuid?bidder=sovrn&gdpr=&gdpr_consent=&f=i&uid=57d690e9223d4595809dd8d3

Request Chain 104

• https://www.berush.com/static/webpack_bundles/remote.js?v=9 HTTP 301
• https://pm.berush.com/source/widgets-legacy/js/remote.js?v=9

Request Chain 107

• https://www.berush.com/en/promo/widget-iframe-traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en HTTP 301
• https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en

Request Chain 108

• https://www.berush.com/en/promo/widget-iframe-backlink/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en HTTP 301
• https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response coinbase.mobi.w3snoop.com/	122 KB 26 KB	826ms 703ms	Document text/html	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 05d3f43ffcb847ec65f33cf8ce7f427e6a3cef52036df101ffa085c9ff5d28fe Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers cache-control private, max-age=0, must-revalidate, no-cache, no-store content-encoding br content-type text/html; charset=UTF-8 date Mon, 31 Jan 2022 01:19:00 GMT display pub_site_sol expires Sun, 30 Jan 2022 01:19:00 GMT pagespeed off response 200 server nginx vary Accept-Encoding Accept-Encoding x-content-type-options nosniff x-ez-minify-html 7.89% 121499 / 131900 x-frame-options SAMEORIGIN x-middleton-display pub_site_sol x-middleton-response 200 x-sol pub_site x-xss-protection 1; mode=block
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	79 KB 27 KB	275ms 45ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software sffe / Resource Hash c987618d391c9f3e81850a874a05a8a766d1a583dbbe3d222174ca491b2df3af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:00 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27099 x-xss-protection 0 server sffe etag "1118 / 195 of 1000 / last-modified: 1643411190" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 31 Jan 2022 01:19:00 GMT
GET H2	200	dall.js Show response go.ezodn.com/hb/	351 KB 101 KB	357ms 127ms	Script application/javascript	2606:4700:3031::6815:496e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::6815:496e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4b31c8449680ba0539f48a73d119ee64431e4a7e39c9cd32513bc5a861a958a2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:00 GMT content-encoding br cf-cache-status MISS last-modified Mon, 31 Jan 2022 01:19:00 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nd1qQLeTgk6HqNpddS3HlfJI1cdRV6JHkiWAzH6NeaC4QuiYGXOyyyBcSNRYoyguPPNSeiz%2FY88VhaVX09vw%2B0O9%2FLLqjZ8tP0pn%2Fbqwxi5JHK2oxV%2BlpdA1ccgrGSbxJ4OQPtDiP3jmQ1k%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6d5f1bfe3d445a25-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	134 KB 36 KB	43ms 8ms	Script application/javascript	52.222.210.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.210.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-210-175.fra56.r.cloudfront.net Software Server / Resource Hash c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:12:11 GMT content-encoding gzip age 409 x-cache Hit from cloudfront timing-allow-origin * server Server x-amz-rid 0FNDKEJ3FV5QD5P8G51T etag 8d3665a9b316600491247ca6d78c204c vary Accept-Encoding x-amz-version-id HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH via 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront) cache-control public, max-age=900 x-amz-cf-pop FRA56-P3 accept-ranges bytes content-type application/javascript x-amz-cf-id rXCfvPlem-uA8M_x2aKedoKH0SIfA1bnPvkJonXiMJEE684bz9I7nA==
GET H2	200	app.css w3snoop.com/css/	35 KB 8 KB	419ms 410ms	Stylesheet text/css	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://w3snoop.com/css/app.css Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 6650cd30bfe89f3c9ad302c63cfc40794a4e99317f9ba6622a286f8dd0141e84 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br x-content-type-options nosniff x-sol orig display staticcontent_sol, orig_site_sol x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 x-xss-protection 1; mode=block response 200 last-modified Sun, 30 Jan 2022 21:11:18 GMT server nginx x-frame-options SAMEORIGIN etag W/"5ec50a0d-8c9a-gzip" vary Accept-Encoding, Accept-Encoding,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	app.js Show response w3snoop.com/js/	505 KB 152 KB	809ms 801ms	Script application/javascript	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://w3snoop.com/js/app.js?v=6 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash b1fd003241addf4bc00b090f2bf310d957b30536c3cb84680563ac7fd8d25805 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br x-content-type-options nosniff display staticcontent_sol x-middleton-display staticcontent_sol x-middleton-response 200 x-xss-protection 1; mode=block response 200 last-modified Sun, 30 Jan 2022 07:12:25 GMT server nginx x-frame-options SAMEORIGIN etag W/"5ebe3a4d-7e222-gzip" vary Accept-Encoding, Accept-Encoding,Origin content-type application/javascript; charset=utf-8 cache-control max-age=259200 x-ez-minify-js 0.00% 516642 / 516642 expires Thu, 03 Feb 2022 01:19:01 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	146ms 60ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-123359880-1 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 28da3927199ba03b0f5a824eee6cf1136c96ce2c4e811c1d1aa138a08dd14d4e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36116 x-xss-protection 0 last-modified Mon, 31 Jan 2022 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 31 Jan 2022 01:19:01 GMT
GET H2	200	consentsettings.js Show response coinbase.mobi.w3snoop.com/detroitchicago/	1 KB 670 B	66ms 66ms	Script application/javascript	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/detroitchicago/consentsettings.js?cb=2 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 383472db86bc19b822592340828e1a9d680ece8e6a5114eb4744351081fdea3c Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:00 GMT content-encoding br last-modified Sun, 30 Jan 2022 07:12:21 GMT server nginx etag "5be-5d6c7639a6c8a;5d6c7639a6c8a-gzip" vary Accept-Encoding, Accept-Encoding content-type application/javascript cache-control max-age=31536000, public accept-ranges bytes x-robots-tag noindex content-length 525
GET H2	200	logo.png w3snoop.com/images/interface/	25 KB 11 KB	514ms 513ms	Image image/png	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w3snoop.com/images/interface/logo.png Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash d3d0691529584a990bbfe5c69c8e6830d63a35527415bc77368f99ee18707c87 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br x-content-type-options nosniff response 200 last-modified Sun, 30 Jan 2022 09:10:21 GMT server nginx display staticcontent_sol etag "5e49f91d-6397-gzip" x-frame-options SAMEORIGIN content-type image/png x-middleton-display staticcontent_sol cache-control public, max-age=31536000 x-middleton-response 200 vary Accept-Encoding, Origin,Accept-Encoding x-xss-protection 1; mode=block
GET H2	200	Generic-Share.svg w3snoop.com/images/icons/social/	1 KB 648 B	503ms 501ms	Image image/svg+xml	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w3snoop.com/images/icons/social/Generic-Share.svg Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 57049695f33501c282f431b3b9ccfaa7e64bbb1b574ecabfbfca7168bc1b2e1a Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br x-content-type-options nosniff display staticcontent_sol x-middleton-display staticcontent_sol x-middleton-response 200 content-length 513 x-xss-protection 1; mode=block response 200 last-modified Mon, 31 Jan 2022 00:11:27 GMT server nginx x-frame-options SAMEORIGIN etag W/"5e49f91d-54a-gzip" vary Accept-Encoding, Accept-Encoding,Origin content-type image/svg+xml cache-control public, max-age=31536000
GET H2	200	banger.js Show response coinbase.mobi.w3snoop.com/porpoiseant/	53 KB 12 KB	34ms 33ms	Script application/javascript	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/porpoiseant/banger.js?cb=195-7&bv=98&v=57&PageSpeed=off Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 8657e791091dda8c9ce8073b7e9d5f7c92cea5df5e5ad8fce7d27dd327c4b2f6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br server nginx vary Accept-Encoding, Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex
GET H2	200	ezcl.webp Show response coinbase.mobi.w3snoop.com/utilcave_com/inc/	1 KB 1 KB	64ms 63ms	Script application/javascript	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/utilcave_com/inc/ezcl.webp?cb=4 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br x-sol middleton server nginx display staticcontent_sol vary Accept-Encoding, Accept-Encoding content-type application/javascript x-middleton-display staticcontent_sol cache-control max-age=86400 x-ez-minify-js 0.00% 1337 / 1337 content-length 605
GET H2	200	css fonts.googleapis.com/	4 KB 1 KB	46ms 20ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese Requested by Host: w3snoop.com URL: https://w3snoop.com/css/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 31 Jan 2022 01:19:01 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 31 Jan 2022 01:19:01 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 31 Jan 2022 01:19:01 GMT
GET H2	200	cmbv2.js Show response coinbase.mobi.w3snoop.com/detroitchicago/	102 KB 28 KB	75ms 74ms	Script application/javascript	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x34x57 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 81e5b1c8ce8c324408fe0527519efc135c1a2fe9cb94ae100abf3d39bd5f1b76 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br server nginx vary Accept-Encoding, Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public, max-age=31536000, public x-robots-tag noindex
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	143ms 52ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://coinbase.mobi.w3snoop.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 13:39:48 GMT x-content-type-options nosniff age 214753 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 28 Jan 2023 13:39:48 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	160ms 72ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:400,700&display=swap&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://coinbase.mobi.w3snoop.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 17:56:19 GMT x-content-type-options nosniff age 372162 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15828 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:28 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 26 Jan 2023 17:56:19 GMT
GET H2	200	pubads_impl_2022012506.js Show response securepubads.g.doubleclick.net/gpt/	354 KB 120 KB	49ms 48ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software sffe / Resource Hash 8023286f9ad1440333463e3c1c449c356c6e690d42a0ac7d6f6f231845481a9e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sun, 30 Jan 2022 22:52:16 GMT content-encoding gzip x-content-type-options nosniff age 8805 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 122264 x-xss-protection 0 last-modified Tue, 25 Jan 2022 15:13:18 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 30 Jan 2023 22:52:16 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	119 B 126 B	120ms 60ms	XHR application/json	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=coinbase.mobi.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash a01e997a16de68b3532791fffc6dee1c479890ea7193965a5c56154d6f82c0d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Mon, 31 Jan 2022 01:19:01 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 101 x-xss-protection 0 expires Mon, 31 Jan 2022 01:19:01 GMT
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 94cce56c2c4bc1d0fb5b8e5ddf05d1cf4c15ce425e6c35b0b8932486cf25455c Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6deb2c33c9e4b3317e268899b41948a4765b5152fd63f108380f6d883cffe9b1 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c278a6ed54254611f394192014869bc930d03848a1c37c7e4120b163583f5d85 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	67 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6a8475cf62649d63b702a0bd9c20f35909d87d029d2950bd74bf4c68c2b3e34d Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	385 B 741 B	160ms 160ms	XHR application/json	52.222.210.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fcoinbase.mobi.w3snoop.com&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.210.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-210-175.fra56.r.cloudfront.net Software Server / Resource Hash dd4320cdfa0077bbe8f1a4e0e77a65c6253cfae2fc282ce7a6ab8e78a330b143 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:00 GMT via 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P3 x-cache Miss from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin https://coinbase.mobi.w3snoop.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true content-length 385 x-amz-cf-id 3ASroVgveC8hykuuA-Ow85CGo-gY3W_fdUVF3M3-y9-7HPKDl5EByA==
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	23 B 498 B	95ms 94ms	XHR text/javascript	52.222.210.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F&pid=ZCBgfsOs3DGTP&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-box-4-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-box-4%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-box-1-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-box-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-box-3-0%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-box-3%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-box-2-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-box-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-medrectangle-2-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-medrectangle-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-banner-1-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-banner-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-medrectangle-1-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-medrectangle-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-w3snoop_com-large-leaderboard-2-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2C15511903%2Fw3snoop_com-large-leaderboard-2%22%7D%5D&schain=1.0%2C1!ezoic.ai%2C89dda44f243a7dcabff588800a1bcd4f%2C1%2C%2C%2C&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.210.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-210-175.fra56.r.cloudfront.net Software Server / Resource Hash 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT via 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-P3 x-amz-rid KWJ4P050EZE9KE0S5R8X vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://coinbase.mobi.w3snoop.com access-control-allow-credentials true permissions-policy interest-cohort=() strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 23 x-amz-cf-id meT-8NGy542WOmmH6JbVJSWn_lqz0MxumtUdMEt3lxO474gG1zCvhw==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	537ms 418ms	XHR application/javascript	52.222.210.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.210.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-210-175.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:02 GMT content-encoding gzip vary Accept-Encoding,Origin x-amz-cf-pop FRA56-P3 x-cache Miss from cloudfront access-control-allow-origin * last-modified Fri, 21 Jan 2022 02:54:57 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn via 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront) cache-control public, max-age=86400 content-type application/javascript x-amz-cf-id 7hFCgg0vXOm_ID834Fjd8igSHZrDOQ8HX-y6UnYBx5SVpaZCZkyIfg==
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1f5c4dae22b0316bc107d417e182a2b520174473315401887a2004f1ff05a90f Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	url.png w3snoop.com/images/icons/	375 B 466 B	439ms 438ms	Image image/png	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w3snoop.com/images/icons/url.png Requested by Host: w3snoop.com URL: https://w3snoop.com/css/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 544a07ea785fbf3038bff6880b444664138c3aa00e89858cf9fb9c76e2bc94f9 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://w3snoop.com/css/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br x-content-type-options nosniff display staticcontent_sol x-middleton-display staticcontent_sol x-middleton-response 200 content-length 379 x-xss-protection 1; mode=block response 200 last-modified Sun, 30 Jan 2022 23:11:22 GMT server nginx x-frame-options SAMEORIGIN etag "5e49f91d-177-gzip" vary Accept-Encoding, Origin,Accept-Encoding content-type image/png cache-control public, max-age=31536000
GET DATA	200 OK	truncated /	69 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 55d4281576433134d8b17334e25dc390a6062aee7a6da5ceab383a407c660855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	ezoic.png go.ezoic.net/utilcave_com/img/	1 KB 2 KB	431ms 61ms	Image image/png	2600:9000:224a:3e00:2:cb38:840:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://go.ezoic.net/utilcave_com/img/ezoic.png Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:224a:3e00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 24 Jan 2022 07:27:28 GMT via 1.1 197c4cb5add90683639ea9a7475e4dd2.cloudfront.net (CloudFront) x-sol middleton age 582693 x-cache Hit from cloudfront x-middleton-display staticcontent_sol content-length 1181 x-amz-cf-id cqTM5xBW5_Am5UmrcLHJC72xcmi3Tbw7k3vyqNTKP1V4Y2PLbkr8Ow== last-modified Mon, 24 Jan 2022 07:07:18 GMT server nginx etag "49d-5bd497273b080-gzip-gzip" vary Accept-Encoding,Accept-Encoding content-type image/png cache-control max-age=604800 x-amz-cf-pop DUS51-P1 display staticcontent_sol expires Mon, 31 Jan 2022 07:27:28 GMT
GET H2	200	houston.js Show response coinbase.mobi.w3snoop.com/detroitchicago/	4 KB 1 KB	64ms 64ms	Script application/javascript	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/detroitchicago/houston.js?gcb=7&cb=16 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br server nginx vary Accept-Encoding, Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public x-robots-tag noindex content-length 1351
GET H2	200	nmash.js coinbase.mobi.w3snoop.com/porpoiseant/	24 KB 6 KB	65ms 64ms	Other application/javascript	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/porpoiseant/nmash.js?v=98 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br last-modified Sun, 30 Jan 2022 08:11:20 GMT server nginx etag "6003-5d6c83685f638;5d6c83685f638-gzip" vary Accept-Encoding, Accept-Encoding content-type application/javascript cache-control max-age=31536000, public accept-ranges bytes x-robots-tag noindex
GET H2	200	imp.gif Show response coinbase.mobi.w3snoop.com/detroitchicago/	43 B 159 B	77ms 76ms	XHR image/gif	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A3%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C3%2C0%2C2%2C1%2C5%2C30%2C4%2C36%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A8%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A1%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A7%2C%22domain_id%22%3A86868%2C%22domain_test_group%22%3A20210303%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22iab_category_1%22%3A%22619%22%2C%22iab_category_2%22%3A%2258%22%2C%22iab_category_3%22%3A%2253%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A4%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1118%2C1121%2C1125%2C1126%2C1130%2C1136%2C1142%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22911f5b67-6b18-4260-434c-8f8097bbc1cc%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A35017%2C%22response_time_orig%22%3A421%2C%22serverid%22%3A%223.71.93.24%3A28182%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1118%2C1121%2C1125%2C1126%2C1130%2C1136%2C1142%22%2C%22t_epoch%22%3A1643591939%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A394%2C%22worst_bad_word_level%22%3A0%7D Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x34x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br server nginx vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/gif x-middleton-display imp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 47 expires Sun, 30 Jan 2022 01:19:02 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	app.css w3snoop.com/css/	35 KB 35 KB	415ms 414ms	Image text/css	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w3snoop.com/css/app.css Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br x-content-type-options nosniff x-sol orig display staticcontent_sol, orig_site_sol x-middleton-display staticcontent_sol, orig_site_sol x-middleton-response 200 x-xss-protection 1; mode=block response 200 last-modified Sun, 30 Jan 2022 23:11:22 GMT server nginx x-frame-options SAMEORIGIN etag W/"5ec50a0d-8c9a-gzip" vary Accept-Encoding, Accept-Encoding,Origin content-type text/css cache-control public, max-age=31536000
GET H2	200	cmbdv2.js Show response coinbase.mobi.w3snoop.com/detroitchicago/	47 KB 11 KB	80ms 80ms	Script application/javascript	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/detroitchicago/cmbdv2.js?gcb=195-7&cb=03-5y0c-5y18-4y35-23y58-21&cmbcb=20&sj=x03x0cx18x35x58 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 00173a242df30155af67f131701bdc7fb0397dd9758832c1a5972df29ebf9e2e Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br server nginx vary Accept-Encoding, Accept-Encoding content-type application/javascript x-middleton-display sol-js cache-control max-age=31536000, public, max-age=31536000, public x-robots-tag noindex
GET H2	200	like.php Show response www.facebook.com/plugins/ Frame 142C	30 KB 14 KB	263ms 144ms	Document text/html	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fw3snoop%2F&width=225&layout=button_count&action=like&size=large&share=false&height=21&appId=1749095788540828 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x34x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 93bb951ace0a67a77f6911638898d37f1f2708a8e2cd9ba6a030b50316842689 Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ Response headers vary Accept-Encoding content-encoding br x-fb-rlafr 0 document-policy force-load-at-top cross-origin-opener-policy unsafe-none pragma no-cache cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options nosniff x-xss-protection 0 content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload content-type text/html; charset="utf-8" x-fb-debug dnEHH2fgWq8an2ARGxumjAI5JMpuTkgs3si/3HstIXFL3qvIjLRrmzf4VA7AvSW/szGaktnizq6++yD5RYuaRA== date Mon, 31 Jan 2022 01:19:01 GMT alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600
GET H2	200	favicons coinbase.mobi.w3snoop.com/ezoimgfmt/www.google.com/s2/	158 B 426 B	399ms 398ms	Image image/webp	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coinbase.mobi.w3snoop.com/ezoimgfmt/www.google.com/s2/favicons?domain=coinbase.mobi&ezimgfmt=rs:16x20/rscb5/ng:webp/ngcb5 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 9981f76321b2a236cb204c906b1eab2c7727ce2258ccadd4095e1c635cdae08b Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br x-sol pub_site display staticcontent_sol x-amzn-requestid 6e9aaad9-4e04-487a-99fe-4eb8e1e316b4 x-cache Miss from cloudfront x-middleton-display staticcontent_sol x-middleton-response 200 x-amz-apigw-id MyXY4GNWoAMF0iQ= content-length 162 response 200 server nginx x-amzn-trace-id Root=1-61f73905-0f09a4a07b772e204997fab3;Sampled=0 vary Accept-Encoding, Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront) cache-control public, max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA6-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id m9H87Pu3ot4c5IcjOcZr0Mzzsxy1HDGwDb2orMn7fGFm46PgI74OCA==
GET H2	200	no-ssl.png coinbase.mobi.w3snoop.com/ezoimgfmt/w3snoop.com/images/icons/	488 B 930 B	85ms 84ms	Image image/webp	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coinbase.mobi.w3snoop.com/ezoimgfmt/w3snoop.com/images/icons/no-ssl.png?ezimgfmt=rs:23x30/rscb5/ng:webp/ngcb5 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash beae3275b7d0dd95049541b0d4028817570e205167bf6d6f85f447e787dc92de Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br age 38389 x-amzn-requestid 3828cb5c-8fa4-4f27-889c-3265c0682817 x-cache Hit from cloudfront x-middleton-display staticcontent_sol x-middleton-response 200 x-amz-apigw-id Mw5qgEDwIAMF-ww= content-length 492 display staticcontent_sol response 200 server nginx x-amzn-trace-id Root=1-61f6a30f-750eb7a55eacf202373a1096;Sampled=0 vary Accept-Encoding, Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront) cache-control public, max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA6-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id 9Pb-Yv8d6vFVqIs1qD2F6-0a5qTo62TJb9FY4L4R-W8F-dU0DgYDbw==
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/	37 KB 10 KB	359ms 110ms	Script text/javascript	46.105.202.126 OVH
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.202.126 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash cd22c397f04eb61e3e9ad14b6149f294e4b8ae69b74b2140b237a31b26c99275 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-cacheable Matched cache x-cdn-pop-ip 137.74.120.0/27 date Mon, 31 Jan 2022 00:20:19 GMT content-type text/javascript;charset=utf-8 cache-control max-age=3600 x-cdn-pop sbg content-disposition attachment;filename="id5-api.js" accept-ranges bytes content-length 10430 x-request-id 555714205
GET H2	200	favicons coinbase.mobi.w3snoop.com/ezoimgfmt/www.google.com/s2/	158 B 394 B	297ms 296ms	Image image/webp	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coinbase.mobi.w3snoop.com/ezoimgfmt/www.google.com/s2/favicons?domain=coinbase.mobi&ezimgfmt=rs:16x16/rscb5/ng:webp/ngcb5 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 9981f76321b2a236cb204c906b1eab2c7727ce2258ccadd4095e1c635cdae08b Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br x-sol pub_site display staticcontent_sol x-amzn-requestid 706874c0-4956-4ba9-9458-14566f8e07a9 x-cache Miss from cloudfront x-middleton-display staticcontent_sol x-middleton-response 200 x-amz-apigw-id MyXY4G1dIAMFyXA= content-length 162 response 200 server nginx x-amzn-trace-id Root=1-61f73905-2131ec223ed1cf6b7fde8dc0;Sampled=0 vary Accept-Encoding, Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront) cache-control public, max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA6-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id eImomuDIb9PHAkTuuVNGlCx0Kjbr2cAtjEA3HpGFB6HlOmO37MgHAA==
GET H2	200	info.png coinbase.mobi.w3snoop.com/images/icons/	196 B 428 B	381ms 381ms	Image image/webp	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coinbase.mobi.w3snoop.com/images/icons/info.png?ezimgfmt=rs:12x12/rscb5/ng:webp/ngcb5 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash ede737173b04cf62cc39dc1942f8e5579c8ff36109f29c6c9648998ae6d539d8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:01 GMT content-encoding br display staticcontent_sol x-amzn-requestid 4a04256a-ca46-4d76-9ce7-b9525f45c6cf x-cache Miss from cloudfront x-middleton-display staticcontent_sol x-middleton-response 200 x-amz-apigw-id MyXY4GYVoAMFrOQ= content-length 200 response 200 server nginx x-amzn-trace-id Root=1-61f73905-34b280a830533b283e01e448;Sampled=0 vary Accept-Encoding, Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront) cache-control public, max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA6-C1 access-control-allow-headers Content-Type, Authorization x-amz-cf-id xOr1R1Hn6weraeXEXXwVcCYX8hqoM56jUO8UVXak2JgYb2WC5pdtUQ==
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	174ms 54ms	Script text/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-123359880-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 6247 date Sun, 30 Jan 2022 23:34:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 31 Jan 2022 01:34:54 GMT
GET H3	200	OqOE21UvWe3.png www.facebook.com/rsrc.php/v3/y5/r/ Frame 142C	400 B 454 B	105ms 47ms	Image image/png	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fw3snoop%2F&width=225&layout=button_count&action=like&size=large&share=false&height=21&appId=1749095788540828 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fw3snoop%2F&width=225&layout=button_count&action=like&size=large&share=false&height=21&appId=1749095788540828 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 25 Jan 2022 00:25:52 GMT x-content-type-options nosniff content-md5 uF0RL4E+h23ClLQmPOTTMw== document-policy force-load-at-top content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; cross-origin-resource-policy cross-origin content-length 400 x-fb-rlafr 0 x-fb-debug BgFHrk4E4ab+k7OmxyV9Gr65hKHXpUZoGsJe8w3X2N2g974lKvMbmIaZV3vgIQ90hn6n+iqxXOPhDDEg+AIw7w== last-modified Mon, 01 Jan 2001 08:00:00 GMT content-type image/png access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Wed, 25 Jan 2023 00:25:52 GMT
GET H3	200	XRqH1vwC65r.js Show response www.facebook.com/rsrc.php/v3iAxA4/y5/l/de_DE/ Frame 142C	520 KB 136 KB	105ms 49ms	XHR application/x-javascript	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/rsrc.php/v3iAxA4/y5/l/de_DE/XRqH1vwC65r.js?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fw3snoop%2F&width=225&layout=button_count&action=like&size=large&share=false&height=21&appId=1749095788540828 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 91459a2bad50bd1cbf12d3a2debb88bcdd5aeaa5f67f5849458489c94c8f3572 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fwww.facebook.com%2Fw3snoop%2F&width=225&layout=button_count&action=like&size=large&share=false&height=21&appId=1749095788540828 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 27 Jan 2022 09:27:49 GMT content-encoding br x-content-type-options nosniff content-md5 YutzsHchsBRWVh1TgsftnQ== document-policy force-load-at-top content-security-policy-report-only default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; cross-origin-resource-policy cross-origin content-length 138851 x-fb-rlafr 0 x-fb-debug qAVQpIULfuMbcGXaZMRSB3f8zDKi+V9TfpmEvog2R2BH4maMeA9SrJszB/91YP67asLrNBMfrJRN09PTIu8AEQ== last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control public,max-age=31536000,immutable timing-allow-origin * priority u=3,i expires Fri, 27 Jan 2023 09:27:49 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	1 B 21 B	107ms 56ms	XHR text/plain	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=176981349&t=pageview&_s=1&dl=https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F&ul=en-us&de=UTF-8&dt=Coinbase%20-%20Coinbase.mobi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=923364028&gjid=112483190&cid=1531294102.1643591942&tid=UA-123359880-1&_gid=1661867004.1643591942&_r=1&gtm=2ou1q0&z=1222763367 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 31 Jan 2022 01:19:01 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://coinbase.mobi.w3snoop.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200	457.json Show response id5-sync.com/g/v2/	212 B 542 B	189ms 42ms	XHR application/json	54.36.109.186 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/457.json Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.36.109.186 , France, ASN16276 (OVH, FR), Reverse DNS p06.id5-sync.com Software / Resource Hash efff197d2b28c3adcfd6eb399e50cfa41c1ec0f6db55ad0a0e69ad7716960d72 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Access-Control-Allow-Origin https://coinbase.mobi.w3snoop.com Date Mon, 31 Jan 2022 01:19:00 GMT Access-Control-Allow-Credentials true Vary Origin Transfer-Encoding chunked Strict-Transport-Security max-age=63072000; includeSubDomains; preload Content-Type application/json;charset=UTF-8
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	169ms 33ms	Script application/javascript	2a00:1450:4001:827::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=coinbase.mobi.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Mon, 31 Jan 2022 01:19:02 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	168ms 33ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=coinbase.mobi.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Mon, 31 Jan 2022 01:19:02 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	121 KB 32 KB	459ms 459ms	XHR text/plain	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=514044485897115&correlator=121983684953480&output=ldjh&impl=fifs&eid=31061815%2C31064560%2C31062931&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=1254144%3A15511903%2Cw3snoop_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ga%3D2497208%26tap%3Dw3snoop_com-pixel1-3883155901614852%26ezoic%3D1%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26ap%3D9999%26iid1%3D3883155901614852%26bra%3Dmod1&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1643591942232&lmt=1643591942&dlt=1643591940570&idt=759&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=1377911083&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1531294102.1643591942&ga_sid=1643591942&ga_hid=176981349&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash b528cbbed64256cb683349faa277824e7b598fc8288cc382007cced99877bfe4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:02 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32226 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://coinbase.mobi.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	12 KB 9 KB	159ms 36ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012506&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash dbbc921d29180161e0bae7afca0c4405ae81826b4f2006c117887cce2b774025 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Mon, 31 Jan 2022 01:19:02 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8995 x-xss-protection 0
GET H2	200	container.html Show response e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2ECD	6 KB 4 KB	219ms 39ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Mon, 31 Jan 2022 01:19:02 GMT expires Tue, 31 Jan 2023 01:19:02 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	pubads_impl_page_level_ads_2022012506.js Show response securepubads.g.doubleclick.net/gpt/	34 KB 13 KB	56ms 56ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022012506.js?cb=31064560 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software sffe / Resource Hash fc7f3dfe9ae1dda7006736f8f5a8671565609dfe6b48d8e9a06a1fc64f1c9cfb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 25 Jan 2022 23:15:56 GMT content-encoding gzip x-content-type-options nosniff age 439386 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12991 x-xss-protection 0 last-modified Tue, 25 Jan 2022 15:13:18 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 25 Jan 2023 23:15:56 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	110ms 44ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:02 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 31 Jan 2022 01:19:02 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5F24	13 KB 5 KB	97ms 48ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Mon, 31 Jan 2022 00:08:46 GMT expires Tue, 31 Jan 2023 00:08:46 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 4216 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 704B	783 B 1 KB	164ms 67ms	Document text/html	2a00:1450:4001:831::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash aa8eda81f7a2e15bc0859b895900f543123c8e9db86577693efee27c4f17f40a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-AOAdpdA3SmWzqVwVA5OmjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Mon, 31 Jan 2022 01:19:02 GMT date Mon, 31 Jan 2022 01:19:02 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-AOAdpdA3SmWzqVwVA5OmjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 513 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	OQeXulqavt2yHYod1yFVtMfB5cE7WnIBzfht8HOtA8E.js Show response pagead2.googlesyndication.com/bg/ Frame 5F24	35 KB 13 KB	101ms 36ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/OQeXulqavt2yHYod1yFVtMfB5cE7WnIBzfht8HOtA8E.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 390797ba5a9abeddb21d8a1dd72155b4c7c1e5c13b5a7201cdf86df073ad03c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sun, 30 Jan 2022 22:33:53 GMT content-encoding br x-content-type-options nosniff age 9909 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13499 x-xss-protection 0 last-modified Mon, 24 Jan 2022 14:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 30 Jan 2023 22:33:53 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 704B	0 0	58ms 57ms	Image text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012506&jk=514044485897115&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	container.html Show response e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BE1F	6 KB 3 KB	64ms 24ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 x-content-type-options nosniff server sffe x-xss-protection 0 date Mon, 31 Jan 2022 01:19:02 GMT expires Tue, 31 Jan 2023 01:19:02 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT content-type text/html age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	greenoaks.gif Show response coinbase.mobi.w3snoop.com/detroitchicago/	0 42 B	34ms 33ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5MTFmNWI2Ny02YjE4LTQyNjAtNDM0Yy04ZjgwOTdiYmMxY2MiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDM1OTE5MzksImRhdGEiOlt7Im5hbWUiOiJkZXZpY2Vfd2lkdGgiLCJ2YWwiOiIxNjAwIn0seyJuYW1lIjoiZGV2aWNlX2hlaWdodCIsInZhbCI6IjEyMDAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5MTFmNWI2Ny02YjE4LTQyNjAtNDM0Yy04ZjgwOTdiYmMxY2MiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDM1OTE5MzksImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIyLTAxLTMxIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIxIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5MTFmNWI2Ny02YjE4LTQyNjAtNDM0Yy04ZjgwOTdiYmMxY2MiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDM1OTE5MzksImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjkxMWY1YjY3LTZiMTgtNDI2MC00MzRjLThmODA5N2JiYzFjYyIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidF9lcG9jaCI6MTY0MzU5MTkzOSwiZGF0YSI6W3sibmFtZSI6Imxhbmd1YWdlX3ByaW1hcnlfc3VidGFnIiwidmFsIjoiZW4ifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5MTFmNWI2Ny02YjE4LTQyNjAtNDM0Yy04ZjgwOTdiYmMxY2MiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDM1OTE5MzksImRhdGEiOlt7Im5hbWUiOiJuYXZpZ2F0aW9uX3R5cGUiLCJ2YWwiOiIwIn0seyJuYW1lIjoicmVkaXJlY3RfY291bnQiLCJ2YWwiOiIwIn1dfV0= Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x34x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:02 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Sun, 30 Jan 2022 01:19:01 GMT
GET H2	200	greenoaks.gif Show response coinbase.mobi.w3snoop.com/detroitchicago/	0 42 B	34ms 33ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5MTFmNWI2Ny02YjE4LTQyNjAtNDM0Yy04ZjgwOTdiYmMxY2MiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDM1OTE5MzksImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjEyNCJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiODI2In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiI3OSJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiI1NzIifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiI1NzMifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMTE1MSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjkxMWY1YjY3LTZiMTgtNDI2MC00MzRjLThmODA5N2JiYzFjYyIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidF9lcG9jaCI6MTY0MzU5MTkzOSwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiMTM5MCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjkxMWY1YjY3LTZiMTgtNDI2MC00MzRjLThmODA5N2JiYzFjYyIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidF9lcG9jaCI6MTY0MzU5MTkzOSwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiIxMzkwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOTExZjViNjctNmIxOC00MjYwLTQzNGMtOGY4MDk3YmJjMWNjIiwiZG9tYWluX2lkIjoiODY4NjgiLCJ0X2Vwb2NoIjoxNjQzNTkxOTM5LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOTExZjViNjctNmIxOC00MjYwLTQzNGMtOGY4MDk3YmJjMWNjIiwiZG9tYWluX2lkIjoiODY4NjgiLCJ0X2Vwb2NoIjoxNjQzNTkxOTM5LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfV0= Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x34x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:02 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Sun, 30 Jan 2022 01:19:21 GMT
GET H2	200	greenoaks.gif Show response coinbase.mobi.w3snoop.com/detroitchicago/	0 134 B	32ms 30ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5MTFmNWI2Ny02YjE4LTQyNjAtNDM0Yy04ZjgwOTdiYmMxY2MiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDM1OTE5MzksImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5MTFmNWI2Ny02YjE4LTQyNjAtNDM0Yy04ZjgwOTdiYmMxY2MiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDM1OTE5MzksImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMjE0OCJ9XX1d Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x34x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:02 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Sun, 30 Jan 2022 01:18:59 GMT
GET H3	200	css2 fonts.googleapis.com/ Frame BE1F	4 KB 634 B	67ms 34ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com URL: https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 31 Jan 2022 00:18:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 31 Jan 2022 01:19:02 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 31 Jan 2022 01:19:02 GMT
GET H3	200	css fonts.googleapis.com/ Frame 2673	8 KB 888 B	51ms 34ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com URL: https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 31 Jan 2022 00:22:20 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 31 Jan 2022 01:19:02 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 31 Jan 2022 01:19:02 GMT
GET H3	200	load_preloaded_resource_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 2673	1 KB 875 B	25ms 25ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js Requested by Host: e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com URL: https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:03:37 GMT content-encoding gzip x-content-type-options nosniff age 925 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 848 x-xss-protection 0 server cafe etag 2277666839114365613 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 14 Feb 2022 01:03:37 GMT
GET H3	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 2673	18 KB 7 KB	24ms 24ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js Requested by Host: e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com URL: https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 00:59:04 GMT content-encoding gzip x-content-type-options nosniff age 1198 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7644 x-xss-protection 0 server cafe etag 6659623896352890502 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 14 Feb 2022 00:59:04 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 2673	2 KB 1 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js Requested by Host: e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com URL: https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:10:42 GMT content-encoding gzip x-content-type-options nosniff age 500 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1205 x-xss-protection 0 server cafe etag 18074202747124231361 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 14 Feb 2022 01:10:42 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2673	123 KB 38 KB	76ms 24ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com URL: https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:02 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38288 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1643200382015849" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 31 Jan 2022 01:19:02 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 2673	14 KB 6 KB	25ms 25ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js Requested by Host: e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com URL: https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:08:36 GMT content-encoding gzip x-content-type-options nosniff age 626 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6123 x-xss-protection 0 server cafe etag 15358646999216992880 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 14 Feb 2022 01:08:36 GMT
GET H2	200	fccbdb50d0e11463e1edb3d8fcf7c364.js Show response www.gstatic.com/mysidia/ Frame 2673	27 KB 12 KB	67ms 15ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com URL: https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sat, 29 Jan 2022 11:58:10 GMT content-encoding gzip x-content-type-options nosniff age 134452 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11411 x-xss-protection 0 last-modified Tue, 25 Jan 2022 02:23:19 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 29 Apr 2022 11:58:10 GMT
GET H3	200	interstitial_ad_frame_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame BE1F	18 KB 8 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/interstitial_ad_frame_fy2019.js Requested by Host: e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com URL: https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sun, 30 Jan 2022 23:28:15 GMT content-encoding gzip x-content-type-options nosniff age 6647 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7952 x-xss-protection 0 server cafe etag 4804491876264876803 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 13 Feb 2022 23:28:15 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame BE1F	205 B 519 B	66ms 19ms	Image image/png	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com URL: https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sun, 30 Jan 2022 21:58:00 GMT x-content-type-options nosniff age 12062 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 30 Jan 2023 21:58:00 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame BE1F	604 B 695 B	66ms 20ms	Image image/png	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com URL: https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Sun, 30 Jan 2022 15:05:15 GMT x-content-type-options nosniff age 36827 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Mon, 30 Jan 2023 15:05:15 GMT
GET H2	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 674D	143 B 426 B	57ms 16ms	Document text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com URL: https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/ Response headers x-content-type-options nosniff content-encoding gzip server cafe content-length 145 x-xss-protection 0 date Mon, 31 Jan 2022 01:03:04 GMT cache-control public, max-age=3600 content-type text/html; charset=UTF-8 age 958 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 5F24	0 9 B	17ms 17ms	Image text/plain	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?F7-M6Q Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:02 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H2	200	greenoaks.gif Show response coinbase.mobi.w3snoop.com/detroitchicago/	0 42 B	17ms 17ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5MTFmNWI2Ny02YjE4LTQyNjAtNDM0Yy04ZjgwOTdiYmMxY2MiLCJkb21haW5faWQiOiI4Njg2OCIsInRfZXBvY2giOjE2NDM1OTE5MzksImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9sb2FkIiwidmFsIjoiMjM5MiJ9XX1d Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x34x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:02 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Sun, 30 Jan 2022 01:19:03 GMT
GET H2	200	army.gif Show response coinbase.mobi.w3snoop.com/porpoiseant/	0 19 B	17ms 16ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzg4MzE1NTkwMTYxNDg1MiIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidW5pdCI6Inczc25vb3BfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NDM1OTE5MzksImF1Y3Rpb25fZXBvY2giOjE2NDM1OTE5NDMsImFkX3Bvc2l0aW9uIjo5OTk5LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTExZjViNjctNmIxOC00MjYwLTQzNGMtOGY4MDk3YmJjMWNjIiwiYmlkX2Zsb29yX2luaXRpYWwiOm51bGwsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjpudWxsLCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo3MDksIm11bHRpX2FkX3VuaXQiOm51bGwsIm11bHRpX2FkX2NvdW50IjpudWxsLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ== Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x34x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:02 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Sun, 30 Jan 2022 01:19:01 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 674D Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 18 B	57ms 38ms	Document text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com URL: https://e5140f5fe8634c2e75b3d789bce83e9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Mon, 31 Jan 2022 01:19:03 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Mon, 31 Jan 2022 01:19:03 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Mon, 31 Jan 2022 01:19:03 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	44ms 44ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012506&jk=514044485897115&bg=!urmluf3NAAY6OBv_Ojg7ACkAdvg8WqrbSOThnlecGk066tAtJu-v10MP1gtM8ysxZOx3Vr8e04WClAIAAACyUgAAAAJoAQcKAAJPZ5kC120w4T579g-redygVEWlX2lDrQMzGr1i2urdujzFX1g0KrDeM0MCkJxZDaivG9FLNBYgRbdmi579n7G1z4bxAEYY5fscSO2zeAkw_XJCYZFjJwt0A-pPa-AOTkeJv4xm6dj-MGIPGWkLEM8JieLRIlOKDsHsQ34O768ol8uCL6VEWyHqNrLA0lG-5KyC5nKB-l9a0Uf-xPWTsw7Ag6bceHua2GHqLEF9jjaPZN6YF6YUR2GDT-hSTl04KBtShf48gmztGYgj3ehFU-QmyLLJhEiq1iMOnO0kamVxFI48Qo6IYVgDxwco60wuBQ0RVXBjSTt6lIz1fLR-fTedz7cyek3RzzMEa31618-q8igW_LGWEXQg7CyNjgZXI4lN4NfY3SWp4SVz2T6aXaSSredAvRmPX3jAS3cvheOZaFKfH6AGUsQcJfcUsuti3LOpNZiJDhYMmyPqYXRWZxyn9yNH94VrDuXHEEqiO5SX1F8ojkZFeKYgnuxaTB_-8Wt9O0riswWUV33Y2e_O7TeZd_kQqs1t5_GcP2CcdR-dq3jWtBu0nc3_Zjx6KMfeNeI7uwa51yRPW1PcKuOVkCJQEIryS5qzxNKirGmTplY0jFQkRhiAVYiSNF8e3mAHl0dvZnRIFMb4E7--6PFEkvz1PMm8Slbfk4Eyc5vSsNuYsn3h52ngfWzdGZQcPQO5HChunVY6o4dyo1GNCoQLHT_3GlkDlMaFXVWFy3d19l6EuQhbSHwRaNEM3H40Uc4ix2oyIa9LFCH0RmRFpdydvM81xQI5ctyzTVc8avovCsEWfkiMyKECSe09cLWigOYYdDziR526LA7G3OT8ceC6ySKXVMi2UAoz-jpAScv4QJ89P9gcM-vIMa02Yhn4r08UFR3T82dNvGydF2BCLUuTmQhMSQYRmbXsya7qLBqLFq4pQM-n22ifcbHX7xoFGDY2tQlRNV-fGwjmatK2cA8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 31 Jan 2022 01:19:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	lcpel.go Show response coinbase.mobi.w3snoop.com/cheetah/	0 65 B	37ms 37ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/cheetah/lcpel.go Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Mon, 31 Jan 2022 01:19:03 GMT server nginx vary Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin https://coinbase.mobi.w3snoop.com cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Sun, 30 Jan 2022 01:19:03 GMT
GET H2	200	army.gif Show response coinbase.mobi.w3snoop.com/porpoiseant/	0 42 B	29ms 29ms	XHR text/plain	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzg4MzE1NTkwMTYxNDg1MiIsImRvbWFpbl9pZCI6Ijg2ODY4IiwidW5pdCI6Inczc25vb3BfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2NDM1OTE5MzksImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6IjkxMWY1YjY3LTZiMTgtNDI2MC00MzRjLThmODA5N2JiYzFjYyIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsxNTUyLDExMThdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzODgzMTU1OTAxNjE0ODUyIiwiZG9tYWluX2lkIjoiODY4NjgiLCJ1bml0IjoidzNzbm9vcF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY0MzU5MTkzOSwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTExZjViNjctNmIxOC00MjYwLTQzNGMtOGY4MDk3YmJjMWNjIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzODgzMTU1OTAxNjE0ODUyIiwiZG9tYWluX2lkIjoiODY4NjgiLCJ1bml0IjoidzNzbm9vcF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY0MzU5MTkzOSwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiOTExZjViNjctNmIxOC00MjYwLTQzNGMtOGY4MDk3YmJjMWNjIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0= Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x34x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:04 GMT server nginx vary Accept-Encoding, Accept-Encoding content-type text/plain; charset=utf-8 x-middleton-display ezp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 0 expires Sun, 30 Jan 2022 01:19:03 GMT
POST H2	200	cookie_sync Show response pb-server.ezoic.com/	260 B 487 B	99ms 22ms	XHR application/json	35.157.186.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pb-server.ezoic.com/cookie_sync Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.186.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-186-5.eu-central-1.compute.amazonaws.com Software / Resource Hash 9a1d01e9d377469c0a63b512be9cccd99302dac5406b3780c42eb0566fc0dc25 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 31 Jan 2022 01:19:05 GMT vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://coinbase.mobi.w3snoop.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true content-length 260 expires 0
POST H2	200	auction Show response pb-server.ezoic.com/openrtb2/	14 KB 14 KB	216ms 141ms	XHR application/json	35.157.186.5 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pb-server.ezoic.com/openrtb2/auction Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.157.186.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-186-5.eu-central-1.compute.amazonaws.com Software / Resource Hash d857cc30e143e5e30713613e56b8d1e12f5d5bd968bbce7d81569e1273c9caeb Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 31 Jan 2022 01:19:05 GMT vary Origin content-type application/json access-control-allow-origin https://coinbase.mobi.w3snoop.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true expires 0
POST H2	200	prebid-request Show response onetag-sys.com/	15 B 372 B	89ms 27ms	XHR application/json	51.89.9.252 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/prebid-request Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip252.ip-51-89-9.eu Software / Resource Hash 663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=15552000 content-encoding gzip p3p CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR' access-control-allow-origin https://coinbase.mobi.w3snoop.com cache-control no-transform, no-cache access-control-allow-credentials true content-type application/json access-control-allow-headers content-type, origin, referer, user-agent content-length 41
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	4 KB 3 KB	170ms 75ms	XHR application/json	2602:803:c003:200::41 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,89dda44f243a7dcabff588800a1bcd4f,1,,,&rf=https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=c16f99b9-dcce-45b0-9183-406657ad68c5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08111820851819296 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 734a02f17659835903e38966ac673aad4d1522e11df6140e792966e2a5520d73 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 31 Jan 2022 01:19:05 GMT Content-Encoding gzip Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://coinbase.mobi.w3snoop.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 2368 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	241 B 1 KB	192ms 90ms	XHR application/json	2602:803:c003:200::41 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,89dda44f243a7dcabff588800a1bcd4f,1,,,&rf=https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=307f32ee-93ea-4f4f-9746-ac0c85a064de&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3598600441725617 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 8f7618eb1ca7be6044184b74bea2a7985abdca8808a43eeb7e6e59d9e4ec6998 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 31 Jan 2022 01:19:05 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://coinbase.mobi.w3snoop.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	4 KB 3 KB	216ms 111ms	XHR application/json	2602:803:c003:200::41 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=1&rp_schain=1.0,1!ezoic.ai,89dda44f243a7dcabff588800a1bcd4f,1,,,&rf=https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=8a1ccfb0-020f-48ee-a057-028f6aa50b4a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7587427547681742 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash b32fc5f6b357ec41d4cf8a248a38da43029cf794c07f7e0732bc8fa69bfb97b7 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 31 Jan 2022 01:19:05 GMT Content-Encoding gzip Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://coinbase.mobi.w3snoop.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 2323 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	4 KB 3 KB	225ms 119ms	XHR application/json	2602:803:c003:200::41 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,89dda44f243a7dcabff588800a1bcd4f,1,,,&rf=https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=3575c896-cdf0-4d79-97ca-0ca82ee86843&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7652458389135803 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 7093e86968773f9c32b2c2e287ac8a4905d494c00f688b6237b23a2d1a8db115 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 31 Jan 2022 01:19:05 GMT Content-Encoding gzip Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://coinbase.mobi.w3snoop.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 2528 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	4 KB 3 KB	204ms 97ms	XHR application/json	2602:803:c003:200::41 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&alt_size_ids=55&rp_schain=1.0,1!ezoic.ai,89dda44f243a7dcabff588800a1bcd4f,1,,,&rf=https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=1cec9cce-f28f-4e31-8e41-a35b4638b11c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5753753867759053 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 0c3ba53ee20e2fb587189ddd8fefce28787c3a90c87294638d12bf6412b657d7 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 31 Jan 2022 01:19:05 GMT Content-Encoding gzip Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://coinbase.mobi.w3snoop.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 1760 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	4 KB 3 KB	193ms 84ms	XHR application/json	2602:803:c003:200::41 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,89dda44f243a7dcabff588800a1bcd4f,1,,,&rf=https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=a1663604-a21e-4d62-b02b-46c7ba9d885c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.263424524926519 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash d6cf887def160427eb162d872967e8ee3ea848875f4a066c71fc6cc625426d61 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 31 Jan 2022 01:19:05 GMT Content-Encoding gzip Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://coinbase.mobi.w3snoop.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 2345 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	4 KB 3 KB	260ms 90ms	XHR application/json	2602:803:c003:200::41 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&rp_schain=1.0,1!ezoic.ai,89dda44f243a7dcabff588800a1bcd4f,1,,,&rf=https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=a9f5e9ec-7007-45ca-853f-5f8f0538d534&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.21006797528284538 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 9e13033d2d459b2f668f301ba0dabf8bd9d9396b5d24c2105714f51efbd28488 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 31 Jan 2022 01:19:05 GMT Content-Encoding gzip Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://coinbase.mobi.w3snoop.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 1743 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json Show response fastlane.rubiconproject.com/a/api/	241 B 1 KB	278ms 87ms	XHR application/json	2602:803:c003:200::41 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&rp_schain=1.0,1!ezoic.ai,89dda44f243a7dcabff588800a1bcd4f,1,,,&rf=https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=4a89441a-64c7-46e4-a795-615214e09385&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.22537390101007415 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash 9fdcd9fdbfbf6fad08faf769e4e9483818f2d9ff12cb14a842894adbac5931f2 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Mon, 31 Jan 2022 01:19:05 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://coinbase.mobi.w3snoop.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Content-Length 241 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H2	200	cygnus Show response htlb.casalemedia.com/	37 B 337 B	110ms 30ms	XHR application/json	23.37.38.181 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://htlb.casalemedia.com/cygnus?s=305139&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22280a7f44dc537d9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A1%2C%22msi%22%3A1%2C%22mfu%22%3A0%2C%22bu%22%3A8%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A8%2C%22ren%22%3Afalse%2C%22version%22%3A%226.0.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22296e61a42879fae%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305139%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2230908ddde9261e1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305136%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%223138e26b8c1cda3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22305138%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2232abf6da073270b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305137%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2233f1007cc42909d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22305141%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22305141%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22348d4c59af75a45%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305144%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2235f38d5d1f828ce%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22305140%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2236e5393f37f009b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22305148%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%2289dda44f243a7dcabff588800a1bcd4f%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-37-38-181.deploy.static.akamaitechnologies.com Software Apache / Resource Hash ac4f97dd2b4d84139030ae37fef983a6cf922b37ecef0ad992e29fd449c8dc54 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 31 Jan 2022 01:19:05 GMT x-ak-initial-geo CC:[DE], RC:[HE], CN:[EU], CIP:[217.64.151.29], XFF:[] server Apache content-type application/json access-control-allow-origin https://coinbase.mobi.w3snoop.com x-cs-client-geo 12 cache-control max-age=0, no-cache, no-store access-control-allow-credentials true content-length 37 x-ak-client-geo 12 expires Mon, 31 Jan 2022 01:19:05 GMT
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 120 B	93ms 26ms	XHR text/plain	3.120.96.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.96.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-96-35.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://coinbase.mobi.w3snoop.com date Mon, 31 Jan 2022 01:19:05 GMT access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 119 B	156ms 89ms	XHR text/plain	3.120.96.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.96.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-96-35.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://coinbase.mobi.w3snoop.com date Mon, 31 Jan 2022 01:19:05 GMT access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 119 B	107ms 40ms	XHR text/plain	3.120.96.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.96.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-96-35.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://coinbase.mobi.w3snoop.com date Mon, 31 Jan 2022 01:19:05 GMT access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 119 B	107ms 40ms	XHR text/plain	3.120.96.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.96.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-96-35.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://coinbase.mobi.w3snoop.com date Mon, 31 Jan 2022 01:19:05 GMT access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 119 B	111ms 44ms	XHR text/plain	3.120.96.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.96.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-96-35.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://coinbase.mobi.w3snoop.com date Mon, 31 Jan 2022 01:19:05 GMT access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 119 B	111ms 45ms	XHR text/plain	3.120.96.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.96.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-96-35.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://coinbase.mobi.w3snoop.com date Mon, 31 Jan 2022 01:19:05 GMT access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 119 B	109ms 43ms	XHR text/plain	3.120.96.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.120.96.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-120-96-35.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://coinbase.mobi.w3snoop.com date Mon, 31 Jan 2022 01:19:05 GMT access-control-allow-credentials true vary Origin
POST H2	200	prebid Show response prebid.media.net/rtb/	32 B 290 B	302ms 243ms	XHR application/json	34.107.148.139 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid?cid=8CUBCB617 Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 139.148.107.34.bc.googleusercontent.com Software nginx / Resource Hash dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 31 Jan 2022 01:19:05 GMT content-encoding gzip server nginx content-type application/json;charset=UTF-8 access-control-allow-origin https://coinbase.mobi.w3snoop.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 via 1.1 google
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 122 B	669ms 267ms	XHR text/plain	204.237.133.116 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 204.237.133.116 Philadelphia, United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://coinbase.mobi.w3snoop.com date Mon, 31 Jan 2022 01:19:06 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
POST H2	204	c Show response prebid.a-mo.net/a/	0 354 B	387ms 158ms	XHR text/plain	147.75.38.124 PACKET
General Check archive.org Show headers Download Go to Full URL https://prebid.a-mo.net/a/c Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://coinbase.mobi.w3snoop.com date Mon, 31 Jan 2022 01:19:05 GMT cache-control max-age=0, private, must-revalidate access-control-allow-credentials true server envoy x-envoy-upstream-service-time 30 vary origin, Accept-Encoding
GET H2	204	prebid Show response ads.yieldmo.com/exchange/	0 231 B	159ms 50ms	XHR text/plain	54.75.219.149 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ads.yieldmo.com/exchange/prebid?pbav=6.0.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-w3snoop_com-box-4-0%22%2C%22callback_id%22%3A%2273242df379167f5%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-w3snoop_com-box-1-0%22%2C%22callback_id%22%3A%2274627a13a87f6ee%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-w3snoop_com-box-3-0%22%2C%22callback_id%22%3A%2275a14ab1ce3ae45%22%2C%22sizes%22%3A%5B%5B468%2C60%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-w3snoop_com-box-2-0%22%2C%22callback_id%22%3A%22765491a52f42cdf%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-w3snoop_com-medrectangle-2-0%22%2C%22callback_id%22%3A%2277fc3f0813c8cc1%22%2C%22sizes%22%3A%5B%5B970%2C90%5D%2C%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-w3snoop_com-banner-1-0%22%2C%22callback_id%22%3A%227865480d9bcde99%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-w3snoop_com-medrectangle-1-0%22%2C%22callback_id%22%3A%2279e94f90e071b39%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-w3snoop_com-large-leaderboard-2-0%22%2C%22callback_id%22%3A%2280e19954db3d1f3%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%7D%5D&page_url=https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F&bust=1643591945634&pr=&scrd=1&dnt=false&description=View%20Coinbase.mobi%20-%20Free%20traffic%2C%20revenue%2C%20rankings%2C%20ip%20address%20report%20for%20the%20Coinbase%20website.&title=Coinbase%20-%20Coinbase.mobi&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%2289dda44f243a7dcabff588800a1bcd4f%22%2C%22hp%22%3A1%7D%5D%7D Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.75.219.149 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-75-219-149.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://coinbase.mobi.w3snoop.com pragma no-cache date Mon, 31 Jan 2022 01:19:05 GMT access-control-allow-credentials true x-robots-tag none,NOINDEX,NOFOLLOW access-control-allow-methods POST, GET, OPTIONS access-control-request-headers Cache-Control, Pragma
POST H2	204	ortb Show response bid.contextweb.com/header/	0 539 B	470ms 181ms	XHR text/plain	198.148.27.133 PULSEPOINT
General Check archive.org Show headers Download Go to Full URL https://bid.contextweb.com/header/ortb?src=prebid Requested by Host: go.ezodn.com URL: https://go.ezodn.com/hb/dall.js?b=amx,ix,medianet,onetag,pubmatic,pulsepoint,rubicon,sharethrough,sovrn,spotx,yieldmo&cb=195-7-33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 198.148.27.133 New York, United States, ASN19189 (PULSEPOINT, US), Reverse DNS Software envoy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://coinbase.mobi.w3snoop.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Mon, 31 Jan 2022 01:19:05 GMT server envoy cwdl 22/148,22/148,22/148,22/148,22/148,22/148,22/148,22/148 access-control-allow-origin https://coinbase.mobi.w3snoop.com access-control-expose-headers Access-Control-Allow-Origin access-control-allow-credentials true x-envoy-upstream-service-time 47 cw-server bid-deployment-576d5cb7c8-mbsgc
GET H2	200	setuid pb-server.ezoic.com/ Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID https://ap.lijit.com/pixel?redir=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID&sovrn_retry=true https://pb-server.ezoic.com/setuid?bidder=sovrn&gdpr=&gdpr_consent=&f=i&uid=57d690e9223d4595809dd8d3	86 B 441 B	53ms 52ms	Image image/png	35.157.186.5 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pb-server.ezoic.com/setuid?bidder=sovrn&gdpr=&gdpr_consent=&f=i&uid=57d690e9223d4595809dd8d3 Protocol H2 Server 35.157.186.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-157-186-5.eu-central-1.compute.amazonaws.com Software / Resource Hash c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Mon, 31 Jan 2022 01:19:05 GMT cache-control no-cache, no-store, must-revalidate content-type image/png content-length 86 vary Origin expires 0 Redirect headers Date Mon, 31 Jan 2022 01:19:05 GMT Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://pb-server.ezoic.com/setuid?bidder=sovrn&gdpr=&gdpr_consent=&f=i&uid=57d690e9223d4595809dd8d3 Access-Control-Allow-Credentials true Connection close X-Sovrn-Pod ad_ap4ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type
GET H2	200	remote.js Show response pm.berush.com/source/widgets-legacy/js/ Redirect Chain https://www.berush.com/static/webpack_bundles/remote.js?v=9 https://pm.berush.com/source/widgets-legacy/js/remote.js?v=9	3 KB 1 KB	88ms 66ms	Script text/javascript	34.120.116.101
General Check archive.org Show headers Download Go to Full URL https://pm.berush.com/source/widgets-legacy/js/remote.js?v=9 Protocol H2 Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash 8a59343fc50e3ea3cb6a73b74984ad593a135cea6e9f44eb399baeffc4651c66 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding br age 1388 x-guploader-uploadid ADPycdsBn6QPpaOr7FriMwOXFW9M-RezkrtnDUOTJA25htn2gYHpu4Vjb2hd8--ehRM8n9Y87Elt-tO1WD2POq8CAUH9VuzmzQ x-goog-storage-class STANDARD x-goog-metageneration 2 date Mon, 31 Jan 2022 01:07:02 GMT x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 896 last-modified Wed, 01 Apr 2020 12:48:31 GMT etag W/"29923cdb61df9555beae06866f13e646" vary Accept-Encoding, Origin x-goog-hash crc32c=smJtVA==, md5=KZI822HflVW+rgaGbxPmRg== x-goog-generation 1585745311419229 via 1.1 google cache-control public, max-age=3600 x-goog-stored-content-length 2765 content-type text/javascript expires Mon, 31 Jan 2022 01:43:54 GMT Redirect headers location https://pm.berush.com/source/widgets-legacy/js/remote.js?v=9 date Mon, 31 Jan 2022 01:19:06 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 166 strict-transport-security max-age=15724800; includeSubDomains content-type text/html
GET H2	200	app.js Show response coinbase.mobi.w3snoop.com/ezossp/https/w3snoop.com/js/	505 KB 152 KB	916ms 916ms	Script application/javascript	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/ezossp/https/w3snoop.com/js/app.js?screx=1&sxcb=5a&v=6 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x34x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash fed504d9671b26c22c17ae8c8bbaa874b70b2aa579473b5ba9deed05db44ab26 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:07 GMT content-encoding br x-content-type-options nosniff display staticcontent_sol x-middleton-display staticcontent_sol x-middleton-response 200 x-xss-protection 1; mode=block response 200 last-modified Mon, 31 Jan 2022 01:11:14 GMT server nginx x-frame-options SAMEORIGIN etag W/"5ebe3a4d-7e222-gzip-gzip" vary Accept-Encoding, Accept-Encoding,Origin content-type application/javascript; charset=utf-8 cache-control max-age=259200 x-ez-minify-js 0.00% 516735 / 516738 expires Thu, 03 Feb 2022 01:19:06 GMT
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	79 KB 26 KB	104ms 103ms	Script text/javascript	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software sffe / Resource Hash c9828a1ce7c2b1e61515ee2778ebd22eccf33c093fe4fc6bdaef172ea418ebda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27098 x-xss-protection 0 server sffe etag "1118 / 90 of 1000 / last-modified: 1643411134" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Mon, 31 Jan 2022 01:19:06 GMT
GET H3	200	/ Show response pm.berush.com/widgets/traffic-analytics/ Frame 327F Redirect Chain https://www.berush.com/en/promo/widget-iframe-traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en	2 KB 630 B	121ms 121ms	Document text/html	34.120.116.101
General Check archive.org Show headers Download Go to Full URL https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Requested by Host: www.berush.com URL: https://www.berush.com/static/webpack_bundles/remote.js?v=9 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash 79a940041c794d797dcf19f6c10866017bad7de3cbb111c4b8dfed3cdef85da9 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ Response headers date Mon, 31 Jan 2022 01:19:06 GMT content-type text/html; charset=utf-8 vary Accept-Encoding Origin strict-transport-security max-age=15724800; includeSubDomains content-encoding br via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers date Mon, 31 Jan 2022 01:19:06 GMT content-type text/html content-length 166 location https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en strict-transport-security max-age=15724800; includeSubDomains via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	/ Show response pm.berush.com/widgets/backlink-analytics/ Frame 00DF Redirect Chain https://www.berush.com/en/promo/widget-iframe-backlink/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en	2 KB 564 B	119ms 118ms	Document text/html	34.120.116.101
General Check archive.org Show headers Download Go to Full URL https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Requested by Host: www.berush.com URL: https://www.berush.com/static/webpack_bundles/remote.js?v=9 Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash 113b0884200a7319de6c61881a2c982393bd1cc9df1e6d3a543639a815fcbbf1 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ Response headers date Mon, 31 Jan 2022 01:19:06 GMT content-type text/html; charset=utf-8 vary Accept-Encoding Origin strict-transport-security max-age=15724800; includeSubDomains content-encoding br via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers date Mon, 31 Jan 2022 01:19:06 GMT content-type text/html content-length 166 location https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en strict-transport-security max-age=15724800; includeSubDomains via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	css fonts.googleapis.com/ Frame 327F	4 KB 568 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=block Requested by Host: pm.berush.com URL: https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 985cfb2e9fbe2b8fa3ade887afc2c304e34e1637b7f4c6f5cab8dece8ba49a9b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 31 Jan 2022 01:19:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 31 Jan 2022 01:19:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 31 Jan 2022 01:19:07 GMT
GET H3	200	widget_traffic_analytics_sps3xf7.css pm.berush.com/source/widgets/traffic-analytics/ Frame 327F	4 KB 2 KB	8ms 7ms	Stylesheet text/css	34.120.116.101
General Check archive.org Show headers Download Go to Full URL https://pm.berush.com/source/widgets/traffic-analytics/widget_traffic_analytics_sps3xf7.css Requested by Host: pm.berush.com URL: https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash 10b0b629508beb4e1c838040bbf6f62b2a73fa6c39a9e87c7e0f2ce66ae11b1c Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding br age 4122 x-guploader-uploadid ADPycduXKMFs9lh6sVO3Z1OT4L0nCz47bRmVw6bLa-W_w_PrgXZ7wEo-glutebhEafPDnZ_JbfjP0RQkjKv25-9yzcGqSZODIg x-goog-storage-class STANDARD x-goog-metageneration 2 date Mon, 31 Jan 2022 00:10:25 GMT x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1546 last-modified Wed, 01 Apr 2020 12:48:30 GMT etag W/"f6ad3767e04871aa85d8e6cb1426cfda" vary Accept-Encoding, Origin x-goog-hash crc32c=al6N5g==, md5=9q03Z+BIcaqF2ObLFCbP2g== x-goog-generation 1585745310465392 via 1.1 google cache-control public, max-age=3600 x-goog-stored-content-length 3845 content-type text/css expires Mon, 31 Jan 2022 00:27:28 GMT
GET H3	200	index.js Show response pm.berush.com/source/widgets/traffic-analytics/ Frame 327F	1 KB 582 B	10ms 9ms	Script text/javascript	34.120.116.101
General Check archive.org Show headers Download Go to Full URL https://pm.berush.com/source/widgets/traffic-analytics/index.js Requested by Host: pm.berush.com URL: https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash 5ea3d3c10a013e25fcaf662418cd14ec1f11a4bce10f1fbfe2de8d7bb462699e Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/widgets/traffic-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding br age 3661 x-guploader-uploadid ADPycds--xuFcjAM_ZPexSIyitOcVcVCf-YH56xMEok-0Je3l2UbKUBDuuwzEQR4eEy2SUHkA3zNxtsBlYNx40r7Jl0yt9hUxg x-goog-storage-class STANDARD x-goog-metageneration 2 date Mon, 31 Jan 2022 00:18:06 GMT x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 552 last-modified Wed, 01 Apr 2020 12:48:33 GMT etag W/"0df5c4145c2fc6ad59a0ea633414109a" vary Accept-Encoding, Origin x-goog-hash crc32c=XxJCOw==, md5=DfXEFFwvxq1ZoOpjNBQQmg== x-goog-generation 1585745313064503 via 1.1 google cache-control public, max-age=3600 x-goog-stored-content-length 1387 content-type text/javascript expires Mon, 31 Jan 2022 01:18:06 GMT
GET H3	200	css fonts.googleapis.com/ Frame 00DF	4 KB 568 B	16ms 16ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=block Requested by Host: pm.berush.com URL: https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 985cfb2e9fbe2b8fa3ade887afc2c304e34e1637b7f4c6f5cab8dece8ba49a9b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 31 Jan 2022 01:19:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 31 Jan 2022 01:19:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 31 Jan 2022 01:19:07 GMT
GET H3	200	widget_backlink_QpR92oo.css pm.berush.com/source/widgets/backlink-analytics/ Frame 00DF	4 KB 2 KB	8ms 8ms	Stylesheet text/css	34.120.116.101
General Check archive.org Show headers Download Go to Full URL https://pm.berush.com/source/widgets/backlink-analytics/widget_backlink_QpR92oo.css Requested by Host: pm.berush.com URL: https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash d1ea4432c22652085a5ec8e3341a4028e7805638845b16400963211d4727f807 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding br age 4638 x-guploader-uploadid ADPycdulHPV9pihHEeSZsuxDCNkfYDgAPi9x0d-4CYDHntsDTYejcEPGIxwg_DXlpIiJCMs6SKxns8HNGIy2suCcsz8 x-goog-storage-class STANDARD x-goog-metageneration 2 date Mon, 31 Jan 2022 00:01:49 GMT x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1618 last-modified Wed, 01 Apr 2020 12:48:34 GMT etag W/"a11eede3c7368966e7d63bca5471fa42" vary Accept-Encoding, Origin x-goog-hash crc32c=cfltEA==, md5=oR7t48c2iWbn1jvKVHH6Qg== x-goog-generation 1585745314274186 via 1.1 google cache-control public, max-age=3600 x-goog-stored-content-length 4194 content-type text/css expires Mon, 31 Jan 2022 00:59:36 GMT
GET H3	200	index.js Show response pm.berush.com/source/widgets/backlink-analytics/ Frame 00DF	1 KB 579 B	9ms 8ms	Script application/javascript	34.120.116.101
General Check archive.org Show headers Download Go to Full URL https://pm.berush.com/source/widgets/backlink-analytics/index.js Requested by Host: pm.berush.com URL: https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash b86789a8c1629f6fe6df02ab7a1a93e4765332749305bb3884054c7e86292c26 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/widgets/backlink-analytics/?ref=3955359145&refer_source=&new_window=false&db=us&disable_ga=false&color=blue&lang=en User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains content-encoding br age 5541 x-guploader-uploadid ADPycdsV8iMuU519Njqe56-zXR5xKaYGTNMoxtP0lChvBk-KEuPPTzH8WmXGGEw2zoKfzVIwqUq1eafG_H1GXMxKcpU x-goog-storage-class STANDARD x-goog-metageneration 2 date Sun, 30 Jan 2022 23:46:46 GMT x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 549 last-modified Wed, 01 Apr 2020 12:48:30 GMT etag W/"6b39ccbf73b05cc1844fd1d3800cd52a" vary Accept-Encoding, Origin x-goog-hash crc32c=pupGMA==, md5=aznMv3OwXMGET9HTgAzVKg== x-goog-generation 1585745310584122 via 1.1 google cache-control public, max-age=3600 x-goog-stored-content-length 1371 content-type application/javascript expires Mon, 31 Jan 2022 00:19:58 GMT
GET H3	200	widget-backlink-bg.png pm.berush.com/source/widgets/backlink-analytics/ Frame 00DF	17 KB 17 KB	7ms 6ms	Image image/png	34.120.116.101
General Check archive.org Show headers Download Go to Show image Full URL https://pm.berush.com/source/widgets/backlink-analytics/widget-backlink-bg.png?v=1 Requested by Host: pm.berush.com URL: https://pm.berush.com/source/widgets/backlink-analytics/widget_backlink_QpR92oo.css Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash 588d668fc5334c96f5c78aac855cd07c5485ab014a678eb2a93c4c367ae96426 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/source/widgets/backlink-analytics/widget_backlink_QpR92oo.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains via 1.1 google age 6440 x-guploader-uploadid ADPycdvnh6CMQ7oWMfao7KoWWRsGolfjSW652DIih0Zd-79gVf-bnhcK7MQhlf2WceSp-m1-Tr-kfkixqLt1qwpJMQg3iIewew x-goog-storage-class STANDARD x-goog-metageneration 2 date Sun, 30 Jan 2022 23:31:47 GMT x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17218 last-modified Wed, 01 Apr 2020 12:48:33 GMT etag "eee2da804fed0b5f76684b6471575aff" vary Origin x-goog-hash crc32c=9UITug==, md5=7uLagE/tC192aEtkcVda/w== x-goog-generation 1585745313996725 cache-control public, max-age=3600 x-goog-stored-content-length 17218 accept-ranges bytes content-type image/png expires Sun, 30 Jan 2022 23:37:46 GMT
GET DATA	200 OK	truncated / Frame 00DF	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dc0b77ebc0250cbdcf372faf69258f945f7337508ca0de017a3a9e04552b6133 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H3	200	4iCv6KVjbNBYlgoCxCvjsGyN.woff2 fonts.gstatic.com/s/ubuntu/v19/ Frame 00DF	29 KB 29 KB	25ms 11ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v19/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=block Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pm.berush.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 19:33:05 GMT x-content-type-options nosniff age 366362 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29752 x-xss-protection 0 last-modified Wed, 26 Jan 2022 18:56:34 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 26 Jan 2023 19:33:05 GMT
GET H3	200	4iCs6KVjbNBYlgoKfw72.woff2 fonts.gstatic.com/s/ubuntu/v19/ Frame 00DF	34 KB 34 KB	36ms 22ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v19/4iCs6KVjbNBYlgoKfw72.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=block Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pm.berush.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 19:33:05 GMT x-content-type-options nosniff age 366362 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34852 x-xss-protection 0 last-modified Wed, 26 Jan 2022 18:56:27 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 26 Jan 2023 19:33:05 GMT
GET H3	200	widget-traffic-analytics-bg.png pm.berush.com/source/widgets/traffic-analytics/ Frame 327F	139 KB 139 KB	7ms 7ms	Image image/png	34.120.116.101
General Check archive.org Show headers Download Go to Show image Full URL https://pm.berush.com/source/widgets/traffic-analytics/widget-traffic-analytics-bg.png Requested by Host: pm.berush.com URL: https://pm.berush.com/source/widgets/traffic-analytics/widget_traffic_analytics_sps3xf7.css Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 -, , ASN (), Reverse DNS Software / Resource Hash 9c7db4c3d4af24078024cd3e223ec8cbf8a3fd82eda9bbc544823915ec3ed461 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://pm.berush.com/source/widgets/traffic-analytics/widget_traffic_analytics_sps3xf7.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=15724800; includeSubDomains via 1.1 google age 3282 x-guploader-uploadid ADPycdvBCYeyNM78pByfbU820LvC495iqkZ0z3BONkTctW7EqZs4JDOQ5j4LlM7dDd7Qnl1xZu1dn8xo-104Ay7VOlg x-goog-storage-class STANDARD x-goog-metageneration 2 date Mon, 31 Jan 2022 00:24:25 GMT x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 142066 last-modified Wed, 01 Apr 2020 12:48:33 GMT etag "3054cc43eace31ab1d888549e41d0d2c" vary Origin x-goog-hash crc32c=vv/WoA==, md5=MFTMQ+rOMasdiIVJ5B0NLA== x-goog-generation 1585745313444876 cache-control public, max-age=3600 x-goog-stored-content-length 142066 accept-ranges bytes content-type image/png expires Mon, 31 Jan 2022 01:11:54 GMT
GET DATA	200 OK	truncated / Frame 327F	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dc0b77ebc0250cbdcf372faf69258f945f7337508ca0de017a3a9e04552b6133 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H3	200	4iCv6KVjbNBYlgoCxCvjsGyN.woff2 fonts.gstatic.com/s/ubuntu/v19/ Frame 327F	29 KB 29 KB	32ms 18ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v19/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=block Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pm.berush.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 19:33:05 GMT x-content-type-options nosniff age 366362 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29752 x-xss-protection 0 last-modified Wed, 26 Jan 2022 18:56:34 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 26 Jan 2023 19:33:05 GMT
GET H3	200	4iCs6KVjbNBYlgoKfw72.woff2 fonts.gstatic.com/s/ubuntu/v19/ Frame 327F	34 KB 34 KB	26ms 14ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ubuntu/v19/4iCs6KVjbNBYlgoKfw72.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700&display=block Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://pm.berush.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 26 Jan 2022 19:33:05 GMT x-content-type-options nosniff age 366362 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 34852 x-xss-protection 0 last-modified Wed, 26 Jan 2022 18:56:27 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 26 Jan 2023 19:33:05 GMT
POST H2	200	check Show response coinbase.mobi.w3snoop.com/permissions/	31 B 453 B	363ms 362ms	XHR application/json	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/permissions/check?type=all Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ezossp/https/w3snoop.com/js/app.js?screx=1&sxcb=5a&v=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 63fb61d3bd498b931c536a7857b29df7d522ad80471e8505fe3b28fbeedc84e4 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://coinbase.mobi.w3snoop.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:07 GMT content-encoding br x-content-type-options nosniff x-sol pub_site display staticcontent_sol x-middleton-display staticcontent_sol x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,Origin content-length 35 x-xss-protection 1; mode=block response 200 server nginx x-frame-options SAMEORIGIN access-control-max-age 1728000 access-control-allow-methods POST, GET, OPTIONS content-type application/json access-control-allow-origin https://coinbase.mobi.w3snoop.com cache-control no-cache, private
POST H2	200	check Show response coinbase.mobi.w3snoop.com/search/	1 B 343 B	390ms 390ms	XHR application/json	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://coinbase.mobi.w3snoop.com/search/check?url=https:%2F%2Fcoinbase.mobi.w3snoop.com%2F Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/ezossp/https/w3snoop.com/js/app.js?screx=1&sxcb=5a&v=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://coinbase.mobi.w3snoop.com/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:07 GMT x-content-type-options nosniff x-sol pub_site display staticcontent_sol x-middleton-display staticcontent_sol x-middleton-response 200 vary Accept-Encoding, Accept-Encoding,Origin content-length 1 x-xss-protection 1; mode=block response 200 server nginx x-frame-options SAMEORIGIN access-control-max-age 1728000 access-control-allow-methods POST, GET, OPTIONS content-type application/json access-control-allow-origin https://coinbase.mobi.w3snoop.com cache-control no-cache, private
GET H2	200	attention.png w3snoop.com/images/icons/	15 KB 2 KB	461ms 461ms	Image image/png	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://w3snoop.com/images/icons/attention.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash c35b97211df5ec06f88b6824e9ecf765cbaafe9b3040b7afecafe80c9e2dc89e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:07 GMT content-encoding br x-content-type-options nosniff display staticcontent_sol x-middleton-display staticcontent_sol x-middleton-response 200 content-length 1632 x-xss-protection 1; mode=block response 200 last-modified Sun, 30 Jan 2022 23:11:22 GMT server nginx x-frame-options SAMEORIGIN etag "5e49f91d-3b7c-gzip" vary Accept-Encoding, Origin,Accept-Encoding content-type image/png cache-control public, max-age=31536000
GET H2	200	info.png coinbase.mobi.w3snoop.com/images/icons/	196 B 526 B	27ms 27ms	Image image/webp	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coinbase.mobi.w3snoop.com/images/icons/info.png?ezimgfmt=rs:12x12/rscb5/ng:webp/ngcb5 Requested by Host: coinbase.mobi.w3snoop.com URL: https://coinbase.mobi.w3snoop.com/detroitchicago/cmbv2.js?gcb=195-7&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y1e-2y20-2y1f-5y21-3y34-23y57-21&cmbcb=20&sj=x04x02x06x07x19x0bx0dx13x17x1cx1ex20x1fx21x34x57 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash ede737173b04cf62cc39dc1942f8e5579c8ff36109f29c6c9648998ae6d539d8 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:07 GMT content-encoding br age 6 x-amzn-requestid 4a04256a-ca46-4d76-9ce7-b9525f45c6cf x-cache Hit from cloudfront x-middleton-display staticcontent_sol x-middleton-response 200 x-amz-apigw-id MyXY4GYVoAMFrOQ= content-length 200 display staticcontent_sol response 200 server nginx x-amzn-trace-id Root=1-61f73905-34b280a830533b283e01e448;Sampled=0 vary Accept-Encoding, Origin,Accept-Encoding access-control-allow-methods GET content-type image/webp via 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront) cache-control public, max-age=31536000 access-control-allow-credentials true x-amz-cf-pop FRA56-P3 access-control-allow-headers Content-Type, Authorization x-amz-cf-id 615-x-6_VuGzXtbHUWvZFO33z6g1XzQnCa4Bmfg3cQs1W2ZQsJGz1Q==
GET H2	200	storeconsent coinbase.mobi.w3snoop.com/cmp/	43 B 214 B	24ms 23ms	Image image/gif	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coinbase.mobi.w3snoop.com/cmp/storeconsent?data=-1%3D0%7C1%3D1%7C2%3D1%7C3%3D1%7C4%3D1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:07 GMT content-encoding br server nginx vary Accept-Encoding, Accept-Encoding content-type image/gif x-middleton-display cmp_storeconsent cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 47 expires Sun, 30 Jan 2022 01:19:07 GMT
GET H2	200	cookie-policy.png coinbase.mobi.w3snoop.com/images/icons/	15 KB 2 KB	456ms 455ms	Image image/png	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coinbase.mobi.w3snoop.com/images/icons/cookie-policy.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 92485ca9502653069187cf3ac9e19020b8b1f1e5db0a99c1a633c3120a4a9320 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:08 GMT content-encoding br x-content-type-options nosniff display staticcontent_sol x-middleton-display staticcontent_sol x-middleton-response 200 content-length 1994 x-xss-protection 1; mode=block response 200 last-modified Sun, 30 Jan 2022 07:12:21 GMT server nginx x-frame-options SAMEORIGIN etag "5e49f91d-3ce5-gzip" vary Accept-Encoding, Origin,Accept-Encoding content-type image/png cache-control public, max-age=31536000
GET H2	200	cl.gif coinbase.mobi.w3snoop.com/detroitchicago/	43 B 148 B	15ms 15ms	Image image/gif	18.159.80.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://coinbase.mobi.w3snoop.com/detroitchicago/cl.gif?pvID=911f5b67-6b18-4260-434c-8f8097bbc1cc&dID=86868 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-80-129.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:07 GMT content-encoding br server nginx vary Accept-Encoding, Accept-Encoding, Accept-Encoding content-type image/gif x-middleton-display imp_sol cache-control private, max-age=0, must-revalidate, no-cache, no-store content-length 47 expires Sun, 30 Jan 2022 01:19:05 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	43ms 19ms	Script application/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=coinbase.mobi.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Mon, 31 Jan 2022 01:19:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	43ms 19ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=coinbase.mobi.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Mon, 31 Jan 2022 01:19:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	2 KB 286 B	457ms 456ms	XHR text/plain	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=514044485897115&correlator=182165654021153&output=ldjh&impl=fifs&eid=31061815%2C31064560%2C31062931&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=1254144%3A15511903%2Cw3snoop_com-box-2%2Cw3snoop_com-box-3%2Cw3snoop_com-box-4%2Cw3snoop_com-box-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=300x250%2C468x60%2C300x250%2C300x250&prev_scp=a%3D%257C3%257C%26iid1%3D3471812145632254%26eid%3D3471812145632254%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1142%26sap%3D1142%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dw3snoop_com-box-2-3471812145632254%26eb_br%3D90c3c48d0172916d27c102ea4aa9d49c%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D0%26bvm%3D4%26bvr%3D7%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D300%26br2%3D160%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C206%2C154%2C27%2C51%2C131%2C88%2C20%2C26%2C171%2C205%2C0%2C158%2C173%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C815%2C899%2C919%2C1794%2C2310%2C2339%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26hb_bidder%3Drubicon%26hb_adid%3D97abc321645d2a5%26hb_format%3Dbanner%26hb_ssid%3D10063%26hb_opt%3D0.01%26hb_rt%3Dclient%7Ca%3D%257C251%257C%26iid1%3D8760038503627847%26eid%3D8760038503627847%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1121%26sap%3D1121%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dw3snoop_com-box-3-8760038503627847%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D0%26bvm%3D3%26bvr%3D6%26shp%3D1%26ftsn%3D3%26br1%3D350%26br2%3D180%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C168%2C0%2C67%2C0%2C193%2C20%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C760%2C815%2C816%2C817%2C899%2C903%2C919%2C1794%2C2310%2C2339%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26hb_bidder%3Dsovrn%26hb_adid%3D939579e60a91b2b%26hb_format%3Dbanner%26hb_ssid%3D10017%26hb_opt%3D0.04%26hb_rt%3Ds2s%7Ca%3D%257C1%257C%26iid1%3D8005711529613189%26eid%3D8005711529613189%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1136%26sap%3D1136%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D3%26al%3D1003%26compid%3D0%26tap%3Dw3snoop_com-box-4-8005711529613189%26eb_br%3D26dfa00588543c52511429ade391f561%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D0%26bvm%3D1%26bvr%3D2%26shp%3D1%26ftsn%3D3%26br1%3D550%26br2%3D280%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D77%2C193%2C0%2C4%2C0%2C168%2C20%2C192%2C192%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C919%2C1794%2C2339%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26hb_bidder%3Drubicon%26hb_adid%3D9050e3f8da87c92%26hb_format%3Dbanner%26hb_ssid%3D10063%26hb_opt%3D0.05%26hb_rt%3Dclient%7Ca%3D%257C6%257C%26iid1%3D7951253621660735%26eid%3D7951253621660735%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1130%26sap%3D1130%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Dw3snoop_com-box-1-7951253621660735%26eb_br%3D26dfa00588543c52511429ade391f561%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D0%26bvm%3D1%26bvr%3D2%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D550%26br2%3D280%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D34%2C193%2C0%2C4%2C0%2C168%2C192%2C192%2C192%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C893%2C899%2C903%2C919%2C1794%2C2339%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie=ID%3D13f34f6d326ecc91-221ecfbe2fcd0076%3AT%3D1643591942%3AS%3DALNI_MaUSnMuxPC0hRdEEt-8Vc-j5tB67w&bc=31&abxe=1&dt=1643591947737&lmt=1643591947&dlt=1643591940570&idt=759&frm=20&biw=1600&bih=1200&oid=2&adxs=650%2C729%2C813%2C341&adys=2%2C565%2C794%2C565&adks=3539511386%2C3313998340%2C3335128194%2C1565097542&ucis=2%7C3%7C4%7C5&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x250%7C602x60%7C602x250%7C309x264&msz=300x250%7C468x60%7C300x250%7C300x250&ga_vid=1531294102.1643591942&ga_sid=1643591942&ga_hid=176981349&ga_fc=true&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 5636e87b150118e3dd1b10a16cfdfe83792c44c933565390ab39e558aaa7e1d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:08 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 257 x-xss-protection 0 google-lineitem-id -2,-2,-2,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2,-2,-2,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://coinbase.mobi.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	24ms 23ms	Script application/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=coinbase.mobi.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Mon, 31 Jan 2022 01:19:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	25ms 25ms	Script application/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=coinbase.mobi.w3snoop.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Mon, 31 Jan 2022 01:19:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	441 B 261 B	317ms 316ms	XHR text/plain	142.250.184.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=514044485897115&correlator=4186414143014202&output=ldjh&impl=fifs&eid=31061815%2C31064560%2C31062931&vrg=2022012506&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=1254144%3A15511903%2Cw3snoop_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&prev_scp=a%3D%257C1%257C%26iid1%3D5239272953625444%26eid%3D5239272953625444%26t%3D134%26d%3D86868%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dw3snoop_com-medrectangle-2-5239272953625444%26eb_br%3D26dfa00588543c52511429ade391f561%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10063%2C11304%2C11307%26asau%3D8925457851%26bv%3D31%26bvm%3D3%26bvr%3D7%26shp%3D1%26ftsn%3D3%26br1%3D550%26br2%3D280%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C168%2C192%2C192%2C192%2C197%2C187%2C0%2C901%2C182%2C901%2C902%2C903%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C1794%2C2339%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26hb_bidder%3Drubicon%26hb_adid%3D922a848d81a5f53%26hb_format%3Dbanner%26hb_ssid%3D10063%26hb_opt%3D0.16%26hb_rt%3Dclient&eri=1&cookie=ID%3D13f34f6d326ecc91-221ecfbe2fcd0076%3AT%3D1643591942%3AS%3DALNI_MaUSnMuxPC0hRdEEt-8Vc-j5tB67w&bc=31&abxe=1&dt=1643591947830&lmt=1643591947&dlt=1643591940570&idt=759&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1110&adks=881660063&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fcoinbase.mobi.w3snoop.com%2F&vis=1&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=1531294102.1643591942&ga_sid=1643591942&ga_hid=176981349&ga_fc=true&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012506.js?31064560 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f2.1e100.net Software cafe / Resource Hash 172c12c9742300475f102cd13de915edeffc092cf2e114aae968bcb49a7552c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://coinbase.mobi.w3snoop.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Mon, 31 Jan 2022 01:19:08 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 232 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://coinbase.mobi.w3snoop.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT