urlscan.io logo urlscan.io
SecurityTrails logo

cdn.base64decode.org Open in urlscan Pro
2606:4700:3034::ac43:827a  Public Scan

Go To Rescan Add Verdict Report
URL: http://cdn.base64decode.org/
Submission: On May 05 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3034::ac43:827a, located in United States and belongs to CLOUDFLARENET, US. The main domain is cdn.base64decode.org. The Cisco Umbrella rank of the primary domain is 826107.
This is the only time cdn.base64decode.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    2606:4700:3034::ac43:827a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.base64decode.org
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:ef::5c7b:c279 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.fuseplatform.net
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2600:9000:206f:4a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
3    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:400e:800::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400e:80f::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700:20::ac43:4acf (United States)

ASN13335 (CLOUDFLARENET, US)
publift-com.videoplayerhub.com
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
Apex Domain
Subdomains		 Transfer
6 base64decode.org
cdn.base64decode.org — Cisco Umbrella Rank: 826107
181 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 245
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
154 KB
3 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2350
8 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 2260
1 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1970
api.btloader.com — Cisco Umbrella Rank: 2221
10 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
20 KB
2 fuseplatform.net
cdn.fuseplatform.net — Cisco Umbrella Rank: 29465
131 KB
1 videoplayerhub.com
publift-com.videoplayerhub.com — Cisco Umbrella Rank: 63669
541 B
1 google.de
www.google.de — Cisco Umbrella Rank: 3632
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 20
501 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 142
40 KB
24 11
Domain Requested by
6 cdn.base64decode.org cdn.base64decode.org
3 securepubads.g.doubleclick.net cdn.fuseplatform.net
securepubads.g.doubleclick.net
3 quantcast.mgr.consensu.org cdn.fuseplatform.net
quantcast.mgr.consensu.org
2 ad-delivery.net cdn.base64decode.org
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.fuseplatform.net cdn.base64decode.org
cdn.fuseplatform.net
1 api.btloader.com publift-com.videoplayerhub.com
1 btloader.com cdn.base64decode.org
1 publift-com.videoplayerhub.com 1 redirects
1 www.google.de cdn.base64decode.org
1 www.google.com cdn.base64decode.org
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com cdn.base64decode.org
24 13
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-18 -
2022-06-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
cdn.fuseplatform.net
R3		 2022-03-28 -
2022-06-26		 3 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2022-03-25 -
2023-04-23		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2022-04-24 -
2022-07-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://cdn.base64decode.org/
Frame ID: 48C410D422D740B39C01509B33CD2325
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Base64 Decode and Encode - Online

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org

Page Statistics

24
Requests

88 %
HTTPS

85 %
IPv6

11
Domains

13
Subdomains

13
IPs

4
Countries

547 kB
Transfer

1398 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://publift-com.videoplayerhub.com/galleryplayer.js HTTP 301
  • https://btloader.com/tag?h=publift-com&upapi=true

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cdn.base64decode.org/ 		34 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cdn.base64decode.org/
Protocol
HTTP/1.1
Server
2606:4700:3034::ac43:827a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dbfb8a6159a20a916566f2d2caf8ab1feaa228ed9cb7584839de29519369183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
706a26bf69d29c00-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Thu, 05 May 2022 14:26:28 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FTjvGprjs%2BxVMDh2BDDWQMSy4S%2FFM8IbSEWJKPPP598w3IIZk79fQG99suSR1eYiihoza0jt4yrJUzK4HjTb1u5LxsN1FvxDBv5Ne0tfzrUN%2BUNp7V0i0%2F42x5EeFub8Z0Xz3TDrzTOWT08pt4PhNSgfg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
sameorigin
X-XSS-Protection
1; mode=block
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
fa-regular-400.woff
cdn.base64decode.org/assets/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.base64decode.org/assets/fonts/fa-regular-400.woff?v=2
Requested by
Host: cdn.base64decode.org
URL: http://cdn.base64decode.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:827a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43a881161585db16179f70e53240a274f209aff03aafbcc34bc32e17fb4d95c6

Request headers

Referer
http://cdn.base64decode.org/
Origin
http://cdn.base64decode.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:26:28 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16804
last-modified
Wed, 31 Mar 2021 18:36:21 GMT
server
cloudflare
etag
"6064c125-41a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QonIESQWqle%2FIWDAL8x7jvwph2JlllRVYDTkjd18PGmrarH9%2FQBiyj%2F7R99dmW6bMQs0zUvHOI0YCogfyRfSt3RJkL1atFLG55l6%2F8iH%2F8b11VkrE8gPo%2B8dNgEkmw4tF5Z7SKLPlXdXy3UJ3wO1Tr0w6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
706a26c079b79018-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-solid-900.woff
cdn.base64decode.org/assets/fonts/ 		96 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.base64decode.org/assets/fonts/fa-solid-900.woff?v=2
Requested by
Host: cdn.base64decode.org
URL: http://cdn.base64decode.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:827a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd5fcdf6f4b330bf82965887ef6b9196b8d27855eddee99ac04fb63de0e351e

Request headers

Referer
http://cdn.base64decode.org/
Origin
http://cdn.base64decode.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:26:28 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
98384
last-modified
Wed, 31 Mar 2021 18:36:21 GMT
server
cloudflare
etag
"6064c125-18050"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGhpkTR7QiWjSTtS7RqUpUx66gYkelfcL3FkeLBD9TIOtaSneZQgzwCTtm4xEtPXEZSnSUtx2ClenfaDKPQqGzb3SZtI6RQnvkDxN72fJaYmBCKEU8IQIPVGlQkckiN3%2BalIRfvIa%2FVMbU4LijqEriO1pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
706a26c079ba9018-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
cdn.base64decode.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.base64decode.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: cdn.base64decode.org
URL: http://cdn.base64decode.org/
Protocol
HTTP/1.1
Server
2606:4700:3034::ac43:827a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Thu, 05 May 2022 14:26:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Tue, 03 May 2022 15:11:44 GMT
Server
cloudflare
ETag
W/"62714630-4d7"
X-Frame-Options
DENY
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v1BNXLRbmp0pWiE6orWyvJpjFdituI1D97rco1hJRwDSdX2iCTLQ8C1HXkctzjlZu8HTTqcT6PQgBiLpiMax8n9xkRvV5cSW%2BQd3rqGXW6CdY3%2FAW6q6%2F%2FIdMQtPSjJeUNDUi8MrKI8l0kNOtfWGGFIeSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Cache-Control
max-age=172800, public
CF-RAY
706a26c04baf9c00-FRA
Expires
Sat, 07 May 2022 14:26:28 GMT
js
www.googletagmanager.com/gtag/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-74823759-10
Requested by
Host: cdn.base64decode.org
URL: http://cdn.base64decode.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
833cdfb0c07feeb405ca08ba12f7d3beb35eb0810cdef558e24484829731bfdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:26:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40736
x-xss-protection
0
last-modified
Thu, 05 May 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 05 May 2022 14:26:28 GMT
bundle.d4e9d6eadaa5e159a480f305ea9a35f482d338d7.js
cdn.base64decode.org/assets/build/ 		114 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.base64decode.org/assets/build/bundle.d4e9d6eadaa5e159a480f305ea9a35f482d338d7.js
Requested by
Host: cdn.base64decode.org
URL: http://cdn.base64decode.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:827a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d126779bbec484e15305c244988b884bd3bd77c0a44a03bbbd04ffd65047db15

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:26:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
259096
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 13 Mar 2022 13:15:55 GMT
server
cloudflare
etag
W/"622dee8b-1c75e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FC%2BacOfPSUgqMLpI9d0OJ5YbXsvUmzIJGfO8CPad1G4JzAw7CH3MQm0JEk5UZnB2bO6teSNw11NTqTEI1j2FMbTmxn%2BL87q2DRZTvERyboSp2jmWGbA5cdlN9MKcUFNP7wtKI%2Fvpx7Vl98JJd14KVf9v7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000, public
cf-ray
706a26c08a3d9bc2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
pattern.webp
cdn.base64decode.org/assets/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.base64decode.org/assets/images/pattern.webp
Requested by
Host: cdn.base64decode.org
URL: http://cdn.base64decode.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:827a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cd087fc705e623de96fc596e2608eebf1c0332e9edfbcb033c36daf83ad4e9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:26:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
259096
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17550
last-modified
Wed, 31 Mar 2021 18:36:21 GMT
server
cloudflare
etag
"6064c125-448e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l5nbcGkUIxSLe3t9uQyCtucym6z9COiQsmLLyCJkfnEUm373BT9X9YkKuP4vrLEExCEIoj%2FwFbUKReVLuRVpkeEeccZGppBJV98If7VwnC5IHA2MQsjRcJjTZeIab%2FQvwKZJ0NWbp1aplcb3kyDO054Iag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
706a26c08a3e9bc2-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
981a058f5aa01c0bfb8cb6b9fa67cd95fda3ffa110e70b19a6f358c7249647a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
fuse.js
cdn.fuseplatform.net/publift/tags/2/2285/ 		187 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/publift/tags/2/2285/fuse.js
Requested by
Host: cdn.base64decode.org
URL: https://cdn.base64decode.org/assets/build/bundle.d4e9d6eadaa5e159a480f305ea9a35f482d338d7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c279 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
603658930a471d1a943e0e5dce91db5d4f9e204147870199c93bac0cc7985af7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:26:28 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 07:10:51 GMT
server
AkamaiNetStorage
etag
"1bcbe4d6227c223ab492bd84e0b5be9c:1651561851.651574"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
44655
expires
Thu, 05 May 2022 14:56:28 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-74823759-10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
439
date
Thu, 05 May 2022 14:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 05 May 2022 16:19:09 GMT
choice.js
quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/cdn.base64decode.org/ 		0
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/PRrmquD1Ggcb1/cdn.base64decode.org/choice.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2285/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:26:28 GMT
via
1.1 b3dc72c60418e8887de31f772538f118.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
FRA56-C1
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
http://cdn.base64decode.org
access-control-max-age
3000
cache-control
max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
x-cache
Error from cloudfront
x-amz-cf-id
VOhyCyR2TAYsmap4Umi6tVH3i1AF-V4WUxEMco9sDsfB8yXRL5tjDA==
prebid.js
cdn.fuseplatform.net/publift/tags/2/2285/ 		276 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.fuseplatform.net/publift/tags/2/2285/prebid.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2285/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c279 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
882d8d8f701b11b0eda5b615c44ef18785a69b80ec1f104e23449196f0107e80

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:26:28 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 07:10:51 GMT
server
AkamaiNetStorage
etag
"a892785a552be54531ec41d02fb3c888:1651561851.648471"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
88301
expires
Thu, 05 May 2022 14:56:28 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2285/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
10621497cf0e33b570ec6837e5698c1e704fd54919ceac1cd5665e797f1e392c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28483
x-xss-protection
0
server
sffe
etag
"1205 / 547 of 1000 / last-modified: 1651748848"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 05 May 2022 14:26:29 GMT
collect
www.google-analytics.com/j/ 		2 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=854226241&t=pageview&_s=1&dl=http%3A%2F%2Fcdn.base64decode.org%2F&ul=en-us&de=UTF-8&dt=Base64%20Decode%20and%20Encode%20-%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1218443932&gjid=642888376&cid=750047006.1651760789&tid=UA-74823759-10&_gid=1054275192.1651760789&_r=1&gtm=2ou540&z=2051481374
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://cdn.base64decode.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 05 May 2022 14:26:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://cdn.base64decode.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-74823759-10&cid=750047006.1651760789&jid=1218443932&gjid=642888376&_gid=1054275192.1651760789&_u=YEBAAUAAAAAAAC~&z=625032343
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://cdn.base64decode.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 05 May 2022 14:26:29 GMT
content-type
text/plain
access-control-allow-origin
http://cdn.base64decode.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-74823759-10&cid=750047006.1651760789&jid=1218443932&_u=YEBAAUAAAAAAAC~&z=491757629
Requested by
Host: cdn.base64decode.org
URL: http://cdn.base64decode.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:800::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 14:26:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-74823759-10&cid=750047006.1651760789&jid=1218443932&_u=YEBAAUAAAAAAAC~&z=491757629
Requested by
Host: cdn.base64decode.org
URL: http://cdn.base64decode.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80f::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 05 May 2022 14:26:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022050401.js
securepubads.g.doubleclick.net/gpt/ 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
463f3a36ad85e31f7b490397a006aeb2b9ebcaa9929f50c35fb766e6ee3005a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 13:41:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2715
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127725
x-xss-protection
0
last-modified
Wed, 04 May 2022 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 05 May 2023 13:41:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		116 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cdn.base64decode.org
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
971d95f0892678ee416dcfe25aeeda420ea8a5c0f04301a34a677233ad67509a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 05 May 2022 14:26:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99
x-xss-protection
0
expires
Thu, 05 May 2022 14:26:29 GMT
tag
btloader.com/
Redirect Chain
  • https://publift-com.videoplayerhub.com/galleryplayer.js
  • https://btloader.com/tag?h=publift-com&upapi=true
32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=publift-com&upapi=true
Requested by
Host: cdn.base64decode.org
URL: http://cdn.base64decode.org/
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc75ed403dbc925472624d82b528c14adf271a6f28b1282ab9752fc6eb9ed12c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:26:29 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82
content-length
9355
last-modified
Thu, 05 May 2022 14:23:08 GMT
server
cloudflare
etag
"6e569b6b8454266241df7c4d7f24da2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nbEuj%2F34HD3JwxcS6KDWYBG%2Bkb%2FnXKZ38%2BJcyTejJhuo%2BIuysAXN7EP0ynz0xD1KL5qREazOvYxCisCUUH56NvG8Gwltx9lkGjaTz0MD4CHTlmZeTLpvRAknDu1j%2BBfZQribr%2FIl6P3pFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=300, must-revalidate, no-transform
accept-ranges
bytes
cf-ray
706a26c53e2e917d-FRA

Redirect headers

date
Thu, 05 May 2022 14:26:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5dk6LgXFo5%2FcArsdBeFvR4%2BQ65ivtSFp8A6mRzGDvX%2BQX5Ta7i%2BWBYyAAWIQhmUYZujLH7%2BH85uDkpxTPKk7xt6W5ga05xLru%2BeH8bISasZas11Ij2iq%2BBuvRHFivOSpc82BQcMlP9L99saNyEXLvpTN2x0uQzE%2BcvoOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=publift-com&upapi=true
cache-control
max-age=3600
cf-ray
706a26c47881927d-FRA
expires
Thu, 05 May 2022 15:26:29 GMT
choice.js
quantcast.mgr.consensu.org/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice.js
Requested by
Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2285/fuse.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70d4d7732038bafed4923d082813743f1574c2c486829e9cb40ef91754995ba5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:26:29 GMT
content-encoding
gzip
etag
W/"152419aec08a79823165ba7ac2461d1d"
last-modified
Thu, 21 Jan 2021 17:35:15 GMT
server
AmazonS3
age
11
x-amz-server-side-encryption
AES256
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
nEYfndEy8fkahE5pz3hJviaEba_qEAFA2CsPQBAoAv2Nep1x7OgWJg==
cmp.js
quantcast.mgr.consensu.org/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/cmp.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:25:34 GMT
content-encoding
gzip
etag
W/"51870ee6d5cb32ca5311356b296af21f"
last-modified
Tue, 09 Mar 2021 20:17:06 GMT
server
AmazonS3
age
57
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
D2c5RugfBmUy2JoQVeQ5a7o7ePRUopOMxB2FyhccNTTfBiFjXWwp6Q==
px.gif
ad-delivery.net/ 		43 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: cdn.base64decode.org
URL: http://cdn.base64decode.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Thu, 05 May 2022 14:26:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
339074
x-guploader-uploadid
ADPycdse5asXrTV7KacSC9CsVztbGifpfcI6HXD5NFRC92fSV5W61ivFGwJk37iqGf4-ggDWX2avzgvGTkaPSVRKMm_cm9ss_g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mgMeJx%2BVDfC3dxTixIe5C5ZMC4jGf20%2BdDaLlNpsDVaZAOCzex1UqbwGhTiqARvM2wpC0SIN8jPSizLdAwSart4Vr%2B2FbRq0AIzziqJ7sC75nIF%2Bwi%2BdXFDfOxzhpQbGbx%2BAJCTTmDEGvQDQg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
706a26c59ec4918f-FRA
expires
Sun, 01 May 2022 17:15:15 GMT
px.gif
ad-delivery.net/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.5083728315720277
Requested by
Host: cdn.base64decode.org
URL: http://cdn.base64decode.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
date
Thu, 05 May 2022 14:26:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
339074
x-guploader-uploadid
ADPycdse5asXrTV7KacSC9CsVztbGifpfcI6HXD5NFRC92fSV5W61ivFGwJk37iqGf4-ggDWX2avzgvGTkaPSVRKMm_cm9ss_g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-type
image/gif
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igKW6%2F3S0wgNjPmn0Kh%2FAgFIIi4GyjLCFbsirqCn4VzS2fNSBMBGleLgLGjEuZBVjGDao56rDv%2FUoJ6oX8ABKoX0NqqU8I2KTuqGMl9OGGdu9qjAtabwsvF1KY4UO5aznvRT6TQYZFukJC8%2BUA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1620242732037093
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
706a26c59ec6918f-FRA
expires
Sun, 01 May 2022 17:15:15 GMT
pv
api.btloader.com/ 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=9lQ1JmxHv&w=5762358153576448&o=5708166709903360&cv=2.0.8-7-ge5f3c07&r=false&vr=1600x1200&pageURL=http%3A%2F%2Fcdn.base64decode.org%2F&upapi=true
Requested by
Host: publift-com.videoplayerhub.com
URL: https://publift-com.videoplayerhub.com/galleryplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cdn.base64decode.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 05 May 2022 14:26:29 GMT
cache-control
no-cache, no-store, must-revalidate
vary
Origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone function| gtag object| dataLayer string| siteDomain boolean| blockAds object| templates object| options boolean| liveMode function| liveParse function| saveOptions function| unicodeBase64Decode function| unicodeBase64Encode function| unicodeURLDecode function| unicodeURLEncode function| $ function| jQuery function| Cookies object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| fusePbjs object| fusetag function| __tcfapi object| googletag object| gaplugins object| gaGlobal object| gaData function| fusePbjsChunk object| _pbjsGlobals object| pbjs object| ggeac object| google_js_reporting_queue function| __cmp object| core function| __uspapi undefined| google_measure_js_timing object| __bt_tag_d object| __bt_intrnl boolean| __bt_already_invoked

4 Cookies

Domain/Path Name / Value
cdn.fuseplatform.net/ Name: akacd_base64decode
Value: 1654352788~rv=96~id=c80d57102e8b7218e1e5e95326e8dcd0
.base64decode.org/ Name: _ga
Value: GA1.2.750047006.1651760789
.base64decode.org/ Name: _gid
Value: GA1.2.1054275192.1651760789
.base64decode.org/ Name: _gat_gtag_UA_74823759_10
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-delivery.net
api.btloader.com
btloader.com
cdn.base64decode.org
cdn.fuseplatform.net
publift-com.videoplayerhub.com
quantcast.mgr.consensu.org
securepubads.g.doubleclick.net
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
130.211.23.194
142.250.186.162
2600:9000:206f:4a00:9:46dc:4700:93a1
2606:4700:20::681a:346
2606:4700:20::681a:78b
2606:4700:20::ac43:4acf
2606:4700:3034::ac43:827a
2a00:1450:4001:810::2008
2a00:1450:4001:82a::200e
2a00:1450:400c:c08::9a
2a00:1450:400e:800::2004
2a00:1450:400e:80f::2003
2a02:26f0:ef::5c7b:c279
10621497cf0e33b570ec6837e5698c1e704fd54919ceac1cd5665e797f1e392c
1cd087fc705e623de96fc596e2608eebf1c0332e9edfbcb033c36daf83ad4e9e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2dbfb8a6159a20a916566f2d2caf8ab1feaa228ed9cb7584839de29519369183
43a881161585db16179f70e53240a274f209aff03aafbcc34bc32e17fb4d95c6
463f3a36ad85e31f7b490397a006aeb2b9ebcaa9929f50c35fb766e6ee3005a6
603658930a471d1a943e0e5dce91db5d4f9e204147870199c93bac0cc7985af7
60d8c88007dd47e378850d031990400b01e7932cca0a2654dd662a95aa31e77a
70d4d7732038bafed4923d082813743f1574c2c486829e9cb40ef91754995ba5
7dd5fcdf6f4b330bf82965887ef6b9196b8d27855eddee99ac04fb63de0e351e
833cdfb0c07feeb405ca08ba12f7d3beb35eb0810cdef558e24484829731bfdf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
882d8d8f701b11b0eda5b615c44ef18785a69b80ec1f104e23449196f0107e80
971d95f0892678ee416dcfe25aeeda420ea8a5c0f04301a34a677233ad67509a
981a058f5aa01c0bfb8cb6b9fa67cd95fda3ffa110e70b19a6f358c7249647a1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
bc75ed403dbc925472624d82b528c14adf271a6f28b1282ab9752fc6eb9ed12c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d126779bbec484e15305c244988b884bd3bd77c0a44a03bbbd04ffd65047db15
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629