bg.tax-definition.org Open in urlscan Pro
172.67.206.136 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bg.tax-definition.org/77850-onanism
Submission Tags: falconsandbox
Submission: On October 14 via api (October 14th 2021, 3:34:37 am UTC) from US — Scanned from DE

Summary HTTP 72 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 19 domains to perform 72 HTTP transactions. The main IP is 172.67.206.136, located in United States and belongs to CLOUDFLARENET, US. The main domain is bg.tax-definition.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time bg.tax-definition.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	172.67.206.136 172.67.206.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.177.94.108 185.177.94.108	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	13.32.29.129 13.32.29.129	16509 (AMAZON-02) (AMAZON-02)
9	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
5	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
2	65.9.66.48 65.9.66.48	16509 (AMAZON-02) (AMAZON-02)
1 1	46.4.91.20 46.4.91.20	24940 (HETZNER-AS) (HETZNER-AS)
2	213.174.135.25 213.174.135.25	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
14	104.21.69.86 104.21.69.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.81 65.9.66.81	16509 (AMAZON-02) (AMAZON-02)
1	52.29.0.64 52.29.0.64	16509 (AMAZON-02) (AMAZON-02)
3	213.174.135.24 213.174.135.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	65.9.66.108 65.9.66.108	16509 (AMAZON-02) (AMAZON-02)
5	13.35.253.31 13.35.253.31	16509 (AMAZON-02) (AMAZON-02)
1	18.196.233.38 18.196.233.38	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	104.16.86.20 104.16.86.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.129 172.217.16.129	15169 (GOOGLE) (GOOGLE)
1	104.20.184.68 104.20.184.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.186.161 142.250.186.161	15169 (GOOGLE) (GOOGLE)
3	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
72	23

7 172.67.206.136 (United States)

ASN13335 (CLOUDFLARENET, US)

bg.tax-definition.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tax-definition.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.94.108 (United Kingdom)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-108.ah-server.com

load5.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.29.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-129.fra56.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.48 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.91.20 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.20.91.4.46.clients.your-server.de

cst.wpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.25 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

cst.cstwpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.21.69.86 (None, )

ASN13335 (CLOUDFLARENET, US)

tax-definition.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.81 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.0.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.174.135.24 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.wpushsdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.108 (United States)

ASN16509 (AMAZON-02, US)

count-server.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.35.253.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-31.fra6.r.cloudfront.net

platform-cdn.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.233.38 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com

stat.optad360.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f1.1e100.net

32e9e374be87c493070e26c9511418a9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.184.68 (None, )

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.196 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	tax-definition.org bg.tax-definition.org tax-definition.org	326 KB
9	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com count-server.sharethis.com platform-cdn.sharethis.com	47 KB
7	doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	166 KB
7	googlesyndication.com pagead2.googlesyndication.com 32e9e374be87c493070e26c9511418a9.safeframe.googlesyndication.com tpc.googlesyndication.com	224 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	zx-adnet.com cdn.zx-adnet.com	123 KB
3	google.com 1 redirects adservice.google.com www.google.com	1005 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	wpadmngr.com js.wpadmngr.com	25 KB
2	optad360.io get.optad360.io	202 KB
1	onetrust.com geolocation.onetrust.com	412 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	wpushsdk.com js.wpushsdk.com	3 KB
1	googleadservices.com partner.googleadservices.com	271 B
1	consensu.org stat.optad360.mgr.consensu.org	286 B
1	nawpush.com na.nawpush.com	379 B
1	cstwpush.com cst.cstwpush.com	598 B
1	wpu.sh 1 redirects cst.wpu.sh	97 B
1	load5.biz load5.biz	20 KB
72	19

	Domain	Requested by
20	tax-definition.org	bg.tax-definition.org tax-definition.org
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net bg.tax-definition.org
5	platform-cdn.sharethis.com	bg.tax-definition.org
5	cdn.zx-adnet.com	bg.tax-definition.org cdn.zx-adnet.com
3	tpc.googlesyndication.com	bg.tax-definition.org
3	pagead2.googlesyndication.com	bg.tax-definition.org pagead2.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com bg.tax-definition.org
2	counter.yadro.ru	1 redirects bg.tax-definition.org
2	js.wpadmngr.com	cst.wpu.sh js.wpadmngr.com
2	get.optad360.io	bg.tax-definition.org get.optad360.io
1	www.google.com	1 redirects
1	geolocation.onetrust.com	cdn.zx-adnet.com
1	32e9e374be87c493070e26c9511418a9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	get.optad360.io
1	js.wpushsdk.com	js.wpadmngr.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stat.optad360.mgr.consensu.org	get.optad360.io
1	count-server.sharethis.com	platform-api.sharethis.com
1	na.nawpush.com	js.wpadmngr.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	cst.cstwpush.com	bg.tax-definition.org
1	cst.wpu.sh	1 redirects
1	platform-api.sharethis.com	bg.tax-definition.org
1	load5.biz	bg.tax-definition.org
1	bg.tax-definition.org
72	28

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
load4.biz R3	`2021-08-28` - `2021-11-26`	3 months	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
admin.musepresent.com GTS CA 1D4	`2021-09-14` - `2021-12-13`	3 months	crt.sh
*.optad360.io Amazon	`2020-12-17` - `2022-01-15`	a year	crt.sh
cst.cstwpush.com R3	`2021-09-01` - `2021-11-30`	3 months	crt.sh
js.wpadmngr.com R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
na.nawpush.com R3	`2021-08-16` - `2021-11-14`	3 months	crt.sh
stat.optad360.mgr.consensu.org R3	`2021-08-07` - `2021-11-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
js.wpushsdk.com R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 4 frames:

Primary Page: https://bg.tax-definition.org/77850-onanism
Frame ID: E5197441FB3237B5D8808F9F996AFCEC
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Frame ID: 55EC6486EF8E07C1812F0B26A6398DAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1903962249686177&output=html&adk=1812271804&adf=3025194257&lmt=1634182472&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbg.tax-definition.org%2F77850-onanism&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634182472562&bpp=2&bdt=285&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3246649169701&frm=20&pv=2&ga_vid=37715281.1634182473&ga_sid=1634182473&ga_hid=1633486985&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062937%2C31063128&oid=2&pvsid=1925304843572239&pem=934&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243
Frame ID: C7EAAAD2F555597391A353150FBE2AF8
Requests: 1 HTTP requests in this frame

Frame: https://32e9e374be87c493070e26c9511418a9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FF3FB7FDDA9071556B2ADF54EE681484
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

72
Requests

96 %
HTTPS

0 %
IPv6

19
Domains

28
Subdomains

23
IPs

5
Countries

1242 kB
Transfer

4205 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/aclk?sa=l&ai=CXVTCSKVnYaSRPJOI9u8PsYCPgAWx2ovhZav1yqbkDZaCzYWIFhABIKqAwyJgyQagAfTr2fECyAECqQJo8dumZ3WzPuACAKgDAcgDCKoE9QFP0NI0ZOOwOtH6vRMYWeYcujyphFOPHS5KjOVoCv0UTdYKXQOsuZty8X9dLCd-g3l2qBb4Xvr0W3VAPt3p6m6PlyIbjiqcd3IQUMqcsXKt0ITudM6refWr0EK7seB3Zb3wu-ElCxUbRvniFlPAY5tCk3qWLvCqxlR6-8BcvakdI7vrlcOfgW3EtJzHz9tgQfQxpCdHEIlU1cv5FrN_N5BatfvFcMN3pUNPuLfPKPU5-3gWOsdInBxK3_t0GGb8ofyU3KiLpl8h9c4pxSd0OD0wHdSCW1nASTQFERGzrw3_EDsHgp1yxvXOKPqVZS9pE3_X0skRFMAEmrWPh8UD4AQBoAYCgAf0k6aOAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcB0ggHCIhhEAEYHfIIG2FkeC1zdWJzeW4tOTE2MTg2MzY4NTgyNjk1NrEJe2VCZmKFIviACgOYCwHICwG4DAHYEw3QFQGYFgGAFwE&ae=1&num=1&sig=AOD64_0vTV9C4G8XUDYmnyJ5AMKufqWaGw&client=ca-pub-5512390705137507&nx=CLICK_X&ny=CLICK_Y&nb=2&adurl=https://www.sartorius.com/en/723616-723616%3Fgclid%3DEAIaIQobChMIpNWzjvzI8wIVE4T9Bx0xwANQEAEYASAAEgIosfD_BwE

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?reasons=AB3afGEAAAXpW1tbW3RydWUsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxbWyJTYXJ0b3JpdXMgU3RlZGltIEJpb3RlY2ggR21iSCIsIkRFIiwxLG51bGwsMV1dXSxbbnVsbCwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2ludGVyYWN0aW9uLz9haT1DWFZUQ1NLVm5ZYVNSUEpPSTl1OFBzWUNQZ0FXeDJvdmhaYXYxeXFia0RaYUN6WVdJRmhBQklLcUF3eUpneVFhZ0FmVHIyZkVDeUFFQ3FRSm84ZHVtWjNXelB1QUNBS2dEQWNnRENLb0U5UUZQME5JMFpPT3dPdEg2dlJNWVdlWWN1anlwaEZPUEhTNUtqT1ZvQ3YwVVRkWUtYUU9zdVp0eThYOWRMQ2QtZzNsMnFCYjRYdnIwVzNWQVB0M3A2bTZQbHlJYmppcWNkM0lRVU1xY3NYS3QwSVR1ZE02cmVmV3IwRUs3c2VCM1piM3d1LUVsQ3hVYlJ2bmlGbFBBWTV0Q2szcVdMdkNxeGxSNi04QmN2YWtkSTd2cmxjT2ZnVzNFdEp6SHo5dGdRZlF4cENkSEVJbFUxY3Y1RnJOX041QmF0ZnZGY01OM3BVTlB1TGZQS1BVNS0zZ1dPc2RJbkJ4SzNfdDBHR2I4b2Z5VTNLaUxwbDhoOWM0cHhTZDBPRDB3SGRTQ1cxbkFTVFFGRVJHenJ3M19FRHNIZ3AxeXh2WE9LUHFWWlM5cEUzX1gwc2tSRk1BRW1yV1BoOFVENEFRQm9BWUNnQWYwazZhT0FhZ0g4TmticUFmeTJSdW9CNDdPRzZnSGs5Z2JxQWU2QnFnSDdwYXhBcWdIMWNrYnFBZW12aHVvQl9QUkc2Z0hsdGdicUFlcW03RUNxQWZmbjdFQzJBY0IwZ2dIQ0loaEVBRVlIZklJRzJGa2VDMXpkV0p6ZVc0dE9URTJNVGcyTXpZNE5UZ3lOamsxTnJFSmUyVkNabUtGSXZpQUNnT1lDd0hJQ3dHNERBSFlFdzNRRlFHWUZnR0FGd0VcdTAwMjZzaWdoPWpBcExsMEVuQlQwXHUwMDI2Y2lkPUNBUVNQd0NOSXJMTUtNR1dLTWRyb3VCVC1zd25maHZPRTFXTEpCTEZOeE8yaHowNWZyZHpmMDZ0alYtMDVaeGZmS3lub2E2ZG40NTVaeVdLaXlrWGFPZHRHUSIsW251bGwsbnVsbCxudWxsLCJodHRwczovL2Rpc3BsYXlhZHMtZm9ybWF0cy5nb29nbGV1c2VyY29udGVudC5jb20vYWRzL3ByZXZpZXcvY29udGVudC5qcz9jbGllbnQ9d3RhXHUwMDI2b2JmdXNjYXRlZEN1c3RvbWVySWQ9MjI2Nzc0MTYzMVx1MDAyNmNyZWF0aXZlSWQ9NTIwMjkzNzMwNjk4XHUwMDI2dmVyc2lvbklkPTBcdTAwMjZhZEdyb3VwQ3JlYXRpdmVJZD00NzM2MDEwNjM1OTVcdTAwMjZodG1sUGFyZW50SWQ9cHJldi0wXHUwMDI2aGVpZ2h0PTkwXHUwMDI2d2lkdGg9OTcwXHUwMDI2c2lnPUFDaVZCX3hzTnl4djVlU1RwMGtpNk5VS3ZOb0kwdmF1M2ciXSxudWxsLG51bGwsMSwiblc3MFZuUklDWlFJcV9YS3B1UU5FSlhVbFlFdkdMZUp3NDRCSWcxellYSjBiM0pwZFhNdVkyOXRRaGRqWVMxd2RXSXROVFV4TWpNNU1EY3dOVEV6TnpVd04wZ2FXQUp3QVEiLCIxMjYxODkxODQyMSJdXV0sWzEsMSwxLDFdXQX8dSqS-5bLEEk_zCUKZ7OVuVJ1iZUGLZKly4B9gNATtHX4lVmaX7WwzJYjHcI_7o988AYpw7gV9ZIC4i-kLRvIm_LrhA6_IAAY56MYXYAa-IFhyn25p7UFppgF_bhYj991_6_rhtOU9ex6cx5RrvDa2QfN1ui3jRf4u2rl2V8fZrHTwGZGbRJSVy3bCQxY22eTI6yxQMYSHcrXD6EVvwfs35u2PTo5d0gluG43nPNEiRtPtA2PR3M0HbFzAwI-07dL0IT_e1tZ1Qy_qJ8wE_xxj5N2GHGPr7uy_sJSnzfRYO-dpQ9B1fTfoSqsea2M5_nNaDmd8QNFv3qn1q2FG34,lPpOaCth8WDAytsYbMZxkQ&source=display

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://cst.wpu.sh/static/adManager.js HTTP 301
https://cst.cstwpush.com/static/adManager.js

Request Chain 31

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//bg.tax-definition.org/77850-onanism;0.1255658804569666 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//bg.tax-definition.org/77850-onanism;0.1255658804569666

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

72 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 77850-onanism Show response
bg.tax-definition.org/ 28 KB
7 KB 704ms
636ms Document
text/html 172.67.206.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.206.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffc61e3c0a8b6f9ffa3562b7bd3b56df93d84d1fc4b3326b22bb461b138f891b

Request headers

:method: GET
:authority: bg.tax-definition.org
:scheme: https
:path: /77850-onanism
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnQqD63h4jpxNRGysSjfTIzEv4GI%2FwgahIWclbE9wqNIHh9yM2nrn0lPPPVP2wS9ieqR5qbgN8iIpuX1Q5M8f6xUQKjZ8JM0tDRO4U6MyEsWEBtLh7sGAphx7kS6hwQy7WezVS7VIwk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69ddc09fcfea4108-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style-min.css
tax-definition.org/template/css/ 448 KB
61 KB 44ms
34ms Stylesheet
text/css 172.67.206.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/css/style-min.css
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.206.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b0f8a87fdd9f1f2fea7d7bea2358112964aceabb0216acd6488294c36e12321

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 177
etag: W/"6ff70-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwInVsojNo3hpYA1FhpadfVyWctuY%2Fq0ewao9G9g3F5SWTv6%2FF%2F1PHrePNdW%2BK0Q7nvI9aiPdDOVTGsZ9XoK1RKnUjT%2FOW4s1JRRQZ1c9LREqrH6CxoJddsz0WGY4tBPpsxFzAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a3f8724108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 skin.css
tax-definition.org/template/css/ 6 KB
1 KB 36ms
27ms Stylesheet
text/css 172.67.206.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/css/skin.css
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.206.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4733ce7e0ee743877b1673666723c8d82bbf75b95b4b1511287ec1bd763e455

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 177
etag: W/"1746-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPsRODSiwlNmvF1VoHuIQkVmRuZ8TlmLneV%2FrjlpUiSsEOTuv0ywGfE8%2FbBhMwcM6Ey8ZWcUTVPARwX%2B7c5iDxU3iRAJk6wq0ay6orj8386fqhj8q9DIsbbUUweDl%2B%2ByfBgqqeg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a3f8734108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 metro-black-skin.css
tax-definition.org/template/css/ 5 KB
1 KB 31ms
22ms Stylesheet
text/css 172.67.206.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/css/metro-black-skin.css
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.206.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d38f4c8743ad5204d133dc2923742e8a36af67ba2d34fee68fd646c4ce9da857

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 177
etag: W/"1353-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5N7Qz%2BagiQilPmY3rsLsPu86Ri6zajzsJRzhaGL%2BFZKtXWmk2ofUWL17lCPBqTY2Dvd4gMFAgu3eb9qipUKdX9xqqUdSAkfRvhM3N73MFhVNHICsTAmEHLPQ1GtYY212jxPVG%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a3f8744108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
load5.biz/ 20 KB
20 KB 56ms
17ms Script
application/javascript 185.177.94.108
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://load5.biz/?pu=guytcmjuha5ha3ddf4zdcnby

Requested by

Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.108 , United Kingdom, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-94-108.ah-server.com

Software

nginx /

Resource Hash

070d0a1c6d62ff1dc56e69d84464726d506c55891b5bf86b45432325c5155593

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Oct 2021 03:34:31 GMT
server: nginx
content-security-policy: img-src https: data:; upgrade-insecure-requests
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=UTF-8

GET
H2 200 jquery.js Show response
tax-definition.org/template/js/ 95 KB
34 KB 31ms
22ms Script
application/javascript 172.67.206.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/js/jquery.js
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.206.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c561e040160f503c6f608ff0584496cac1e0b3a5858ee628e007a14ac4d310f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 177
etag: W/"17b5a-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FE2Hfz3pWD6YhX%2FpGXe8Ks6YCY0OR1yzKf8IhlOO4MaJvGrtNFJHa9pyiz86Fv3ZjZLhdsgyuhLVlzGtJVvDoYvRHIWSbRiYco4FH3dbyrmKPGmo5iW9VecgPWzhkBgYYCQzOXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a3f8764108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
tax-definition.org/template/js/ 10 KB
4 KB 30ms
22ms Script
application/javascript 172.67.206.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/js/jquery-migrate.min.js
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.206.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 177
etag: W/"2748-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DbQrqcK6vJlssRrR1%2FpaUHgI%2FUr7bv9n4%2BQn65pFG%2BHALg8XdKhXBLeG77hBDGe4k4J36EfgKP1TEZWTHc%2Fq9%2FGneehbYV5wtdI12ypX98ne5TBjn%2Fy2WOsjrOXbhcD82J4VzUA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a3f8754108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 183 KB
41 KB 47ms
7ms Script
text/javascript 13.32.29.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-129.fra56.r.cloudfront.net
Software: /
Resource Hash: b3dca6992b4f8770bc3dba5f82f6325a82d2adabf685da88d950f6fe87b16716

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:27:47 GMT
content-encoding: gzip
age: 405
etag: W/"2dcf1-RQaJcGO9+DuZ32kDJGMESLkOoPg"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: text/javascript; charset=utf-8
via: 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: S7GQJER16k6aB3EWZmKIKmWczgXrdwcjwj3Ng0Rypfdr55l5HCYF5A==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 60ms
37ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9312883d5b7b0963e369fd62e2685fd8ae9185cc246e65ac400671dd57f83c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51411
x-xss-protection: 0
server: cafe
etag: 1571863538941072040
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 03:34:32 GMT

GET
H2 200 brmsl_19102402.js Show response
cdn.zx-adnet.com/adx/ 145 KB
19 KB 233ms
217ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Requested by

Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dcbbbdae7b45de58a813dfb53f18f037e156c3359555e3922d1eeb9b6f4eb063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Tue, 12 Oct 2021 09:39:23 GMT
x-timer: S1634182472.392159,VS0,VE211
etag: "e7092a49da41c66a6052dee2ef78d95b28e7c6b43d1cf74ea2c023b98a214134-br"
x-served-by: cache-fra19127-FRA
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Thu, 14 Oct 2021 03:34:32 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 19568
x-cache-hits: 0

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/9d80d0c5-b33c-4ee2-825a-0e35c6995707/ 262 KB
72 KB 116ms
67ms Script
application/javascript 65.9.66.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/9d80d0c5-b33c-4ee2-825a-0e35c6995707/plugin.min.js
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: faf6f52812e1c1095009442941e1746dc02b9b8840c52a7c9bf2b561c17110cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:33 GMT
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 14:09:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"035a023c5a16e814140dd8ef18a56a69"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-id: tvQfqF7LSHsPHwa1Jl4dnD0yyH_BJnAHfRPOamMlwD6Ig7qThF1LyQ==

GET
H2

200

adManager.js Show response
cst.cstwpush.com/static/
Redirect Chain

https://cst.wpu.sh/static/adManager.js
https://cst.cstwpush.com/static/adManager.js

451 B
598 B

114ms
6ms

Script
application/javascript

213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cst.cstwpush.com/static/adManager.js
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 09:03:43 GMT
server: nginx/1.18.0
etag: W/"6166a0ef-1c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 14 Oct 2021 04:34:32 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

Redirect headers

location: https://cst.cstwpush.com/static/adManager.js
date: Thu, 14 Oct 2021 03:34:32 GMT
server: nginx/1.18.0
content-length: 169
content-type: text/html

GET
H3 200 logo-1.png
tax-definition.org/template/img/ 13 KB
13 KB 29ms
27ms Image
image/png 104.21.69.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tax-definition.org/template/img/logo-1.png
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ed67a7363be6c46915a57776dd1a41755e6cdc98125fecfbec1fd58914b9d89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2475
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13223
last-modified: Tue, 15 Jan 2019 16:00:11 GMT
server: cloudflare
etag: "33a7-57f81418fb8c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQYe0ljs3VjPv%2FTwrLXUu1jYv1%2FXTp%2F6Kvy2mMoKunikOfC7xmXStpzhRR5FlPfTGNPX9HQGzc7g%2B0ulPeKtGgfwFHbMcL9vhrTJ6NeJmoeyXvg1J8yUxvseEXR0ILyUyOzx4AM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69ddc0a458ad4126-PRG

GET
H3 200 onanismo.jpg
tax-definition.org/img/definicion/778/ 26 KB
27 KB 113ms
111ms Image
image/jpeg 104.21.69.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tax-definition.org/img/definicion/778/onanismo.jpg
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 657dc66c40fb473050330f7ea8fa4c813f5043a76d77647e385b82653d339974

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Jan 2019 16:24:18 GMT
server: cloudflare
etag: "6972-57f8197cf3080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCUO6WnArq3EaNScFjXqTi0k%2BhXebpMP4nyCFhfoYeIdcOMXOj9Od%2FNNOKCey4S0gVtLQbhsO3wNYg7Pf3%2FF3ZH6ulU3kVKp5VKs%2Bo90K6zGki%2FTT%2F%2BIbSyJ32Hl2pJTJ9NClwA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 69ddc0a458ae4126-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26994

GET
H2 200 functions-min.js Show response
tax-definition.org/template/js/ 348 KB
105 KB 27ms
26ms Script
application/javascript 172.67.206.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/js/functions-min.js
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.206.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c6eba1f63ecc20b38271105fb0e03de57de144b64b6e7285559d3f66d121d62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 2475
etag: W/"5714f-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASesjH1uSc%2FPbxVSwpOReiAK7G7Zq8GUKiQm43ug9gFZpcChEAG33hyUgH8JSRf4FChmFdVm4zEFIfv2w1PPRy%2FLtUvBFP5KtWXmeThvrkMGn6aTdZiz8LdZlVBi1Y3DWoSJ1X8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a438974108-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 layerslider.kreaturamedia.jquery.js Show response
tax-definition.org/template/js/ 112 KB
44 KB 33ms
33ms Script
application/javascript 104.21.69.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/js/layerslider.kreaturamedia.jquery.js
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f505c18eab50f70dc207755ccda6a4f57bece177a3dd09db2d1a817cada69dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 2475
etag: W/"1be23-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ujg%2BEzs2bSUE%2BT%2FIIN%2FX1wYhInqJ0g2eP%2FX5AAPzIB9N%2FmzPC8wYZs42FJ5Bipqg5PiWIjDNvIjl%2BLp3yR8Or%2BZp5Amq1hwFmCMN6ogjuN7J%2B3S5vVhtJWa520O74ZWPz%2FDQXdM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a458a34126-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 layerslider.transitions.js Show response
tax-definition.org/template/js/ 23 KB
4 KB 21ms
20ms Script
application/javascript 104.21.69.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/js/layerslider.transitions.js
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 529bda78540c766f0f30396a6239e335895ea61ec757f5d4ac217a4d90d8a7ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 2475
etag: W/"5c3e-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DCUocbPc5s5DW0eje7sOQECDOwl%2FbNEJAnE98lGIGAj%2FpTL%2B5pcYmmVkCIxjZr9CyrY9gUKnsNC9gFjsejFVgtU7esA0CsR5M96Fymg4uZyDuIzqMmKG%2BmtM0ajQPXoK9eIk7k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a458a44126-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 scripts.js Show response
tax-definition.org/template/js/ 2 KB
1 KB 19ms
17ms Script
application/javascript 104.21.69.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/js/scripts.js
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38710e0e6ac8c64b58f9f587ca9ce03733c0dc5ea8d1e88fee5e82ebaf7fc6dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 2475
etag: W/"62e-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37kQbudxaSNT1roUlqFNJDhZk9Jj2LjrglvfSnSTB9cVstqQ1yLbaIjPwHYRDM%2Fun%2B%2FDGqP%2B%2BoDH4CWhuk18Z7IT%2BM0YbCQWP9ZGHvaQqa3Xiw5srY66ZGMMiVUlapd%2FQ3MSMeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a458a54126-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 shorty-min.js Show response
tax-definition.org/template/js/ 8 KB
4 KB 20ms
18ms Script
application/javascript 104.21.69.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/js/shorty-min.js
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d9e722bb566cd2258e0adfedc1915198e63607bae842f6ee9195b55f18f521d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 2475
etag: W/"1f84-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyB5U%2Blpn6th1NL5Meja3e9iHNs76TZQtMK%2BAOnNvDm6hIA728Sca7tRePq3PBKFNvHJ4eWafpQX4gt6YmytfqoanRUVzEAPacfRjdeO9y01EQ4Jq8SNAfmtMt7Shl7UYrxtunU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a458a64126-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 style.css
tax-definition.org/template/css/ 1023 B
984 B 18ms
16ms Stylesheet
text/css 104.21.69.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/css/style.css
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccaec18e075e5251b441f8f320727edd9025fdd07f65839e2ba5719fa25bdb2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 2475
etag: W/"3ff-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44K0KWrntJzMSaKTSzwZUb1t5IJb9JBeeSRs30fUmRUGl2icsRUw7qtg1EEUZtGKg9cDSGenNUQqr4Jbp7oPOHh4jxMdtmoVf1U4C3xhp5n31P1j%2Bk6QALiOwFBFdVeCtRzBDxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a458a74126-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 layerslider.css
tax-definition.org/template/css/ 16 KB
4 KB 54ms
51ms Stylesheet
text/css 104.21.69.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/css/layerslider.css
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0440cb6f1b73fae247b523a7ac9856730f3546d40f6807d70f80a76da5f5b430

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 2475
etag: W/"3fd7-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WH6NlzZ6BjCXb3K3Unim9CfNZGw2qsiTkEABuLwfSPIXHKk3ANfhbuCt%2FX%2FjaWFak64831bt3u1CBEUgwY84jEZCh0CAeSg8O6Cmso8aHGZ1qzhhOdE2XeIew4K%2B694ORz%2Fk14w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a458a84126-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 shortcodes.css
tax-definition.org/template/css/ 25 KB
5 KB 22ms
19ms Stylesheet
text/css 104.21.69.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/css/shortcodes.css
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cf73c63f5ccfae511f9a32c44b2555b6930f9940092884de8d32091cf16ec1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 2475
etag: W/"62d1-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKYzpJeTj0LX10UJmnEygCF1eFnScmUV5mMKp%2Fl2msTIdawP3YbPmxUQRQ5OJp%2BYAP8NAt1qTIRjoeNCpdZH1OJJ9nrAHPImbZCVMDxY%2Flbt%2BcXpw1UScSa9U%2BmVkfdJ2W8vYmU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a458a94126-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 styles.css
tax-definition.org/template/css/ 1 KB
1 KB 21ms
19ms Stylesheet
text/css 104.21.69.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/css/styles.css
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9572b4a14763b68a5431da1d962ebc917d6592b2fd1f18b50f5b3cb49e5d3c8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 2475
etag: W/"566-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHu5UWsN%2FCAhf6YKuZQ1hQSYhsCKqLRU9GEGpZlV4itetOCuYeRY%2BAu%2BesfIzXmcOsx%2ByYUDlXhBBT1GwxM0n84471IF4Idc8VwB%2BPoynNDi9KO2LfPl%2F9K0prCSK7HeQEgHyeY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a458aa4126-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 woocommerce-layout.css
tax-definition.org/template/css/ 16 KB
3 KB 55ms
53ms Stylesheet
text/css 104.21.69.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/css/woocommerce-layout.css
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82bb17819368e12db3c5fc1d9b8152ae99df078cd1a9a3db048680105119a2b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 2475
etag: W/"3e64-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajTT3lBRZLeZE%2BV8K6lRXZoG9PSEXzjOFq5xuBkfzyLvWWyXJxHBgln6iBS8wfEFh9dxz6pa9GufxgEXLGpWU%2FhTTwqHyFZSabpClWXU%2F5vwWLb0fdEYqfKM7ycm47ObMpTFs5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a458ab4126-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 woocommerce.css
tax-definition.org/template/css/ 20 KB
4 KB 31ms
28ms Stylesheet
text/css 104.21.69.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/css/woocommerce.css
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cad9b306bbf850a46549a68fae90bd11740cbabc9e69168fc880521a4964a177

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 2475
etag: W/"4fef-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4diZsq2EaSzekBWHKwzgU0X938iBo5qaH7uGZJ%2FGTJKl5AFeIQvnaw4gFK024A%2Bmt1dWesZV9XSX0tx5bq7A6zjrr%2B2Wt9Mf3ixN0Sv5djFCBkIsmDZb%2F%2Ft51YpRyHTfxuoSTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a458ac4126-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 5c086b7ea71f090011aea084.js Show response
buttons-config.sharethis.com/js/ 434 B
777 B 45ms
10ms Script
text/javascript 65.9.66.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/5c086b7ea71f090011aea084.js
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2fa83bbc70c843df2edd43096821128aa1f4bd404237f614c49cd48e7d5cfa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
last-modified: Thu, 06 Dec 2018 00:24:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "8f8c95d8315dedb8a7c82f24235b706f"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 434
x-amz-cf-id: 4f08vww7t1taKB_AWG02w5-1-XtbQnaaA037NKpop8-nEKFXH2GPoQ==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
343 B 37ms
7ms XHR
text/plain 52.29.0.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=bg.tax-definition.org&location=%2F77850-onanism&product=unknown&url=https%3A%2F%2Fbg.tax-definition.org%2F77850-onanism&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=%D0%94%D0%B5%D1%84%D0%B8%D0%BD%D0%B8%D1%86%D0%B8%D1%8F%20%D0%BE%D0%BD%D0%B0%D0%BD%D0%B8%D0%B7%D1%8A%D0%BC%20%D0%9E%D0%B1%D1%89%D0%B0%D1%82%D0%B0%20%D0%A1%D1%82%D0%BE%D0%B9%D0%BD%D0%BE%D1%81%D1%82%20%D0%9D%D0%B0%20%D0%9A%D0%BE%D0%BD%D1%86%D0%B5%D0%BF%D1%86%D0%B8%D1%8F%D1%82%D0%B0.%20%D0%9A%D0%B0%D0%BA%D0%B2%D0%BE%20%D0%95%20%D0%A2%D0%BE%D0%B2%D0%B0%20%D0%BE%D0%BD%D0%B0%D0%BD%D0%B8%D0%B7%D1%8A%D0%BC&cms=unknown&publisher=5c086b7ea71f090011aea084&sop=true&version=st_sop.js&lang=en&description=%D0%9E%D0%BD%D0%B0%D0%BD%D0%B8%D0%B7%D0%BC%D1%8A%D1%82%20%D0%B5%20%D0%B4%D1%83%D0%BC%D0%B0%2C%20%D0%BA%D0%BE%D1%8F%D1%82%D0%BE%20%D0%BF%D1%80%D0%BE%D0%B8%D0%B7%D0%BB%D0%B8%D0%B7%D0%B0%20%D0%BE%D1%82%20%D0%9E%D0%BD%D0%B0%D0%BD%20%2C%20%D0%BE%D1%82%20%D0%91%D0%B8%D0%B1%D0%BB%D0%B8%D1%8F%D1%82%D0%B0%20.%20%D0%A1%D0%B8%D0%BD%20%D0%BD%D0%B0%20%D0%AE%D0%B4%D0%B0%20%2C%20%D0%9E%D0%BD%D0%B0%D0%BD%20%D0%BF%D0%BE%D1%81%D1%82%D1%80%D0%B0%D0%B4%D0%B0%20%D0%BE%D1%82%20%D0%BF%D0%BE-%D0%B3%D0%BE%D0%BB%D0%B5%D0%BC%D0%B8%D1%8F%20%D1%81%D0%B8%20%D0%B1%D1%80%D0%B0%D1%82%20%D0%B8%20%D1%82%D1%80%D1%8F%D0%B1%D0%B2%D0%B0%D1%88%D0%B5%20%D0%B4%D0%B0%20%D1%81%D0%B5%20%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%20%D0%B7%D0%B0%20%D0%B2%D0%B4%D0%BE%D0%B2%D0%B8%D1%86%D0%B0%D1%82%D0%B0%20%D1%81%D0%B8%2C%20%D0%B6%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%20%D0%B8%D0%BC%D0%B5%20%D0%A2%D0%B0%D0%BC%D0%B0%D1%80%20%2C%20%D1%81%D0%BF%D0%BE%D1%80%D0%B5%D0%B4%20%D0%B7%D0%B0%D0%BA%D0%BE%D0%BD%D0%B0%20%D0%BD%D0%B0%20%D1%8E%D0%B4%D0%B5%D0%B8%D1%82%D0%B5.%20%D0%9D%D0%BE%D1%80%D0%BC%D0%B8%D1%82%D0%B5%20%D0%BE%D1%82%20%D0%BE%D0%BD%D0%BE%D0%B2%D0%B0%20%D0%B2%D1%80%D0%B5%D0%BC%D0%B5%20%D0%BF%D0%BE%D0%BA%D0%B0%D0%B7%D0%B2%D0%B0%D1%82%2C%20%D1%87%D0%B5%20%D0%B0%D0%BA%D0%BE%20%D0%9E%D0%BD%D0%B0%D0%BD%20%D0%B8%D0%BC%D0%B0%20%D0%BF%D0%BE%D1%82%D0%BE%D0%BC%D1%8A%D0%BA%20%D1%81%20%D0%A2%D0%B0%D0%BC%D0%B0%D1%80%20%2C%20%D1%82%D0%BE%D0%B9%20%D0%BD%D1%8F%D0%BC%D0%B0%20%D0%B4%D0%B0%20%D0%B1%D1%8A%D0%B4%D0%B5%20%D0%B2%D1%8A%D0%B7%D0%BF%D1%80%D0%B8%D0%B5%D1%82%20%D0%BA%D0%B0%D1%82%D0%BE%20%D0%BD%D0%B5%D0%B3%D0%BE%D0%B2%20%D1%81%D0%B8%D0%BD%3A%20%D0%B2%D0%BC%D0%B5%D1%81%D1%82%D0%BE%20%D1%82%D0%BE%D0%B2%D0%B0%20%D1%89%D0%B5%20%D0%B1%D1%8A%D0%B4%D0%B5%20%D0%BF%D1%80%D0%B8%D0%BF%D0%B8%D1%81%D0%B0%D0%BD%20%D0%BD%D0%B0%20%D0%B1%D1%80%D0%B0
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 14 Oct 2021 03:34:32 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://bg.tax-definition.org
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 64 KB
25 KB 28ms
6ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 850a5427b601f5d72a7b54a033c7240d48a406c19a4c445a9cc52ad36d88cc35

Request headers

Referer: https://bg.tax-definition.org/
Origin: https://bg.tax-definition.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 15:35:33 GMT
server: nginx/1.18.0
etag: W/"61572ac5-fef5"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 14 Oct 2021 04:34:32 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET bdaia-woohoo.ttf
tax-definition.org/template/css/fonts/ 0
0

GET
H3 404 bdaia0003.jpg
tax-definition.org/template/img/ 0
0 88ms
88ms Image
text/html 104.21.69.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tax-definition.org/template/img/bdaia0003.jpg
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 woocommerce-smallscreen.css
tax-definition.org/template/css/ 7 KB
2 KB 20ms
20ms Stylesheet
text/css 104.21.69.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-definition.org/template/css/woocommerce-smallscreen.css
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.69.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aff5defc6096f98979e1f23cab268ac7f75f8934f0ffd0cfd7e3693c9d12502

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 20 Oct 2018 20:17:00 GMT
server: cloudflare
age: 2475
etag: W/"1b1c-578aeb3d0c700-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAa3iXS9i2XoZmybZvZaqFGCf%2Bcob6uwI2%2FlwTrjZyjj915x%2FtGwBiqClGJzD%2BqDzd6OUKQO3KjO7xi2sVvVl7lx1d0vdUmo%2F6fe0jni6b7cY2V0W294oSaLZKpnqrpX%2B8pC8Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69ddc0a558c84126-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//bg.tax-definition.org/77850-onanism;0.1255658804569666
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//bg.tax-definition.org/77850-onanism;0.1255658804569666

43 B
528 B

45ms
45ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//bg.tax-definition.org/77850-onanism;0.1255658804569666

Requested by

Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Oct 2021 03:34:32 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 13 Oct 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 Oct 2021 03:34:32 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//bg.tax-definition.org/77850-onanism;0.1255658804569666
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 13 Oct 2020 21:00:00 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/ 272 KB
98 KB 46ms
32ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b9b5529f6b6777f0eee9b7ba1819d2e89d0172d1787d4323a03ef2aff5a72838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99864
x-xss-protection: 0
server: cafe
etag: 4888905160428137443
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 03:34:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame 55EC 10 KB
5 KB 28ms
6ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bg.tax-definition.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 13 Oct 2021 21:25:32 GMT
expires: Wed, 27 Oct 2021 21:25:32 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 22140
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET bdaia-woohoo.woff
tax-definition.org/template/css/fonts/ 0
0

GET
H2 200 1604 Show response
na.nawpush.com/tags/ 264 B
379 B 33ms
6ms XHR
text/plain 213.174.135.25
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/1604
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.25 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4b7cc9865f07e4ca3ae0bb34e0c07ce0ffbdc77d9428a4cd438853b00efea8c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Oct 2021 03:34:32 GMT
cache-control: max-age=300, public
content-type: text/plain; charset=utf-8
server: nginx/1.18.0
content-encoding: gzip
x-proxy-cache: HIT

GET
H2 200 wp-banners.js Show response
js.wpadmngr.com/npc/sdk/ 0
239 B 21ms
7ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
server: nginx/1.18.0
etag: "611fc6d7-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 14 Oct 2021 04:34:32 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H2 200 get_counts Show response
count-server.sharethis.com/v2.0/ 143 B
461 B 198ms
170ms Script
text/javascript 65.9.66.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fbg.tax-definition.org%2F77850-onanism
Requested by: Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ebd3be14d43895525da36e399fe95c12eeae67e4432d7e6d16e15dd555ec5d52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
etag: 73891195c4040ee0ddf8cc88f1b1c771
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
content-length: 143
apigw-requestid: HLbDZg31oAMESzg=
x-amz-cf-id: tzxG23lfNMPmheBImse9FKrOs2Ky_H8wFOO5uatbHY4RCgrgUbdavg==

GET
H2 200 facebook.svg
platform-cdn.sharethis.com/img/ 301 B
678 B 33ms
6ms Image
image/svg+xml 13.35.253.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/facebook.svg
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-31.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 02 Oct 2021 05:51:08 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 1028604
etag: "c6e9be45643e197ce1db1d7e24a99adc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 301
x-amz-cf-id: 7nUwXuXtXZSmrp10TiBQNB2qotFMY9E3MAtRxJUlt40YLrfoYqns1A==

GET
H2 200 twitter.svg
platform-cdn.sharethis.com/img/ 731 B
1 KB 34ms
7ms Image
image/svg+xml 13.35.253.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/twitter.svg
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-31.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 28 Sep 2021 21:36:17 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 1317495
etag: "0af2fb38987598376c99e21af17ade45"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 731
x-amz-cf-id: xNsiPe_g7b63HmPfPKmBucLclnRrjBNmcvs6LyUvKrMD_HbdmfjgQg==

GET
H2 200 pinterest.svg
platform-cdn.sharethis.com/img/ 771 B
1 KB 34ms
7ms Image
image/svg+xml 13.35.253.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/pinterest.svg
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-31.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 15 Sep 2021 02:35:16 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2509156
etag: "2b10a062e719c64b686e2e8fcdc216dc"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 771
x-amz-cf-id: v3JqwJM54xF_jxRTn1595-ocB5ZN2Fidgv9Pe2yWxxT3HgK9F5So-w==

GET
H2 200 email.svg
platform-cdn.sharethis.com/img/ 343 B
723 B 34ms
7ms Image
image/svg+xml 13.35.253.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/email.svg
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-31.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 17 Sep 2021 01:54:40 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
server: AmazonS3
age: 2338793
etag: "5977437466e857c7ddcadda6f6d88c2a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 343
x-amz-cf-id: nBEZyTSvYNlR7sYMZPH2ABOrLtlgQzUz5gh9VJYYJNJ2AcP7KjWlpw==

GET
H2 200 sharethis.svg
platform-cdn.sharethis.com/img/ 514 B
889 B 34ms
7ms Image
image/svg+xml 13.35.253.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform-cdn.sharethis.com/img/sharethis.svg
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-31.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 17 Sep 2021 06:11:13 GMT
via: 1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
server: AmazonS3
age: 2323400
etag: "deecdaa377907db5cc1722fc831670a1"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 514
x-amz-cf-id: 815CV7DqFHabs_eupzt5vl-iesIBZEDzKMOeo-2a2U1nB1KaqI_-GA==

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 200 B
232 B 138ms
137ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Tue, 12 Oct 2021 09:39:23 GMT
x-timer: S1634182473.774162,VS0,VE131
etag: "437b8edcf8ac42ac5e7961966dea7cee69a38a82519efa00f6f37a753caad24c-br"
x-served-by: cache-fra19127-FRA
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
date: Thu, 14 Oct 2021 03:34:32 GMT
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
content-length: 118
x-cache-hits: 0

GET
H/1.1 200
OK / Show response
stat.optad360.mgr.consensu.org/ 20 B
286 B 28ms
7ms XHR
text/html 18.196.233.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.optad360.mgr.consensu.org/
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/9d80d0c5-b33c-4ee2-825a-0e35c6995707/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.196.233.38 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-233-38.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e596a6cc17f525e0707049608e73975baa5474e82c932c8b60fa11a718617140

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 14 Oct 2021 03:34:32 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 23ms
22ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/9d80d0c5-b33c-4ee2-825a-0e35c6995707/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

db6b891d30969b23b48a2c0b7c78ba3c102473280fe008f34ba0a2e40b5ed15f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1015 / 959 of 1000 / last-modified: 1634162794"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27145
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Oct 2021 03:34:32 GMT

GET
H2 200 prebid4.19.0.js Show response
get.optad360.io/sf/ 410 KB
129 KB 7ms
7ms Script
application/javascript 65.9.66.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid4.19.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/9d80d0c5-b33c-4ee2-825a-0e35c6995707/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 257579348172eb9f739308373580772054c0b671f63e8f002aed9f9774a6272e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 21:22:44 GMT
content-encoding: gzip
last-modified: Thu, 17 Dec 2020 09:52:06 GMT
server: AmazonS3
age: 367909
etag: W/"08b0612ac0c68ebf519b28323f4e2aa2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cache-control: public, max-age=604800
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: KaF-OYcLz5XDouCpy-x3E4KvBkXMNAKkO5SZ6ZWwTU2HcKbqXp1nZA==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
271 B 15ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bg.tax-definition.org&callback=_gfp_s_&client=ca-pub-1903962249686177

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

429a7bab31a67acf0ee1f285ff83036229cd0888f2cc31bcfab68755115bc1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 37ms
16ms Script
application/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bg.tax-definition.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110070201/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET ads
googleads.g.doubleclick.net/pagead/ Frame C7EA 0
0

GET
H2 200 csub.js Show response
js.wpushsdk.com/npc/sdk/wpu/ 8 KB
3 KB 27ms
6ms Script
application/javascript 213.174.135.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpushsdk.com/npc/sdk/wpu/csub.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.24 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: gzip
last-modified: Mon, 23 Aug 2021 06:06:24 GMT
server: nginx/1.18.0
etag: W/"61233ae0-1e8b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 14 Oct 2021 04:34:32 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H3 200 pubads_impl_2021100701.js Show response
securepubads.g.doubleclick.net/gpt/ 366 KB
124 KB 15ms
15ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

74e0705ba9740aea8c7f1f7a8e582ae656c55e1c8d047b212683fadb5e623fa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126551
x-xss-protection: 0
last-modified: Thu, 07 Oct 2021 08:38:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Oct 2021 03:34:32 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 83 B
106 B 50ms
25ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bg.tax-definition.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

43fab25e83e5538524467892293a0f56f61a0538c4680baf8d49da592448ba55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81
x-xss-protection: 0
expires: Thu, 14 Oct 2021 03:34:32 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 28ms
12ms XHR
application/json 104.16.86.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211014

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid4.19.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d121bc20f340225dcfb7752d3296f6b710fa34887ed78e8c6baecef52779823f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bg.tax-definition.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32179
x-jsd-version: 1.0.1128
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19127-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69c-xCjmkRLah8RwLGAqGDfyGAggv0E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 69ddc0a789884e14-FRA

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bg.tax-definition.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 03:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 306ms
306ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1925304843572239&correlator=1763684121617387&output=ldjh&impl=fif&eid=31063128&vrg=2021100701&ptt=17&sc=1&sfv=1-0-38&ecs=20211014&iu_parts=121764058%2Ctax-definition.org_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x100%7C970x90&cookie=ID%3Dc0ea9a6689a421f6-227a21e7f3ca0031%3AT%3D1634182472%3ART%3D1634182472%3AS%3DALNI_MYhXeS5WqRJANdKM_k7MRM2DGq18g&bc=31&abxe=1&lmt=1634182472&dt=1634182472938&dlt=1634182472277&idt=619&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=1200&adks=1766176410&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbg.tax-definition.org%2F77850-onanism&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&ga_vid=37715281.1634182473&ga_sid=1634182473&ga_hid=1633486985&ga_fc=false&fws=1664&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9c82fd92a577f7fef545a80e240eba65e0993dc51a92cc17ce16d45eca62c885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10636
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bg.tax-definition.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
32e9e374be87c493070e26c9511418a9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FF3F 6 KB
4 KB 71ms
21ms Document
text/html 172.217.16.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://32e9e374be87c493070e26c9511418a9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 32e9e374be87c493070e26c9511418a9.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bg.tax-definition.org/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 14 Oct 2021 03:34:33 GMT
expires: Fri, 14 Oct 2022 03:34:33 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
389 B 173ms
173ms Script
text/html 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zx-adnet.com/checkabuse?surl=https://bg.tax-definition.org/77850-onanism
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:33 GMT
content-encoding: gzip
x-powered-by: Express
x-cache: MISS
content-length: 65
x-served-by: cache-fra19127-FRA
server: Google Frontend
x-timer: S1634182473.958526,VS0,VE167
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: a1865e89b6852b138f11dfb1bb3f98e9
cache-control: max-age=3600,public
function-execution-id: 3a4o0qrabf7k
accept-ranges: bytes
x-orig-accept-language: de-DE,de;q=0.9
x-country-code: DE
x-cache-hits: 0

GET
H2 200 __ZXCONSENT.ZxGetConsent Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 208 B
412 B 34ms
17ms Script
text/javascript 104.20.184.68
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/__ZXCONSENT.ZxGetConsent

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.20.184.68 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87e425d803ad71d5dff358a8f96c61a1435357ea83f99b5c4f1480a7d7907107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 03:34:33 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 69ddc0a92e645c20-FRA

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 7ms
7ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Tue, 12 Oct 2021 09:39:23 GMT
x-timer: S1634182473.171661,VS0,VE1
etag: "acf494525e3877026bdb2c073692d275534d2343c0dbc0e70e25b584375d01a0-br"
x-served-by: cache-fra19127-FRA
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Thu, 14 Oct 2021 03:34:33 GMT
accept-ranges: bytes
content-length: 67025
x-cache-hits: 1

GET
H2 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 321ms
321ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Tue, 12 Oct 2021 09:39:23 GMT
x-timer: S1634182473.259530,VS0,VE315
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
x-served-by: cache-fra19127-FRA
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
date: Thu, 14 Oct 2021 03:34:33 GMT
accept-ranges: bytes
content-length: 37832
x-cache-hits: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012109102127000/ 189 KB
55 KB 50ms
7ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 581451
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55506
x-xss-protection: 0
server: sffe
date: Thu, 07 Oct 2021 10:03:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c42e3b94efe0099e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 07 Oct 2022 10:03:42 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ 13 KB
5 KB 60ms
17ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 206660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4995
x-xss-protection: 0
server: sffe
date: Mon, 11 Oct 2021 18:10:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "bc03df60ee69192f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 11 Oct 2022 18:10:13 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ 89 KB
28 KB 61ms
18ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 314704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28507
x-xss-protection: 0
server: sffe
date: Sun, 10 Oct 2021 12:09:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "283b6526337df106"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Mon, 10 Oct 2022 12:09:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ 4 KB
2 KB 64ms
21ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 85987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1638
x-xss-protection: 0
server: sffe
date: Wed, 13 Oct 2021 03:41:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b3f838efba7b15f2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 13 Oct 2022 03:41:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012109102127000/v0/ 40 KB
13 KB 63ms
20ms Script
text/javascript 142.250.186.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012109102127000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f1.1e100.net

Software

sffe /

Resource Hash

235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 395746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12820
x-xss-protection: 0
server: sffe
date: Sat, 09 Oct 2021 13:38:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2e8049efde94274d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 09 Oct 2022 13:38:47 GMT

GET
DATA 200
OK truncated
/ 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a152ef5c640d6ac1b7bcdde19300174ef86fc2078fff01bcc16313b459ecc50b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 73283323423442108
tpc.googlesyndication.com/daca_images/simgad/ 68 KB
68 KB 29ms
7ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/73283323423442108

Requested by

Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

3163136e99eed845abd439e3f22d65e9cd8441966d37c6dcc8c211121ea312b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 17:34:32 GMT
x-content-type-options: nosniff
age: 122401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69324
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 23:48:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Oct 2022 17:34:32 GMT

GET
H2 200 bg.png
tpc.googlesyndication.com/pagead/images/adchoices/ 3 KB
3 KB 29ms
7ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/bg.png

Requested by

Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

4bdd1166ae125d8c5b128008f13ae09b8739b127c28027ef086e36aa9166b5cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Oct 2021 01:36:06 GMT
x-content-type-options: nosniff
server: cafe
age: 7107
etag: 9696399085754783419
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2658
x-xss-protection: 0
expires: Fri, 15 Oct 2021 01:36:06 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ 295 B
778 B 28ms
6ms Image
image/png 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 14:31:09 GMT
x-content-type-options: nosniff
server: cafe
age: 47004
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 14 Oct 2021 14:31:09 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 25ms
25ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3dDbSKVnYaSRPJOI9u8PsYCPgAWx2ovhZav1yqbkDZaCzYWIFhABIKqAwyJgyQagAfTr2fECyAECqQJo8dumZ3WzPuACAKgDAcgDCKoE8gFP0NI0ZOOwOtH6vRMYWeYcujyphFOPHS5KjOVoCv0UTdYKXQOsuZty8X9dLCd-g3l2qBb4Xvr0W3VAPt3p6m6PlyIbjiqcd3IQUMqcsXKt0ITudM6refWr0EK7seB3Zb3wu-ElCxUbRvniFlPAY5tCk3qWLvCqxlR6-8BcvakdI7vrlcOfgW3EtJzHz9tgQfQxpCdHEIlU1cv5FrN_N5BatfvFcMN3pUNPuLfPKPU5-3gWOsdInBxK3_t0GGb8ofyU3KiLpl8h9c4pxSc2OhyikDkRNoRTW8mqeeM0mhP1vTEpmm2YcZ08pWKBSTfm2_S6D8AEmrWPh8UD4AQBkgUECAQYAZIFBAgFGASgBgKAB_STpo4BqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBD11wbSCAcIiGEQARgd8ggbYWR4LXN1YnN5bi05MTYxODYzNjg1ODI2OTU2gAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTU1MTIzOTA3MDUxMzc1MDcYku8h&sigh=gOBJd83_C3Q
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: bg.tax-definition.org
URL: https://bg.tax-definition.org/77850-onanism
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f98.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

date: Thu, 14 Oct 2021 03:34:33 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
64 B 17ms
17ms Image
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuy4ubB-Oq14l1ZEhnz9FNnwOTGIW4olEv6INtZh6jtwu79GYdlIkEwhJ4vCjk7OV3QE2JKRHOikMjjWxF3WQ3iZuf-5acjYnGGIK2xg-pPpMEGWkE&sai=AMfl-YQGp0dxIw2jWW8V9Viu4d34WJff1K-nPb0KafNXcXx6A2Ula6xY9o3oAcl3X2U9ezPeEO7Qprc0fntbK3S9E9X7QmbnZysrNQlipjKtMZogKSZIFQkvNuh5azyFIWMN&sig=Cg0ArKJSzMtnyoAxo15aEAE&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=39&tls=1039&g=100&h=100&tt=1040&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1766176410

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bg.tax-definition.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 03:34:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tax-definition.org
URL: https://tax-definition.org/template/css/fonts/bdaia-woohoo.ttf

Domain: tax-definition.org
URL: https://tax-definition.org/template/css/fonts/bdaia-woohoo.woff

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1903962249686177&output=html&adk=1812271804&adf=3025194257&lmt=1634182472&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbg.tax-definition.org%2F77850-onanism&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634182472562&bpp=2&bdt=285&idt=231&shv=r20211011&mjsv=m202110070201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3246649169701&frm=20&pv=2&ga_vid=37715281.1634182473&ga_sid=1634182473&ga_hid=1633486985&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062937%2C31063128&oid=2&pvsid=1925304843572239&pem=934&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.load5.biz/	1970-01-19 22:39:34	Name: uuid Value: bbe05152-479b-421c-a97b-c90a81acfd67
.yadro.ru/	1970-01-20 06:41:34	Name: FTID Value: 1XPwL823AK8B1XPwL8000Op6
.yadro.ru/	1970-01-20 06:41:34	Name: VID Value: 0i6v5922LWeB1XPwL8000Os9
.tax-definition.org/	1970-01-20 06:41:58	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTdjN2NkZGEtNWVkNy02ZDQwLWFlNmUtZWI0MTU0NzEyNWVjIiwiY3JlYXRlZCI6IjIwMjEtMTAtMTRUMDM6MzQ6MzMuMjM1WiIsInVwZGF0ZWQiOiIyMDIxLTEwLTE0VDAzOjM0OjMzLjIzNVoiLCJ2ZXJzaW9uIjpudWxsfQ==
.tax-definition.org/	1970-01-20 07:17:58	Name: __gads Value: ID=c0ea9a6689a421f6-227a21e7f3ca0031:T=1634182472:S=ALNI_MYhXeS5WqRJANdKM_k7MRM2DGq18g
.doubleclick.net/	1970-01-20 15:27:34	Name: IDE Value: AHWqTUkJteme5KSIBnwNHByJj-Is70ZVui67G3iR5S1bhPih-YOlyl4evAdAL91P6mE
.doubleclick.net/	1970-01-19 21:56:26	Name: DSID Value: NO_DATA

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://bg.tax-definition.org/77850-onanism Message: Access to font at 'https://tax-definition.org/template/css/fonts/bdaia-woohoo.ttf' from origin 'https://bg.tax-definition.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://tax-definition.org/template/css/fonts/bdaia-woohoo.ttf Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://tax-definition.org/template/img/bdaia0003.jpg Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://bg.tax-definition.org/77850-onanism Message: Access to font at 'https://tax-definition.org/template/css/fonts/bdaia-woohoo.woff' from origin 'https://bg.tax-definition.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://tax-definition.org/template/css/fonts/bdaia-woohoo.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

32e9e374be87c493070e26c9511418a9.safeframe.googlesyndication.com
adservice.google.com
bg.tax-definition.org
buttons-config.sharethis.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.zx-adnet.com
count-server.sharethis.com
counter.yadro.ru
cst.cstwpush.com
cst.wpu.sh
geolocation.onetrust.com
get.optad360.io
googleads.g.doubleclick.net
js.wpadmngr.com
js.wpushsdk.com
l.sharethis.com
load5.biz
na.nawpush.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform-api.sharethis.com
platform-cdn.sharethis.com
securepubads.g.doubleclick.net
stat.optad360.mgr.consensu.org
tax-definition.org
tpc.googlesyndication.com
www.google.com
googleads.g.doubleclick.net
tax-definition.org
104.16.86.20
104.20.184.68
104.21.69.86
13.32.29.129
13.35.253.31
142.250.184.194
142.250.184.226
142.250.185.196
142.250.186.129
142.250.186.161
151.101.65.195
172.217.16.129
172.217.18.98
172.67.206.136
18.196.233.38
185.177.94.108
213.174.135.24
213.174.135.25
46.4.91.20
52.29.0.64
65.9.66.108
65.9.66.48
65.9.66.81
88.212.201.210
0440cb6f1b73fae247b523a7ac9856730f3546d40f6807d70f80a76da5f5b430
070d0a1c6d62ff1dc56e69d84464726d506c55891b5bf86b45432325c5155593
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
257579348172eb9f739308373580772054c0b671f63e8f002aed9f9774a6272e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
3163136e99eed845abd439e3f22d65e9cd8441966d37c6dcc8c211121ea312b5
38710e0e6ac8c64b58f9f587ca9ce03733c0dc5ea8d1e88fee5e82ebaf7fc6dd
3c6eba1f63ecc20b38271105fb0e03de57de144b64b6e7285559d3f66d121d62
429a7bab31a67acf0ee1f285ff83036229cd0888f2cc31bcfab68755115bc1a7
43fab25e83e5538524467892293a0f56f61a0538c4680baf8d49da592448ba55
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b7cc9865f07e4ca3ae0bb34e0c07ce0ffbdc77d9428a4cd438853b00efea8c0
4bdd1166ae125d8c5b128008f13ae09b8739b127c28027ef086e36aa9166b5cd
4e6e557e3330ec122ad4205be0aa8f4c5fbc5fdd77990d49eb16c802c9ef9b57
529bda78540c766f0f30396a6239e335895ea61ec757f5d4ac217a4d90d8a7ab
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
657dc66c40fb473050330f7ea8fa4c813f5043a76d77647e385b82653d339974
6b0f8a87fdd9f1f2fea7d7bea2358112964aceabb0216acd6488294c36e12321
6c561e040160f503c6f608ff0584496cac1e0b3a5858ee628e007a14ac4d310f
74e0705ba9740aea8c7f1f7a8e582ae656c55e1c8d047b212683fadb5e623fa7
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
7cf73c63f5ccfae511f9a32c44b2555b6930f9940092884de8d32091cf16ec1c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
82bb17819368e12db3c5fc1d9b8152ae99df078cd1a9a3db048680105119a2b1
850a5427b601f5d72a7b54a033c7240d48a406c19a4c445a9cc52ad36d88cc35
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
87e425d803ad71d5dff358a8f96c61a1435357ea83f99b5c4f1480a7d7907107
8aff5defc6096f98979e1f23cab268ac7f75f8934f0ffd0cfd7e3693c9d12502
8f505c18eab50f70dc207755ccda6a4f57bece177a3dd09db2d1a817cada69dc
9312883d5b7b0963e369fd62e2685fd8ae9185cc246e65ac400671dd57f83c87
9572b4a14763b68a5431da1d962ebc917d6592b2fd1f18b50f5b3cb49e5d3c8c
98269de18b212a00a156e7cf49e220c62282488adeac655a50c4a300b013887c
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
9be45d830a633e050edaa82361e4ecac3cc189b3a3975a41aa01ae3cb4e4120b
9c82fd92a577f7fef545a80e240eba65e0993dc51a92cc17ce16d45eca62c885
9d9e722bb566cd2258e0adfedc1915198e63607bae842f6ee9195b55f18f521d
9ed67a7363be6c46915a57776dd1a41755e6cdc98125fecfbec1fd58914b9d89
a152ef5c640d6ac1b7bcdde19300174ef86fc2078fff01bcc16313b459ecc50b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b3dca6992b4f8770bc3dba5f82f6325a82d2adabf685da88d950f6fe87b16716
b9b5529f6b6777f0eee9b7ba1819d2e89d0172d1787d4323a03ef2aff5a72838
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
cad9b306bbf850a46549a68fae90bd11740cbabc9e69168fc880521a4964a177
ccaec18e075e5251b441f8f320727edd9025fdd07f65839e2ba5719fa25bdb2e
d121bc20f340225dcfb7752d3296f6b710fa34887ed78e8c6baecef52779823f
d2fa83bbc70c843df2edd43096821128aa1f4bd404237f614c49cd48e7d5cfa3
d38f4c8743ad5204d133dc2923742e8a36af67ba2d34fee68fd646c4ce9da857
d4733ce7e0ee743877b1673666723c8d82bbf75b95b4b1511287ec1bd763e455
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
db6b891d30969b23b48a2c0b7c78ba3c102473280fe008f34ba0a2e40b5ed15f
dcbbbdae7b45de58a813dfb53f18f037e156c3359555e3922d1eeb9b6f4eb063
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e596a6cc17f525e0707049608e73975baa5474e82c932c8b60fa11a718617140
ebd3be14d43895525da36e399fe95c12eeae67e4432d7e6d16e15dd555ec5d52
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
faf6f52812e1c1095009442941e1746dc02b9b8840c52a7c9bf2b561c17110cb
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68
ffc61e3c0a8b6f9ffa3562b7bd3b56df93d84d1fc4b3326b22bb461b138f891b

bg.tax-definition.org Open in urlscan Pro 172.67.206.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

72 Requests

96 %HTTPS

0 %IPv6

19 Domains

28 Subdomains

23 IPs

5 Countries

1242 kBTransfer

4205 kBSize

7 Cookies

2 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bg.tax-definition.org Open in urlscan Pro
172.67.206.136 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

96 %
HTTPS

0 %
IPv6

19
Domains

28
Subdomains

23
IPs

5
Countries

1242 kB
Transfer

4205 kB
Size

7
Cookies

72 HTTP transactions
2 data transactions