urlscan.io logo urlscan.io
SecurityTrails logo

amenazaytx.site Open in urlscan Pro
2a02:4780:b:730:0:2ede:94d2:a  Public Scan

Go To Rescan Add Verdict Report
URL: https://amenazaytx.site/
Submission: On January 20 via api from DO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 45 IPs in 7 countries across 32 domains to perform 270 HTTP transactions. The main IP is 2a02:4780:b:730:0:2ede:94d2:a, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is amenazaytx.site.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on January 3rd 2023. Valid for: 3 months.
This is the only time amenazaytx.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
28 2a02:4780:b:7... 47583 (AS-HOSTINGER)
6 2a00:1450:400... 15169 (GOOGLE)
3 13.32.27.110 16509 (AMAZON-02)
25 2a06:98c1:312... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
22 3.214.250.34 14618 (AMAZON-AES)
6 2001:4860:480... 15169 (GOOGLE)
4 2606:50c0:800... 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 205.185.216.42 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2a02:2638:1::1a 44788 (ASN-CRITE...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 34.107.148.139 396982 (GOOGLE-CL...)
4 51.75.86.98 16276 (OVH)
4 52.57.28.56 16509 (AMAZON-02)
2 7 37.252.172.123 29990 (ASN-APPNEX)
4 147.75.85.234 54825 (PACKET)
4 18.200.146.35 16509 (AMAZON-02)
4 185.184.8.90 204995 (RTB-HOUSE...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 104.96.145.246 16625 (AKAMAI-AS)
7 2a00:1450:400... 15169 (GOOGLE)
4 104.111.217.162 16625 (AKAMAI-AS)
8 20.13.96.71 8075 (MICROSOFT...)
1 2602:803:c003... 26667 (RUBICONPR...)
26 2a00:1450:400... 15169 (GOOGLE)
5 6 142.250.180.194 15169 (GOOGLE)
2 4 185.80.39.216 27381 (CASALE-MEDIA)
18 2a00:1450:400... 15169 (GOOGLE)
4 172.217.16.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 34.98.64.218 396982 (GOOGLE-CL...)
2 104.96.128.226 16625 (AKAMAI-AS)
1 2 54.78.110.39 16509 (AMAZON-02)
2 2600:9000:230... 16509 (AMAZON-02)
8 2600:1f13:800... 16509 (AMAZON-02)
270 45
28    2a02:4780:b:730:0:2ede:94d2:a (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)
amenazaytx.site
6    2a00:1450:400d:80a::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    13.32.27.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-110.fra56.r.cloudfront.net
cdn.purpleads.io
25    2a06:98c1:3120::c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.eswhik.com
9    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.de
adservice.google.com
1    2606:4700:10::ac43:19b3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.sendwebpush.com
22    3.214.250.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-250-34.compute-1.amazonaws.com
api.purpleads.io
6    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)
eswhik.github.io
2    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
4    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.psdn.xyz
1    2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
4    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
4    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
4    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
4    52.57.28.56 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-28-56.eu-central-1.compute.amazonaws.com
tlx.3lift.com
7    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    18.200.146.35 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-146-35.eu-west-1.compute.amazonaws.com
ads.servenobid.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
3    2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)
eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
3    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
7    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
googleads.g.doubleclick.net
4    104.111.217.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-162.deploy.static.akamaitechnologies.com
images.outbrainimg.com
8    20.13.96.71 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
log.outbrainimg.com
1    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
smarttag.rubiconproject.com
26    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net
cm.g.doubleclick.net
4    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
18    2a00:1450:400d:807::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2a00:1450:400d:805::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.96.128.226 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-128-226.deploy.static.akamaitechnologies.com
sync.teads.tv
2    54.78.110.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-110-39.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    2600:9000:2304:5200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    2600:1f13:800:7781:1ff7:f8bb:5daf:de82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
Apex Domain
Subdomains		 Transfer
40 googlesyndication.com
eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 156
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
231 KB
28 amenazaytx.site
amenazaytx.site
2 MB
25 eswhik.com
cdn.eswhik.com
80 KB
25 purpleads.io
cdn.purpleads.io — Cisco Umbrella Rank: 45500
api.purpleads.io — Cisco Umbrella Rank: 28104
75 KB
21 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 216
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321
270 KB
18 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
221 KB
12 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 799
static.adsafeprotected.com — Cisco Umbrella Rank: 633
dt.adsafeprotected.com — Cisco Umbrella Rank: 591
99 KB
12 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 2131
log.outbrainimg.com — Cisco Umbrella Rank: 2382
208 KB
12 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1862
mp.4dex.io — Cisco Umbrella Rank: 1893
99 KB
8 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2439
www.google-analytics.com — Cisco Umbrella Rank: 22
21 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 207
7 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
424 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 292
14 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
3 KB
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5807
709 B
4 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1645
3 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 838
671 B
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 506
2 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 691
1 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1038
3 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 698
1 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
210 KB
4 psdn.xyz
cdn.psdn.xyz — Cisco Umbrella Rank: 65443
482 KB
4 github.io
eswhik.github.io
25 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
143 KB
3 rubiconproject.com
ads.rubiconproject.com — Cisco Umbrella Rank: 2657
smarttag.rubiconproject.com — Cisco Umbrella Rank: 13428
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 840
10 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
2 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1223
344 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 420
418 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 767
4 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8470
792 B
1 sendwebpush.com
cdn.sendwebpush.com
270 32
Domain Requested by
28 amenazaytx.site amenazaytx.site
26 pagead2.googlesyndication.com eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
amenazaytx.site
www.googletagservices.com
securepubads.g.doubleclick.net
25 cdn.eswhik.com amenazaytx.site
cdn.eswhik.com
22 api.purpleads.io cdn.purpleads.io
amenazaytx.site
18 s0.2mdn.net amenazaytx.site
s0.2mdn.net
eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
tpc.googlesyndication.com
amenazaytx.site
8 dt.adsafeprotected.com eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
8 log.outbrainimg.com amenazaytx.site
8 script.4dex.io cdn.psdn.xyz
script.4dex.io
7 ib.adnxs.com 2 redirects cdn.psdn.xyz
googleads.g.doubleclick.net
7 securepubads.g.doubleclick.net amenazaytx.site
securepubads.g.doubleclick.net
6 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
6 region1.google-analytics.com www.googletagmanager.com
6 www.googletagmanager.com amenazaytx.site
cdn.eswhik.com
www.googletagmanager.com
4 googleads4.g.doubleclick.net amenazaytx.site
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 googleads.g.doubleclick.net eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
pagead2.googlesyndication.com
amenazaytx.site
4 images.outbrainimg.com amenazaytx.site
cdn.purpleads.io
4 prebid-eu.creativecdn.com cdn.psdn.xyz
4 ads.servenobid.com cdn.psdn.xyz
4 prebid.a-mo.net cdn.psdn.xyz
4 tlx.3lift.com cdn.psdn.xyz
4 onetag-sys.com cdn.psdn.xyz
4 prebid.media.net cdn.psdn.xyz
4 mp.4dex.io cdn.psdn.xyz
4 bidder.criteo.com cdn.psdn.xyz
4 cdn.psdn.xyz cdn.purpleads.io
4 eswhik.github.io cdn.eswhik.com
eswhik.github.io
amenazaytx.site
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagservices.com amenazaytx.site
eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
3 fonts.googleapis.com securepubads.g.doubleclick.net
ajax.googleapis.com
3 eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 cdn.purpleads.io amenazaytx.site
2 static.adsafeprotected.com eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects amenazaytx.site
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 ajax.googleapis.com s0.2mdn.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.com cdn.eswhik.com
tpc.googlesyndication.com
2 unpkg.com eswhik.github.io
amenazaytx.site
1 secure-assets.rubiconproject.com amenazaytx.site
1 smarttag.rubiconproject.com ads.rubiconproject.com
1 ads.rubiconproject.com amenazaytx.site
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.gstatic.com www.google.com
1 cdn.sendwebpush.com amenazaytx.site
270 48

This site contains links to these domains. Also see Links.

Domain
eswhik.com
www.kadencewp.com
Subject Issuer Validity Valid
amenazaytx.site
ZeroSSL RSA Domain Secure Site CA		 2023-01-03 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.purpleads.io
Amazon		 2022-10-31 -
2023-11-29		 a year crt.sh
*.eswhik.com
E1		 2022-12-28 -
2023-03-28		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-07-23 -
2023-07-23		 a year crt.sh
*.github.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-04-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
psdn.xyz
E1		 2022-12-29 -
2023-03-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.a-mo.net
R3		 2022-12-04 -
2023-03-04		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2023-01-20 -
2023-04-20		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-11-04 -
2023-12-03		 a year crt.sh

This page contains 24 frames:

Primary Page: https://amenazaytx.site/
Frame ID: A7BF25E7A27EB0BA661408D6E7DF8148
Requests: 100 HTTP requests in this frame

Frame: https://cdn.psdn.xyz/prebid-2022-12-27.js
Frame ID: 5114FC3954666803BC2AEB664786D14A
Requests: 12 HTTP requests in this frame

Frame: https://cdn.psdn.xyz/prebid-2022-12-27.js
Frame ID: 01E95A0E85844CF24FE68078910F9369
Requests: 12 HTTP requests in this frame

Frame: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 602119EE7AA6EFF9D525A531864D850F
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Frame ID: EEF09915BF2C7C53597668F631878BBE
Requests: 2 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/22554.js
Frame ID: 7CD202D1BF9CC1F71849F0FB51B8502D
Requests: 4 HTTP requests in this frame

Frame: https://cdn.psdn.xyz/prebid-2022-12-27.js
Frame ID: 9BDD6C58F028A2873BE66B94503625A5
Requests: 12 HTTP requests in this frame

Frame: https://cdn.psdn.xyz/prebid-2022-12-27.js
Frame ID: 55FE5EFE48964FF09043E47FB421247F
Requests: 12 HTTP requests in this frame

Frame: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBjZTNkYjMxZDdmMTg1ZGIyMDY4NmI2YTE1N2JlNWFkOWNmOTE3ZWEzYTNiMGIyNzA5MGQwOTI5OWJjMTEwMDUiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Frame ID: 40BCD866B55E71E7D26911BA6CB8527B
Requests: 4 HTTP requests in this frame

Frame: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0061BB86BD695C27E9AF2CFB957BA05A
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYxNPDmAEwAQ&v=APEucNXHo5-AZCzOApupw9QofNUWbMqbEcaZcusO7q8EA6uSLy94xJdiOoprA0jKA-S4f7uCL_80bw9cGIw20C94pozMkJWz-Zz3le9YTS8BX9XwV-8QNgnE2IOqx-skBpVj_SnHQP-zcpt3zS4jfJqgmylZR3HL4iimSee2e7dLvszEv45Wrlg
Frame ID: FCB80F8D83843C6956BE9057939557EA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9646F4EB8BCBA0146D10E4363A8E3191
Requests: 3 HTTP requests in this frame

Frame: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBjZTNkYjMxZDdmMTg1ZGIyMDY4NmI2YTE1N2JlNWFkOWNmOTE3ZWEzYTNiMGIyNzA5MGQwOTI5OWJjMTEwMDUiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Frame ID: BD3C811BAFF69DC653604B78F8C4C7B1
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9079937949297653269/index.html
Frame ID: 52770587FEB6CEF226B6B753F597F8F7
Requests: 15 HTTP requests in this frame

Frame: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0181F5638E895DE5EB97C1C7D1ACF02D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYtbXOxQEwAQ&v=APEucNUm8s2_RvUNVo5pKA-xjKAhauqptqx-I19mveExyC5axEVgZwzb9p0BJmr6tSCiEc546ALb3Y-SjPMPcFXc7XDHNg6BTBrHp2zPUWX-Mtu8buIzVX_DcLbJ2rmMRiWt2quNHotLGaWBUm5HTsLtYSz-839I_DWISURYAq6qDm6TJFSMopg
Frame ID: 9D7F98E713B2760819D1B09CAEDA6172
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: FFFA3C92ADC21B77F87227418804E05F
Requests: 28 HTTP requests in this frame

Frame: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBjZTNkYjMxZDdmMTg1ZGIyMDY4NmI2YTE1N2JlNWFkOWNmOTE3ZWEzYTNiMGIyNzA5MGQwOTI5OWJjMTEwMDUiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Frame ID: 40A244BAB4569255B6ACE46C2923DEE5
Requests: 4 HTTP requests in this frame

Frame: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBjZTNkYjMxZDdmMTg1ZGIyMDY4NmI2YTE1N2JlNWFkOWNmOTE3ZWEzYTNiMGIyNzA5MGQwOTI5OWJjMTEwMDUiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Frame ID: 779F2DD994FE20A6347E6610D03D689D
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6764783864924189503/index.html
Frame ID: 59536A207F9BF0C59768528DE6A69789
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F87D8FA58BAA910C6B29EB9E703B4E20
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 7BCE6635641D8D60704DDEE52E3DA89C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 64CFA58E3D768CC10E7CAA998DA963B9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8D43E065BBFF0298F46EB95DEB69E034
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MundoYT NBM - Tus mejores archivos aquíAlternar el menúContinuarContinuarContinuarContinuarContinuarContinuarContinuarContinuarContinuarContinuarSiguiente

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

270
Requests

97 %
HTTPS

57 %
IPv6

32
Domains

48
Subdomains

45
IPs

7
Countries

4356 kB
Transfer

9073 kB
Size

25
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 168
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-hEm3mL1O3RAAk3lB4siw&google_cver=1
Request Chain 169
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8sHJaR81zo.yCRf-FoDCQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-hEm3mL1O3RAAk3lB4siw&google_cver=1&google_hm=2
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEH0e6WVk-1301ufM2rEy8Cw&google_cver=1
Request Chain 171
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5ODA3NzQyMDk2Njk3MjAzNA%3D%3D
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEVivBRoSUQrZzM7dImyc4Q&google_cver=1
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBNF6gHJ_ng09MO7VbgPiIQ&google_cver=1
Request Chain 247
  • https://fw.adsafeprotected.com/rfw/st/990511/61634092/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_JQfLY-2xMPuH9u8PuPG3oAw&cbFunctionName=goog_wrapCb_JQfLY-2xMPuH9u8PuPG3oAw&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Famenazaytx.site&adsafe_type=g&adsafe_url=https%3A%2F%2Famenazaytx.site%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Feb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Feb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:1a1c736b-c148-e30f-27f6-fc90918d2784,c:1Sk0ar,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-5dc769c4d9-nhtfc,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:2,mot:0,app:0,maw:0,fm:ttwat9z+11%7C12%7C131%7C14%7C151%7C152%7C153%7C16%7C171*.990511-61634092%7C1711%7C1712%7C1713%7C18%7C19,idMap:171*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:18,oid:2dd19a86-9909-11ed-badc-f6ab14a7c131,v:19.8.385,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js

270 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
amenazaytx.site/ 		103 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.2.34
Resource Hash
fe2ddd327ba1389a8ccbf86d25ad624307c74b0728f498b95daba3b175f2ff21
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Fri, 20 Jan 2023 21:26:58 GMT
link
<https://amenazaytx.site/wp-json/>; rel="https://api.w.org/"
platform
hostinger
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
wp-emoji-release.min.js
amenazaytx.site/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 24 May 2022 23:45:53 GMT
server
LiteSpeed
etag
"48b9-628d6e31-c34caf64fe392e84;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4572
expires
Fri, 27 Jan 2023 21:26:58 GMT
style.min.css
amenazaytx.site/wp-includes/css/dist/block-library/ 		87 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 12 Jul 2022 23:44:29 GMT
server
LiteSpeed
etag
"15b64-62ce075d-be40088ceb664da0;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
10703
expires
Fri, 27 Jan 2023 21:26:58 GMT
cookie-law-info-public.css
amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/ 		3 KB
910 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-public.css?ver=3.0.7
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 23 Dec 2022 14:44:31 GMT
server
LiteSpeed
etag
"c22-63a5becf-815ad1f37405df36;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
824
expires
Fri, 27 Jan 2023 21:26:58 GMT
cookie-law-info-gdpr.css
amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/ 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-gdpr.css?ver=3.0.7
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 23 Dec 2022 14:44:31 GMT
server
LiteSpeed
etag
"6a71-63a5becf-995bc4419ba8c806;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4069
expires
Fri, 27 Jan 2023 21:26:58 GMT
global.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f008162fa330a82dceb974a8e4e0ab2bfdeef1e3c2a417a0a517ccbfe4674505
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:08 GMT
server
LiteSpeed
etag
"4bb7-63713abc-daa6b411c7136226;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4238
expires
Fri, 27 Jan 2023 21:26:58 GMT
header.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:09 GMT
server
LiteSpeed
etag
"6c84-63713abd-47f94de2a1c697cd;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4235
expires
Fri, 27 Jan 2023 21:26:58 GMT
content.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		32 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:08 GMT
server
LiteSpeed
etag
"7fcd-63713abc-d3e87fec4bb3ac3;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
5481
expires
Fri, 27 Jan 2023 21:26:58 GMT
sidebar.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		749 B
280 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/sidebar.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
51bb6e5e42da084b36fc157bdc14d6df9a559d918da43fd26bc9ff80d9e1b4d0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:08 GMT
server
LiteSpeed
etag
"2ed-63713abc-6af42f615ef6b4b0;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
218
expires
Fri, 27 Jan 2023 21:26:58 GMT
footer.min.css
amenazaytx.site/wp-content/themes/kadence/assets/css/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:09 GMT
server
LiteSpeed
etag
"49c0-63713abd-212bce3bfdc7c558;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1651
expires
Fri, 27 Jan 2023 21:26:58 GMT
button-styles.css
amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 09 Jul 2022 01:57:03 GMT
server
LiteSpeed
etag
"2293-62c8e06f-98b34d63d4f3ed6d;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1212
expires
Fri, 27 Jan 2023 21:26:58 GMT
jquery.min.js
amenazaytx.site/wp-includes/js/jquery/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 10 Mar 2021 20:37:24 GMT
server
LiteSpeed
etag
"15db1-60492e04-d6db397d9b8af042;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
30027
expires
Fri, 27 Jan 2023 21:26:58 GMT
jquery-migrate.min.js
amenazaytx.site/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 18 Nov 2020 14:36:06 GMT
server
LiteSpeed
etag
"2bd8-5fb53156-b75f952454f0e777;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
3984
expires
Fri, 27 Jan 2023 21:26:58 GMT
cookie-law-info-public.js
amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/js/ 		33 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/js/cookie-law-info-public.js?ver=3.0.7
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 23 Dec 2022 14:44:31 GMT
server
LiteSpeed
etag
"8583-63a5becf-345abe83e0853f6a;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
7094
expires
Fri, 27 Jan 2023 21:26:58 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
360daeec209221147de55fc51d2e156ef1ae75a6cd630f538bbeec3de3496e74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77735
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 21:26:58 GMT
agent.js
cdn.purpleads.io/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15863c30adbf1f3dd1c4eb22b9ed6826d01a9beadf44db08d7ecedb6836ed131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 12:48:00 GMT
content-encoding
gzip
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
last-modified
Sun, 15 Jan 2023 12:47:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
31139
etag
"0df64eee76617d6b8b842eaf114234f3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
20006
x-amz-cf-id
L0NCbAiJNlBGdSpldl1nPcgQiMHP9WareBVPm16-PTrnw6EoPCnsrw==
theme.js
cdn.eswhik.com/npm/ 		313 B
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/npm/theme.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5536aad22eaec75feb7fea986b8f40679daefaf9ad561eb2965c756d474947c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64458
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 25 Aug 2022 17:49:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vE1mEwManhIj7KGnRYHHNm%2BY6hcrtrmUKAJKUzmZwHQDIvHH7KPjlHts%2BBUk6%2FeA9iall3c6YhrPMRBUueBExs24dVa8%2Fepjp6wkW%2Bnd1r89ie4dVVnKkA%2BMhV1n9HbzQKoLUb98LR85gAQDWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78cae4375850920b-FRA
expires
Fri, 27 Jan 2023 03:32:39 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7640773899458de6505f8d74452bac91d2cbf258cb95e650c0db507d51a5e5bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27774
x-xss-protection
0
server
sffe
etag
"1458 / 302 of 1000 / last-modified: 1674216594"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 20 Jan 2023 21:26:58 GMT
603d92f98981a_2103.js
cdn.sendwebpush.com/adsendwebpush/client_services/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sendwebpush.com/adsendwebpush/client_services/603d92f98981a_2103.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:19b3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
close.png
cdn.eswhik.com/img/icons/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.eswhik.com/img/icons/close.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9567220eb5f2b07603aae51a311748502edfa671e807f99196f34af344ef306

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
314802
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25704
last-modified
Tue, 29 Mar 2022 01:23:54 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wihN9tfbwqtKFrAOKWRfH6annOD6zKr2lQb139s6xTArFzWtDSs8%2FRJDPVGhG170rjYW5aiKLWRgKNwnZvutvv820Q92aBzW0MLwfT9SzGeCNSlbzRl3sFNvoOu1i1yq3cHr7GSQC4ERkrp4fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
78cae43a0b71920b-FRA
expires
Tue, 24 Jan 2023 06:00:16 GMT
ip-350x250-cpm
cdn.eswhik.com/drive/ads/ 		825 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/ads/ip-350x250-cpm
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0121bf42f1b2aa9d0a57f8911e9a80d4744a910ccf8c1363b2ddbcf58765992e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 27 Apr 2022 02:13:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9qQkww50qSPD2cowv50NjMk6%2BY%2BuV27Z%2FH7rGcog2usHBC4Ke%2Fq0dw2ydZ6MVchejrGMZw7%2FAz5rKrymfMLQXdiz0m7roIEMvFSEUMOvFGyy3A19p9pgpGVXpASrJdDx%2F39JPiqt0Tnc0iBtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78cae439fb53920b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
elon-musk-tesla-bitcoin-768x432.png
amenazaytx.site/wp-content/uploads/2022/12/ 		452 KB
453 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/12/elon-musk-tesla-bitcoin-768x432.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bc4ff10b35a5ba443996e0aa309f63af282a2a81a02e35705430ec21892984dd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 13 Dec 2022 22:54:21 GMT
server
LiteSpeed
etag
"711a0-6399029d-cd72d1d58b00058;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
463264
expires
Fri, 27 Jan 2023 21:26:58 GMT
agent.js
cdn.purpleads.io/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=a2741b6d55c6d59d3ca3b61810b2a8f8:981d8d69d9e8956be89103f0d9818163818996da27ceeea35fd96916e2a07ed56d6b62a3390f00edd9911894e1fec747c911ceb89cf8fda5918f54c61b3e2916
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15863c30adbf1f3dd1c4eb22b9ed6826d01a9beadf44db08d7ecedb6836ed131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 12:48:00 GMT
content-encoding
gzip
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
last-modified
Sun, 15 Jan 2023 12:47:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
31139
etag
"0df64eee76617d6b8b842eaf114234f3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
20006
x-amz-cf-id
aHKFvLzoQTzorBxqnxV8qFKPCQLHLamDiKrRIebtcwdyQcD_MU5-BQ==
agent.js
cdn.purpleads.io/ 		67 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.purpleads.io/agent.js?publisherId=e5503a8be5c59196f7d89d8e3f76081b:dbf913c8afa5de89d6a2201b7b0168ff2e03ae5845bd84a2d8ea8b3f3876e67e82e8e6a8f68f61e4e7db1578fae8c6ec86745a077fe9c25c55d11ca810b16fb2
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-110.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15863c30adbf1f3dd1c4eb22b9ed6826d01a9beadf44db08d7ecedb6836ed131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 12:48:00 GMT
content-encoding
gzip
via
1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
last-modified
Sun, 15 Jan 2023 12:47:50 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
31139
etag
"0df64eee76617d6b8b842eaf114234f3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
20006
x-amz-cf-id
UbLnBq4y6JyXy49JEVnHyrO2YgvTjMmHRYPb-QI7pSD3j5NFW1VimA==
cookie-law-info-table.css
amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/cookie-law-info/legacy/public/css/cookie-law-info-table.css?ver=3.0.7
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Fri, 23 Dec 2022 14:44:31 GMT
server
LiteSpeed
etag
"17e1-63a5becf-70daee6a639c4f19;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1604
expires
Fri, 27 Jan 2023 21:26:58 GMT
navigation.min.js
amenazaytx.site/wp-content/themes/kadence/assets/js/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.31
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
dcc19958809bc3db2abb40ba313906fe1bfa2c235357f39da400709e9c79c1e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sun, 13 Nov 2022 18:43:08 GMT
server
LiteSpeed
etag
"543e-63713abc-ea992678d409601;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
5227
expires
Fri, 27 Jan 2023 21:26:58 GMT
dashicons.min.css
amenazaytx.site/wp-includes/css/ 		58 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-includes/css/dashicons.min.css
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 04 Mar 2021 02:46:22 GMT
server
LiteSpeed
etag
"e688-604049fe-7d38d0da2325dc9e;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
35099
expires
Fri, 27 Jan 2023 21:26:58 GMT
font-awesome.min.css
amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/ 		86 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/font-awesome.min.css
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/wp-content/plugins/forget-about-shortcode-buttons/public/css/button-styles.css?ver=2.1.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:58 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 09 Jul 2022 01:57:03 GMT
server
LiteSpeed
etag
"159d8-62c8e06f-d25236d0135ca3e9;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
11531
expires
Fri, 27 Jan 2023 21:26:58 GMT
tags
cdn.eswhik.com/npm/ 		1 KB
665 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/npm/tags
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/theme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2804abe47f80f47f18c36af50e7bf8e520e37eea1b8426110e8f7b2e0cbf4ce6

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 18 Oct 2022 18:01:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lhlQVhRBjXB07T9p3TIpcV8Pa3ao5i1t70PMWQXr1Myiv5sa5amPrxNjw716U9U1e5aRzG1WdYcwTvc86hQfgENUtmOOySMoHx%2FBMdzrZk2jPoI0X5FCIJJo%2BCUayio%2FBhGG%2B4W%2FZnfUI2r7kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43a0b70920b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
init
api.purpleads.io/x/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1674250018950
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:26:59 GMT
x-request-id
c5796def-6402-49b1-bb2e-fe628cf6ef69
init
api.purpleads.io/x/ 		87 B
382 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/init?ts=1674250018950
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
etag
W/"57-rJEPlnm9gFYJQ15PqJcM33T6S4Y"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
content-length
87
x-request-id
db5321c7-2226-4a3b-877b-726e502d1742
collect
region1.google-analytics.com/g/ 		0
347 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HVPFKTV6LZ&gtm=2oe1i0&_p=1578021164&cid=479643305.1674250019&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674250019&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:26:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.purpleads.io/x/b/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=5bc2ec7b-e1c8-4630-b682-cc0b6626ae96&ts=1674250019167
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash
df737f7d616845bd721aaa0b5d368b2de14d24334190eb3d03d1bdd78824a96d

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
gzip
pa-user-id
d8bf24be-8077-4bc1-901f-ca0bb00453f9
etag
W/"e0b-9X8qLxhuYX+CWuWL4kdPfDYUMRA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
af49f4c6-f902-496a-9061-f826005d736e
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=0&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=5bc2ec7b-e1c8-4630-b682-cc0b6626ae96&ts=1674250019167
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:26:59 GMT
x-request-id
43271aaa-c0ce-4746-a991-7f327bdeed16
jquery-3.5.1.min.js
cdn.eswhik.com/drive/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/jquery/jquery-3.5.1.min.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 16 Apr 2022 00:26:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
82906
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5U7fWQmG3JUpFtelfFERyafEKb8ED0%2F4PI5b8mKtXUJ3CsHWOvdkRvC03sW5bPGFFLrN83j3%2FMGsDQkSZf%2BuYSOCRJKns5OUVLqV98q4w6CLArXU2eH53qgN1JeWcl9tLUdq4AmtU8G1sQNuOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43c3f715ba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 26 Jan 2023 22:25:13 GMT
config
eswhik.github.io/drive/buttons/z1/ 		381 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eswhik.github.io/drive/buttons/z1/config
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
a675db82126493bf9927ab29dba89f77e0e763622eb5f7725af4aa10b204c807
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-fastly-request-id
1c959acd077e3389ff3c5c9c5b49ac45b8d9e1e7
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Fri, 20 Jan 2023 21:26:59 GMT
age
0
x-cache
HIT
x-cache-hits
1
x-proxy-cache
MISS
content-length
198
x-served-by
cache-hhn-etou8220057-HHN
last-modified
Thu, 24 Nov 2022 16:49:30 GMT
server
GitHub.com
x-github-request-id
6320:7FD6:843711:B614E2:63C93788
x-timer
S1674250019.267376,VS0,VE102
etag
W/"637fa09a-17d"
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Thu, 19 Jan 2023 12:38:56 GMT
300x250-cpm.js
cdn.eswhik.com/drive/script/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/300x250-cpm.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b82df01256e32a7e0225fcd06012bba6d8ea272a96f3e43a5331a059fc170d4

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82906
cf-polished
origSize=2243
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 27 Apr 2022 02:07:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkPN6W5pq2ljLofHnJ6%2FxWBpzn7cZqPurvj%2F2FEmt7KYTW58%2F2afTXQ4cyz7xeMtOMqn2T5vxvwImBQ7uEfuH5JdKzPjAd8GiSkxX7metlIc27wjE6%2B7m0Rv7X7c15mPJ80SRHelBdtwOqE5Gw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43c3f745ba4-FRA
expires
Thu, 26 Jan 2023 22:25:13 GMT
analytics-eswhik
cdn.eswhik.com/ 		668 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/analytics-eswhik
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e5a87d0b6a722ce2c8f0950e23f6b8205f391eaf52a4c10c8956b1560d3a52

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 20 May 2022 20:46:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNeBlpnymEpt9vzthmPEt1pSuiEV9pIk4ZWESy5Tn9User6T3f4A%2FVcd3PIbKfSsV9GDOLolMLpY9DGg0pYO5ofoPsKFbnidSx34ieUYFI9INQt%2FgoSMaTXdWOZbbSnLLNLPsJfN0qcvebh5YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43c3f785ba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sites
cdn.eswhik.com/drive/reCAPTCHA/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/reCAPTCHA/sites
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers
Sistema-Blogger-2.0
cdn.eswhik.com/drive/reCAPTCHA/ 		556 B
790 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/reCAPTCHA/Sistema-Blogger-2.0
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f14b612adef254430bdf87ec7405512fe8f5d39de4d789841d1239ef6420492

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 10 May 2022 18:21:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4iCUotJ6%2BqLkBzhzEmpWH44cT9xDR0gfyQOoc8IGL%2FQCcJP1052CIPSzMYfB40BaOZ5N6Q2UsmsXxf83hdd9ofVLyConXVUypoYYplYmPYvhPo0P64vrmBJZw9C%2F1veW4rl%2BgQEbjt9bOa3jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43c3f7b5ba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api-popunder.js
cdn.eswhik.com/drive/script/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/api-popunder.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
820a1fddd5a609082271df120797fde740e6114eef0efe101b9a57d9158e6036

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76392
cf-polished
origSize=4051
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 02 May 2022 21:30:28 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bS7YNIP1KY%2BPn74bDD%2FshVfxCEvrNEbwpslqU%2F3FjRjPMzhO1gTt3LtgqF7qjkN%2FP1vl3cmQVb6yTBZ%2F8%2BziBF5Cx2g0iqRsXspDgvSn9nZw12j4HJR%2Fp7uvDA8oVkdyxeZOUCVFfr2%2F%2BLhPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43c3f7d5ba4-FRA
expires
Fri, 27 Jan 2023 00:13:47 GMT
pregressAdTime
cdn.eswhik.com/drive/tags/ 		306 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/tags/pregressAdTime
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e11a1b1adf786512587e757e9b095ffc77770f5a6dbaa66615398bc903fab82e

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 10 May 2022 01:05:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nzjfkEnUR%2BhxRVRHM%2FWrwfQh1WCAO7K8%2F%2BljTC5rYL%2FBahjbRiUMLC4N0R4mD%2BrKukEeBMj1AdQq9W01c3Li%2Byh07UbYHv%2F%2BqT8P6roQG2y9vvUvaggxMfyV11eACFs5%2FwbnTZzyxayaFX8tgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43c3f7e5ba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Eswhik-CPM-2.0.css
cdn.eswhik.com/drive/css/ 		946 B
941 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/Eswhik-CPM-2.0.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97b42f5456d33762968c00d290a9c536564d2cfd693fc15cf81a454d72e06610

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132287
cf-polished
origSize=1003
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 10 May 2022 17:35:48 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WjvretBi%2BUx%2FCL0LhTvGMoUGx7goWz4rXwKEzfCofwKkOs6nxOSrnpnKjPhtsc3JFpWChpDZMYgNBuNkos%2BDG17fteR9uxjgM8xHiXkKBTXa13%2BXgugXQQR0f%2FBmLY1RtL8Wj0UU3cqWz288ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43c3f7f5ba4-FRA
expires
Thu, 26 Jan 2023 08:42:12 GMT
api-eswhik-push
cdn.eswhik.com/drive/api/ 		290 B
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/api/api-eswhik-push
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac34695b72e4e902bba01b5ef320dcd2aa03edf02bfb909a3ca23b9d2607899c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified
Thu, 02 Jun 2022 22:29:22 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rq5VYqqvXB5X40PRgMFvyTHvbjQCMwIN92vu4unyJIpfRWJaQdQPCx1wSGL9nWmvMYkXkq6K8SEFG9NhSAmCtH1GMx0iv3UL0ZPYuHgoHXh6Ws03U%2FePuYpKwO6HVjW7sZ3F6J5YEtYtqEpUHg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
78cae43c3f825ba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
290
copyright-eswhik.js
cdn.eswhik.com/drive/script/ 		218 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/copyright-eswhik.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a531463641125977e3c0db5fb89fde3ecd4b0ac25ea0aceb3c235dd55a5472c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82906
cf-polished
origSize=276
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 03 Jun 2022 22:24:46 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PofiYslpCIThVWQksWgV4%2FVwVtiuCAZMIyhhuktFMHE%2FizDae2L5tRVidnYcRIPbN7c2Df8e6MmYHytuvaciLLviFMHF0oQg%2BBh5cvDNxyzCMLDHr5pZddN1wUNf%2BQDyFjoIR8wiy87IkfgevA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43c3f845ba4-FRA
expires
Thu, 26 Jan 2023 22:25:13 GMT
api-eswhik-cpm-v2
cdn.eswhik.com/drive/api/ 		299 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e517ad8e188a0988539134143b8bdd42ae4bbeb66c9fa45fb4407489050d0e8

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified
Fri, 03 Jun 2022 22:29:28 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jn7Up0qxX6JjHJhMidqb9Ogf9K9msHCpXKfY%2FlXsdunmvl9TngVKIKiwAVaAoiQsVw0fkpLSN6Co8jy651BtXdFlbg0e4ZniCu3nflzBa%2BGC6uqgvplrwZ9j9IWRiyarNu0PHmhpovXCQBAxgg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
78cae43c4f865ba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
299
style-scripts-eswhik-premium.css
cdn.eswhik.com/drive/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/style-scripts-eswhik-premium.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22c72dadcee3108bec75726d338589e95b3e4f3800336c966a4f03f62a0ef7a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
132287
cf-polished
origSize=4757
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 08 Dec 2022 23:48:33 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbVsm5Zn0MvCIiE8K2SEHTAU2D98npT0xFekb8UrImT3agCjhpZdC2yDBEnQ%2FncOYoj5n3ZbTsfnguTmZic0SaqcGjCG%2B1Q47XmrKRRnBLHPI8hLK6Ibna5KDYztRcrUBDsohNho5VQt2j11Aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43c4f885ba4-FRA
expires
Thu, 26 Jan 2023 08:42:12 GMT
load-scripts-eswhik-premium.js
cdn.eswhik.com/drive/script/ 		990 B
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/load-scripts-eswhik-premium.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/npm/tags
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db3c4bd109137190d4a6cdb66954772cf7d0072d3e202fa6ce7ca40a2f70a65e

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82906
cf-polished
origSize=1160
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 30 Aug 2022 22:24:52 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJ2i8wgH1j1BbQ22TJqWDLbOZuR2YkVLnuMY0EvStI5nEdsvSWFDK5c%2F%2FT6IsfLp956P%2F29j4X6PhGn6gwWE9UjuP%2BZ8fsIwLyIFYQp9RI0OQrJ7aN6qaFN6rL%2BYhIKLClwgoSXn4YrBeJ0fQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43c4f8a5ba4-FRA
expires
Thu, 26 Jan 2023 22:25:13 GMT
style.css
eswhik.github.io/drive/buttons/z1/ 		6 KB
1000 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://eswhik.github.io/drive/buttons/z1/style.css
Requested by
Host: eswhik.github.io
URL: https://eswhik.github.io/drive/buttons/z1/config
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
bd910a0e75b960acc6dd11ac4d5064f949e2597fdee997ee19b0fd7f55176e56
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-fastly-request-id
1789d6504a45b5b6604184c0af21199832520c64
strict-transport-security
max-age=31556952
content-encoding
gzip
via
1.1 varnish
date
Fri, 20 Jan 2023 21:26:59 GMT
age
0
x-cache
HIT
x-cache-hits
1
x-proxy-cache
MISS
content-length
816
x-served-by
cache-hhn-etou8220057-HHN
last-modified
Thu, 24 Nov 2022 16:49:30 GMT
server
GitHub.com
x-github-request-id
7A26:2B30:9A4676:C81C59:63C98729
x-timer
S1674250019.383728,VS0,VE94
etag
W/"637fa09a-1618"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Thu, 19 Jan 2023 18:18:41 GMT
ionicons.esm.js
unpkg.com/ionicons@5.5.2/dist/ionicons/ 		399 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js
Requested by
Host: eswhik.github.io
URL: https://eswhik.github.io/drive/buttons/z1/config
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20193736d900f0b602a678f804676349764578ab2adcd07ffebb6d06df1afd96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://amenazaytx.site/
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
18281419
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G67PVMK56PN5KM8G1JRT3F07-fra
server
cloudflare
etag
W/"18f-B+zGUTbQ1uVsG8y1uf+53Qdwne0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78cae43d5e3f9043-FRA
error
eswhik.github.io/drive/buttons/z1/ 		23 B
189 B 		Script
General
Check archive.org
Download Go to
Full URL
https://eswhik.github.io/drive/buttons/z1/error
Requested by
Host: eswhik.github.io
URL: https://eswhik.github.io/drive/buttons/z1/config
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
7520d7376659fb82408fb03f940ca06a2ae4ba9723394ace502a90d0c06a9da7
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-fastly-request-id
0073ea2340127405da12627cdeabf379ef17a5fa
strict-transport-security
max-age=31556952
date
Fri, 20 Jan 2023 21:26:59 GMT
via
1.1 varnish
x-cache-hits
1
age
0
x-cache
HIT
x-proxy-cache
HIT
content-length
23
x-served-by
cache-hhn-etou8220057-HHN
last-modified
Thu, 24 Nov 2022 16:49:30 GMT
server
GitHub.com
x-github-request-id
BC2A:92CE:3D32F6:50B801:63C9C1AF
x-timer
S1674250019.385076,VS0,VE103
etag
"637fa09a-17"
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Thu, 19 Jan 2023 22:25:15 GMT
p-e26ac56f.js
unpkg.com/ionicons@5.5.2/dist/ionicons/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/ionicons@5.5.2/dist/ionicons/p-e26ac56f.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
411ebf3f42ff97b8fdcb02ef60f534e0fd011b86878ec33abf2509b4bfe58037
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
31152725
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FT83NYRGJE277N57NJX9DGY4
server
cloudflare
etag
W/"1d56-gDHdPSZYuc2h8Mf9Yj/8nfSlS9o"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
78cae43dcecf9043-FRA
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG2SR4CZDE
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/analytics-eswhik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
589289a1564f9b2715865a4f4157b18c7fe2f5356640040b18fe4794b0c20cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77661
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 21:26:59 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GG2SR4CZDE&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d3c4c837b5819844279739c76c3bffcfea32c9446541115d2b2275675b1190fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77776
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 21:26:59 GMT
js
www.googletagmanager.com/gtag/ 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2ZXVHQW49E
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/analytics-eswhik
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b8cc851d8366d011ad51901c3d940c5ba435c3397b7f64bf1aceaa27ba708c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78664
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 21:26:59 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2ZXVHQW49E&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62e581c1bbd38d721d61d9854299ff84c3a2fc39879bfbc97f0fe718f36a73ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77765
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 20 Jan 2023 21:26:59 GMT
api.js
www.google.com/recaptcha/ 		909 B
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/reCAPTCHA/Sistema-Blogger-2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3a696b72625c76c1c238f9a1f4a84549ab2af6a805ae2dd7c1cac6c429454f1c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
579
x-xss-protection
1; mode=block
expires
Fri, 20 Jan 2023 21:26:59 GMT
pregressAdTime.css
cdn.eswhik.com/drive/css/ 		13 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/pregressAdTime.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb28d5000b17859dbee113b7ac6558134eaf9ab5bba8b41d48c1610e8804b596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60692
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 10 May 2022 00:45:32 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUO88xDyKjhmnkYFcJLTIlkj7fgJbA%2BedwQNhHFP8PXUfUmhULJIh5GHDEDQ04BYdXRg3RiKa5CoKai3UFhAPGLnAL4g0fq1H2BRt1RabHFQpKGvtFil7Ps85dyiQCVwLyfMenOjhRuPjDLmTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43e7a505ba4-FRA
expires
Fri, 27 Jan 2023 04:35:26 GMT
progressAd.js
cdn.eswhik.com/drive/script/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/progressAd.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e9a2e4876f61521aed687586e4840c65bf58d912a4a381440acf47577ea62c

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61268
cf-polished
origSize=1645
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 09 May 2022 23:29:06 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9X7%2BRYRzIRb6aIUXlRZV3LKvJYrn%2BpQyoZ%2Bkvo0IcAK9F8BqCJrHCCzVpHrG6%2BVbGw3ZrxKzwRBEXlE8Pc2RxHFHB41KRl%2FQ6WcFNb4VVCrjaH5i96afuMQ%2FVbYdVAI5IercDHxNnFAFycRBtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43e7a535ba4-FRA
expires
Fri, 27 Jan 2023 04:25:51 GMT
ConfigProgressAd.js
cdn.eswhik.com/drive/script/ 		411 B
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/ConfigProgressAd.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1928021ac2964da4cb99e2cb77e08d93d00cfe849c65fbce3587231837b6c29

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64095
cf-polished
origSize=533
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 10 May 2022 01:04:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aIbuxq8jQR58EMB3epP24AAgte1nksKmZgJHJj3lTROr%2FvXo2%2FLuRTfTm3s8cm644a6XtUxGrHECxAMrhN7Ydj3IV%2FjLcbQvHXxmW3PLBzO3wvjLqtDZUNIXpVc6TlIZDLWLnd8FuxOgZsy%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43e7a555ba4-FRA
expires
Fri, 27 Jan 2023 03:38:44 GMT
eswhik-push
cdn.eswhik.com/drive/tags/ 		174 B
581 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/tags/eswhik-push
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/api/api-eswhik-push
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0afa89cb6e2f3db520516d605e1bfcc52b0818c0bacc2ccdbc36a99c1e2b40e3

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Jun 2022 22:28:26 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXYGRie2eJlk%2FDgNE%2BVSGbSE%2BJGVweHXk4yyPHYDOteJOjg6i%2FExxxA%2BC16%2BccJLusGNWWxmbOYKDPNHLlU7OuDyd1LN0Gs6wja9DA8RqPRL58%2Fdrs%2Bzk0uA2yaGIVu22i1F03ThIWgDm613qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43edab85ba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
prebid-2022-12-27.js
cdn.psdn.xyz/ Frame 5114 		371 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-2022-12-27.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7899e4ccdbb66bba8489aec160f24c1cb19781ae6811fc9ec69f582697e35a4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 27 Dec 2022 13:09:50 GMT
x-sp-metadata
HS256.CLOqrJ4GEogBCiQ4MzNmMWZmMi04OTE2LTRiMWItOGJjZS1iNWZhMjNjNDNhNTMQgMGmkNnD+wIaBgijjqyeBiINMjE3LjY0LjE1MS4xMCiygwMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDQ2YTFlNmNkLWYxY2UtNGI5Zi1hNjlhLTQ5ZDIxMzdkOTY3ZRjHwAciGAgCEhRjZHMyMDkubG80Lmh3Y2RuLm5ldA==.fJW8U8HfC0tZTyuXmHaEKq9bL+sZgZeaFcMvpUrxyoU=
x-amz-request-id
tx000000000000219d70b48-0063aaf2e9-34c6886a-nyc3b
etag
"e07bb8c29b8196e635a7e649e961ba8b"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1674250019.dop011.lo4.t,1674250019.cds223.lo4.hn,1674250019.cds209.lo4.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
content-length
122951
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG2SR4CZDE&gtm=2oe1i0&_p=1578021164&cid=479643305.1674250019&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674250019&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG2SR4CZDE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:26:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		110 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-205586502-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ZXVHQW49E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afd173873666e734af01e7660b353fa868002616bfd9f53ae26d538f14628afc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44041
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 20 Jan 2023 21:26:59 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2ZXVHQW49E&gtm=2oe1i0&_p=1578021164&cid=479643305.1674250019&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1674250019&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ZXVHQW49E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:26:59 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.purpleads.io/x/b/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=8808ac9e-4978-43c5-b1a0-cdc9495a71a4&ts=1674250019764
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash
a78c84726b5a002c2cc508b9cd2b4157597a2402cabc1e430470f08804acd5f9

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
gzip
pa-user-id
84c06a31-4ba1-44e1-9d34-7cdcd8eda63d
etag
W/"db1-FoWJ0qTORzcqBhcmhP2ou2IcCjc"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
110bc714-7f6e-43f1-8094-d2bb5043c18e
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=1&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=8808ac9e-4978-43c5-b1a0-cdc9495a71a4&ts=1674250019764
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:26:59 GMT
x-request-id
a3ad2e0d-dece-436e-8dba-c157a365f1a5
recaptcha__de.js
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ 		404 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11401b059365dd387ba607aa55ca532d326d764253ea85de141a4423cedfef27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
Origin
https://amenazaytx.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 17:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
165715
x-xss-protection
0
last-modified
Mon, 16 Jan 2023 01:02:16 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Jan 2024 17:10:26 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205586502-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 20 Jan 2023 20:26:10 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3649
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20085
expires
Fri, 20 Jan 2023 22:26:10 GMT
eswhik-push.css
cdn.eswhik.com/drive/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/eswhik-push.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/eswhik-push
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9337d4581e7a2b92236a8b8de8d8170c3fdd70c02533afe58c9a1295b69031d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
82906
cf-polished
origSize=1506
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 02 Jun 2022 22:21:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BUOiN6J4tItAvU7SqbdvwxocDzvixe%2FooRXul4bByJIdKGqJOrRuuLrYx6LzqywZx2iwXo7NTz5MLXdvB6xcBMDRCcRcX7UQ%2FozPkCP%2FdVlTfuqdBUGxFIzJhqWO1ASgGtct0LjszqRjTfmIdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43fec6a5ba4-FRA
expires
Thu, 26 Jan 2023 22:25:13 GMT
eswhik-push.js
cdn.eswhik.com/drive/script/ 		220 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/script/eswhik-push.js
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/eswhik-push
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad5d6395683df0773cfe7fa4d5a43d0f80399e6000469783a2dcae9522902986

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76172
cf-polished
origSize=290
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 03 Jun 2022 01:15:24 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPebN5SZ0Ns66lqhNI5LVcGV5O12U3QvyScarj%2BV8QQuid2k8%2F2gpsGwo0FLrRRw9ZKK1QO9sJi4fjUx9yRzc2EJZV80OnwEoFvRfZ9UEufpAP%2BVhti%2BYi0kwEYiqqOwPI9Xq%2FqJK9u%2BYCimVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78cae43fec6c5ba4-FRA
expires
Fri, 27 Jan 2023 00:17:27 GMT
cpm-script-v2-eswhik
cdn.eswhik.com/drive/tags/ 		108 B
561 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/tags/cpm-script-v2-eswhik
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f4d3d0e7fd1a21de4e275fd70b4ad1c4534abb87f800475966bfd3bff0d56e1

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 03 Jun 2022 23:04:16 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fE3C0VNic4o7bQmXIKwGpn9e1ShdqZbnYGhRvXB3sZ2Aos%2BFgBhVZDcn8XYk%2Fy%2FY6nOZcgXmk%2Bt6QwKv1mPwZMcHciW95ExSMbzL6g26F1eV9RZiE0YpUFqX0Jej7WoLq4jbg3ussxMB4RUoSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
x-turbo-charged-by
LiteSpeed
cf-ray
78cae4400c985ba4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1578021164&t=pageview&_s=1&dl=https%3A%2F%2Famenazaytx.site%2F&ul=en-us&de=UTF-8&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1768920904&gjid=1514482266&cid=479643305.1674250019&tid=UA-205586502-1&_gid=344008259.1674250020&_r=1&_slc=1&gtm=2ou1i0&z=2067516377
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:26:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
localstore.js
script.4dex.io/ Frame 5114 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 21:26:59 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2350547
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwOY7BBMsB261wPBWNnPr85rkhVXK1vsqF1%2FkGTqrFi6DfCtAT5Q9QNiIyse7nVF%2Fysi9mSbB%2BY7povY3HAtt%2BWmq8xoCUR2OdLC1DA7RLPo1J%2BJM5XKKiA2SMNcBDET0wLN3KlflI2Puk%2Fy"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
78cae4408a425c44-FRA
cdb
bidder.criteo.com/ Frame 5114 		18 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=86308944717&lsavail=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
mp.4dex.io/ Frame 5114 		114 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200b32faba6d425db016e3cf45bca5e1c2093677fa9172e914b955dca7569824

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-ref-gcp-ams
date
Fri, 20 Jan 2023 21:26:59 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
78cae4409d47bb77-FRA
expires
0
prebid
prebid.media.net/rtb/ Frame 5114 		1 KB
970 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3eb0c77d847b04466e4de3138d69c534f71a829db53498a6b10d6c570815fc47

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 20 Jan 2023 21:26:59 GMT
prebid-request
onetag-sys.com/ Frame 5114 		15 B
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
auction
tlx.3lift.com/header/ Frame 5114 		19 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Famenazaytx.site%2F&tmax=3000
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.28.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-28-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:26:59 GMT
accept-ch
sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 5114 		19 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:26:59 GMT
AN-X-Request-Uuid
8bfd8c9f-b5a7-4eca-b01e-c5f860fefc88
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://amenazaytx.site
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.10; 217.64.151.10; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ Frame 5114 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:26:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
server
envoy
vary
origin, Accept-Encoding
adreq
ads.servenobid.com/ Frame 5114 		730 B
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10794
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.146.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-146-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
158d79fd58c16335daa98076e3212bc0544a0077274ef3ba04da0ff06ec30e4b

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 5114 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:26:59 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
adagio.js
script.4dex.io/ Frame 5114 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 21:26:59 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
122531
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wwPILLKztN89J7qrkobVCoWSInd4Mnwy3yT3WKlysvz2XP7HJSPfrEw9KQ56T7LfhllifcB7MjLLScCXTZ1sNO2j6U8UGnpTqI9O%2Fqs6ETWtadyd11AD9p3X%2ByajOB6Dizxni%2BI%2BI58aNjW7"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
78cae440bf6a9b21-FRA
cpm-script-v2-eswhik.css
cdn.eswhik.com/drive/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.eswhik.com/drive/css/cpm-script-v2-eswhik.css
Requested by
Host: cdn.eswhik.com
URL: https://cdn.eswhik.com/drive/tags/cpm-script-v2-eswhik
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be53e65e477f21d0e1df301be1077c090084ff561f2023eff0600841a4433c9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
60692
cf-polished
origSize=1303
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 03 Jun 2022 22:21:18 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxchSNgollC3KqoIIF7fEXGBNlv7I3wnBIDRsk7uD5cWRG%2BhFhDLSJJdHE8zbJrKq2oBFIVEUNwUmsym9GptW4t3AzaPSQ%2BTJ6pDAoJxN5FqnNvQbasQnXSxbq6VMP2RLmeEyFdArkk9cPICag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
78cae4413df35ba4-FRA
expires
Fri, 27 Jan 2023 04:35:28 GMT
prebid-2022-12-27.js
cdn.psdn.xyz/ Frame 01E9 		371 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-2022-12-27.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7899e4ccdbb66bba8489aec160f24c1cb19781ae6811fc9ec69f582697e35a4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 27 Dec 2022 13:09:50 GMT
x-sp-metadata
HS256.CLSqrJ4GEogBCiQzYTExMjY2MC00ZGI3LTRlOWQtYWQyMy0wMjVjOTkyYjY5NTAQgMGmkNnD+wIaBgikjqyeBiINMjE3LjY0LjE1MS4xMCiygwMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDBkNjNhZTIyLWMwN2YtNGNkNC1iZWQ5LTVlODg1NTNhMDc1NBjHwAciGAgCEhRjZHMyMDkubG80Lmh3Y2RuLm5ldA==.ZSto8J64+sCnqtW3Zg+nyifOoJqnN42aT9iN3X8OOtY=
x-amz-request-id
tx000000000000219d70b48-0063aaf2e9-34c6886a-nyc3b
etag
"e07bb8c29b8196e635a7e649e961ba8b"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1674250020.dop011.lo4.t,1674250020.cds223.lo4.hn,1674250020.cds209.lo4.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
content-length
122951
pubads_impl_2023011101.js
securepubads.g.doubleclick.net/gpt/ 		383 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 04:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132552
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 09:35:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 04:20:45 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		273 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=amenazaytx.site
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b967a9c7e9f51e6f3864be1eb181611d4565d82b4d91a3f2df663a4200ce1f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
129
x-xss-protection
0
expires
Fri, 20 Jan 2023 21:27:00 GMT
Dark-Eswhik.png
eswhik.github.io/ad_pub_002/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eswhik.github.io/ad_pub_002/Dark-Eswhik.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
2cd28b80d9e535057a264ac2c787339c3a6e114da736881003dfd5e98ad3de47
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-fastly-request-id
205a5e52b12792ece03fb80a2d80298fa72b5a6f
strict-transport-security
max-age=31556952
date
Fri, 20 Jan 2023 21:27:00 GMT
via
1.1 varnish
x-cache-hits
1
age
0
x-cache
HIT
x-proxy-cache
MISS
content-length
23279
x-served-by
cache-hhn-etou8220057-HHN
last-modified
Fri, 25 Mar 2022 00:52:21 GMT
server
GitHub.com
x-github-request-id
BE68:7049:DE786C:123E743:63CAE224
x-timer
S1674250020.095815,VS0,VE94
etag
"623d1245-5aef"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Fri, 20 Jan 2023 18:59:08 GMT
blog3-e1670098934482-768x432.png
amenazaytx.site/wp-content/uploads/2022/12/ 		328 KB
328 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/12/blog3-e1670098934482-768x432.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1ed6438bfe41ea5183dba8da3c961dfa38e3090c39d6694fc5dd974f57ca56cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 03 Dec 2022 20:22:18 GMT
server
LiteSpeed
etag
"51e51-638baffa-48b4c670b0f41988;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
335441
expires
Fri, 27 Jan 2023 21:27:00 GMT
como-administrar-el-dinero-768x512.jpg
amenazaytx.site/wp-content/uploads/2022/12/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/12/como-administrar-el-dinero-768x512.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d190fcd22bee0b1952bd5d85ab6db8eff58d036a0208f762a4545057894ac559
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Sat, 03 Dec 2022 20:10:07 GMT
server
LiteSpeed
etag
"11ac1-638bad1f-38db3aad284830bb;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
72385
expires
Fri, 27 Jan 2023 21:27:00 GMT
1-7-768x432.jpg
amenazaytx.site/wp-content/uploads/2022/11/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/11/1-7-768x432.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e4f011e9a762c0349e2f4aa73435601afa2f5b7c86634b1d13052dee04e9897d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 16 Nov 2022 16:46:36 GMT
server
LiteSpeed
etag
"130df-637513ec-9e8536cd8492583a;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
78047
expires
Fri, 27 Jan 2023 21:27:00 GMT
whatsapp-plus-768x413.jpg
amenazaytx.site/wp-content/uploads/2022/11/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/11/whatsapp-plus-768x413.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
34dd97dc4df4b7473a8c722f5ee839300e53b5a2aefb2a051f6066bb93834e68
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Mon, 07 Nov 2022 14:55:35 GMT
server
LiteSpeed
etag
"59d9-63691c67-a5bfeb7144825637;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
23001
expires
Fri, 27 Jan 2023 21:27:00 GMT
CG_como-funciona-o-seguro-de-vida-ij_235111542.jpg
amenazaytx.site/wp-content/uploads/2022/10/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/10/CG_como-funciona-o-seguro-de-vida-ij_235111542.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
708a6d945667538389adeb9c23a11b00454203b2fd404b12895dd1d299a8be17
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Tue, 11 Oct 2022 22:19:04 GMT
server
LiteSpeed
etag
"9223-6345ebd8-6f9f73b26479a90;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
37411
expires
Fri, 27 Jan 2023 21:27:00 GMT
Como-aproveitar-a-variacao-do-dolar-para-investir-1-1536x864-1-768x432.png
amenazaytx.site/wp-content/uploads/2022/09/ 		472 KB
472 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/09/Como-aproveitar-a-variacao-do-dolar-para-investir-1-1536x864-1-768x432.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8ac459d121d8925bf01df7171ad77cf4d71374605c8eea575b68b2adfc005921
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Wed, 21 Sep 2022 22:05:05 GMT
server
LiteSpeed
etag
"75ec7-632b8a91-82bca3d32bb74308;;;"
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
483015
expires
Fri, 27 Jan 2023 21:27:00 GMT
tutorial-config-dvr-dahua-768x383.jpg
amenazaytx.site/wp-content/uploads/2022/05/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/05/tutorial-config-dvr-dahua-768x383.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
db355226168af7d46d5cef627cd58bac67c728ab4d22e1c6b4a47af69f8b951e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 12 May 2022 00:47:12 GMT
server
LiteSpeed
etag
"7ca4-627c5910-ae1ea68edab82e21;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
31908
expires
Fri, 27 Jan 2023 21:27:00 GMT
transferencia-web_10611-1-768x512.jpg
amenazaytx.site/wp-content/uploads/2022/05/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/05/transferencia-web_10611-1-768x512.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7fde7ce58c8978f3beb20f0406165d41a9700189b99b314c9d10220237ecb484
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 12 May 2022 00:46:27 GMT
server
LiteSpeed
etag
"4147-627c58e3-e98c88fdef01f63;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
16711
expires
Fri, 27 Jan 2023 21:27:00 GMT
maxresdefault-13-768x432.jpg
amenazaytx.site/wp-content/uploads/2022/05/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amenazaytx.site/wp-content/uploads/2022/05/maxresdefault-13-768x432.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:b:730:0:2ede:94d2:a Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7816252ae6607ec390b3c7c0a7223949d21681bd07452c96997ddb4979b56973
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 12 May 2022 00:45:40 GMT
server
LiteSpeed
etag
"dfde-627c58b4-11c1504791f81904;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
57310
expires
Fri, 27 Jan 2023 21:27:00 GMT
localstore.js
script.4dex.io/ Frame 01E9 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 21:27:00 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2350548
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWT8LLht7cWVM%2BeMxTvGiDcwQ1Hpv3wMJ%2F%2Fg8uqptqRDduvScoZMLpGtfHR1HmvM%2FQXbtJDN6jep1Qng9nonDejLNxtgJ1%2FTrNZJ42OIChRfqAoZ7oo7ODXbwRpmEu7VRZY7%2BfsfwqF7%2FJUA"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
78cae4420ce25c44-FRA
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=amenazaytx.site
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=amenazaytx.site
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3901675974967001&correlator=547040729847678&eid=31071692%2C31071775%2C31068367&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&iu_parts=21902364955%3A22623907295%2Ccm_as_amenazaytx.site_content_type_general_social_btf_fixed_top%2Ccm_as_amenazaytx.site_content_type_general_social_btf_fixed_interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=2027485967&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1674250020220&lmt=1674250020&dlt=1674250018204&idt=1981&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Famenazaytx.site%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=479643305.1674250019&ga_sid=1674250020&ga_hid=1578021164&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb5be4f76b8b9bca096d778a090fab19db64da40b1b5ca8dfbf9f4e175806ec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12916
x-xss-protection
0
google-lineitem-id
6133906979
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138408370984
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3901675974967001&correlator=547040729847678&eid=31071692%2C31071775%2C31068367&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&iu_parts=21902364955%3A22623907295%2Ccm_as_amenazaytx.site_content_type_general_social_btf_fixed_top%2Ccm_as_amenazaytx.site_content_type_general_social_btf_fixed_300x60&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x60&ifi=2&adks=841822932&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1674250020226&lmt=1674250020&dlt=1674250018204&idt=1981&adxs=15&adys=86&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Famenazaytx.site%2F&frm=20&vis=1&psz=300x250&msz=300x60&fws=0&ohw=0&ga_vid=479643305.1674250019&ga_sid=1674250020&ga_hid=1578021164&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31145b69a3dd573c8158f915353b0fef018b8eeacc9e756ae0ea9ff8670b46b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6983
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3901675974967001&correlator=547040729847678&eid=31071692%2C31071775%2C31068367&output=ldjh&gdfp_req=1&vrg=2023011101&ptt=17&impl=fifs&iu_parts=21902364955%3A22623907295%2Ccm_as_amenazayt.site_content_type_general_social_top%2Ccm_as_amenazayt.site_content_type_general_social_btf_300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=3&adks=1107868161&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1674250020232&lmt=1674250020&dlt=1674250018204&idt=1981&adxs=1083&adys=771&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Famenazaytx.site%2F&frm=20&vis=1&psz=337x600&msz=337x600&fws=4&ohw=1600&ga_vid=479643305.1674250019&ga_sid=1674250020&ga_hid=1578021164&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec2bd8770ac639cdf0f54fee30d908ffe67ebda12580cc16311c620336bb27c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6451
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6021 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 21:27:00 GMT
expires
Sat, 20 Jan 2024 21:27:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2023011101.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2023011101.js?cb=31071775
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac275ca2a119d8080881532a278a3fbec41631fadac0ab42fe51795ba673f9fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 04:22:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61458
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13715
x-xss-protection
0
last-modified
Wed, 11 Jan 2023 09:35:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 20 Jan 2024 04:22:42 GMT
prebid-request
onetag-sys.com/ Frame 01E9 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
mp.4dex.io/ Frame 01E9 		99 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1613679a503735ee9bcbbae077f9ebed01b42be461360c9d2c1514ef3f3ef06

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 20 Jan 2023 21:27:00 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
78cae4428958bb77-FRA
expires
0
cdb
bidder.criteo.com/ Frame 01E9 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=21202530658&lsavail=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 01E9 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:27:00 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
prebid.media.net/rtb/ Frame 01E9 		1 KB
710 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0ae6ea856aeb74f538733cde9374efd62277638efade11e0cedf596be1f3d559

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 20 Jan 2023 21:27:00 GMT
auction
tlx.3lift.com/header/ Frame 01E9 		19 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Famenazaytx.site%2F&tmax=3000
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.28.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-28-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:00 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
c
prebid.a-mo.net/a/ Frame 01E9 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:26:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ Frame 01E9 		139 B
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7a1841f8d7eab15782f203edf6f8dcf08816a138034f5595a477043e3b0d5ed2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:27:00 GMT
AN-X-Request-Uuid
98b9927d-0687-4611-9a57-eb62c317ca35
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://amenazaytx.site
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.10; 217.64.151.10; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adreq
ads.servenobid.com/ Frame 01E9 		730 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9293
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.146.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-146-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
158d79fd58c16335daa98076e3212bc0544a0077274ef3ba04da0ff06ec30e4b

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
/
api.purpleads.io/x/b/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=a71e7e32-ea1b-456b-aea3-bbb591040a40&ts=1674250020262
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash
fffcc891cdc95d0aab4d32618aced4f6467fd6a92dc1696d3f297e33e966b728

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a2741b6d55c6d59d3ca3b61810b2a8f8:981d8d69d9e8956be89103f0d9818163818996da27ceeea35fd96916e2a07ed56d6b62a3390f00edd9911894e1fec747c911ceb89cf8fda5918f54c61b3e2916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
pa-user-id
1ecceeb1-6a76-4740-a8de-1981435b85d9
etag
W/"de6-YWHh2ufV4OM7JSrYJxcGuz5+ECU"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
b53e76c8-1c16-4098-b411-18f9d6e80d56
/
api.purpleads.io/x/b/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=1583a00b-949e-471a-ae75-3e0c581c103c&ts=1674250020263
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash
96436759c0f56224789cfb0aedbd39bc9c99190efa420d2870a8251c30f58dfa

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer e5503a8be5c59196f7d89d8e3f76081b:dbf913c8afa5de89d6a2201b7b0168ff2e03ae5845bd84a2d8ea8b3f3876e67e82e8e6a8f68f61e4e7db1578fae8c6ec86745a077fe9c25c55d11ca810b16fb2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
pa-user-id
b20f5b8e-03ec-4494-b54e-df204af8d757
etag
W/"e0b-7dYymqREKerRw8p7525dgNokwjw"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
5fa9ad5e-0322-431b-8635-4bc5bda899bf
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=2&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=a71e7e32-ea1b-456b-aea3-bbb591040a40&ts=1674250020262
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:27:00 GMT
x-request-id
76a82cdb-c73d-4fef-8f92-1bc86b8d8016
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=3&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=1583a00b-949e-471a-ae75-3e0c581c103c&ts=1674250020263
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:27:00 GMT
x-request-id
1ee01285-93c5-4b85-a9a3-cd8028e9ce33
adagio.js
script.4dex.io/ Frame 01E9 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 21:27:00 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
122532
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCUslbNSBL4PExej771cc%2BbTf7oPPph2FJ%2BiiZtSoXZBgBXNZGFYd5YFcGt1LGDVOOIGww1LCOT53B0awPQtJw%2FqgxxIdWxdKXn5sx%2BBWtlm8EcjmH4BW4dMAczyrAE7KVrslpXkXp8OHqdE"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
78cae442db019b21-FRA
css2
fonts.googleapis.com/ Frame EEF0 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 20:00:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Jan 2023 21:27:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/ Frame EEF0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:58:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
16133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8191
x-xss-protection
0
server
cafe
etag
7335088802737092762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 16:58:07 GMT
22554.js
ads.rubiconproject.com/ad/ Frame 7CD2 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/22554.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
gzip
server
Apache
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=11912
access-control-allow-credentials
true
content-length
8916
expires
Sat, 21 Jan 2023 00:45:33 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7CD2 		155 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 21:27:00 GMT
prebid-2022-12-27.js
cdn.psdn.xyz/ Frame 9BDD 		371 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-2022-12-27.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7899e4ccdbb66bba8489aec160f24c1cb19781ae6811fc9ec69f582697e35a4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 27 Dec 2022 13:09:50 GMT
x-sp-metadata
HS256.CLSqrJ4GEogBCiRjMWU2NGI1Zi1jNjhlLTRlZjYtOTllYS00Y2IzNDNiZDY3OGIQgMGmkNnD+wIaBgikjqyeBiINMjE3LjY0LjE1MS4xMCiygwMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGI5YWU4ZWU2LTM4MmYtNGE4Yy1iZjM4LWE4YWU3NDQzOGY0ORjHwAciGAgCEhRjZHMyMDkubG80Lmh3Y2RuLm5ldA==.tKeEAA+IEVdb/CuyyvEfhtn0YA7j/2LKfn9Fn/Hvb90=
x-amz-request-id
tx000000000000219d70b48-0063aaf2e9-34c6886a-nyc3b
etag
"e07bb8c29b8196e635a7e649e961ba8b"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1674250020.dop011.lo4.t,1674250020.cds223.lo4.hn,1674250020.cds209.lo4.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
content-length
122951
/
api.purpleads.io/x/b/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=5bc2ec7b-e1c8-4630-b682-cc0b6626ae96&demand=unifiedPb&ts=1674250020564
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash
3434bc3dd0c771a9fd5fc2cd2579c8e8af1a8cdf136927f4ad883f236f62fb4a

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
gzip
pa-user-id
98ba4f85-06a9-4fc8-9cd2-091ce285ff30
etag
W/"9aa-fvyJJ9xBfJngO/C1v83DCkaBv80"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
ba5a822b-b034-4d51-93c0-846e9f81f2c1
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=4&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=5bc2ec7b-e1c8-4630-b682-cc0b6626ae96&demand=unifiedPb&ts=1674250020564
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:27:00 GMT
x-request-id
21355207-6763-4537-8146-0c5d8a5f7f6d
prebid-2022-12-27.js
cdn.psdn.xyz/ Frame 55FE 		371 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.psdn.xyz/prebid-2022-12-27.js
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7899e4ccdbb66bba8489aec160f24c1cb19781ae6811fc9ec69f582697e35a4b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 27 Dec 2022 13:09:50 GMT
x-sp-metadata
HS256.CLSqrJ4GEogBCiQ1MTQ0NDAwNy0wZGNkLTQ1ODMtYmUzYi00ZDBjNDA4NDVlN2MQgMGmkNnD+wIaBgikjqyeBiINMjE3LjY0LjE1MS4xMCiygwMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDhkZTM1N2JhLTY4OGItNGM3MC05MGJiLTIzMzIzZDk1ZTM3ZhjHwAciGAgCEhRjZHMyMDkubG80Lmh3Y2RuLm5ldA==.sFA6DOcK27YxiRDqaaBTl9YKZYmvTwLws061lQIIuRs=
x-amz-request-id
tx000000000000219d70b48-0063aaf2e9-34c6886a-nyc3b
etag
"e07bb8c29b8196e635a7e649e961ba8b"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1674250020.dop011.lo4.t,1674250020.cds223.lo4.hn,1674250020.cds209.lo4.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=31536000
accept-ranges
bytes
content-length
122951
localstore.js
script.4dex.io/ Frame 9BDD 		483 B
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 21:27:00 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2350548
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FukoW8Krph5jSsqTiHrOqH5zQGvphk2ho8AE%2FhTsVAL%2BpW3oHZWD9wbE2gJb6Rjq19Q6cbIWLy462shGHlTPq5RfbZfheTclAfXfMdYTHbWr%2FbdIk4rNIBhWu%2FZMbXArddOSFjFA%2BH6rU1m9"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
78cae444f9555c44-FRA
prebid-request
onetag-sys.com/ Frame 9BDD 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
adreq
ads.servenobid.com/ Frame 9BDD 		730 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10256
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.146.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-146-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
158d79fd58c16335daa98076e3212bc0544a0077274ef3ba04da0ff06ec30e4b

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
mp.4dex.io/ Frame 9BDD 		99 B
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
befbc9a1795c7cae97e34dc7dbec03bcd1402656f22d28a63a3d38660023f501

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Fri, 20 Jan 2023 21:27:00 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
78cae4450de4bb77-FRA
expires
0
auction
tlx.3lift.com/header/ Frame 9BDD 		19 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Famenazaytx.site%2F&tmax=3000
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.28.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-28-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:00 GMT
accept-ch
sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ Frame 9BDD 		1 KB
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ff677d148c959d7f477efe17cbf64fae2c9d84711e9539cc11ad949c3796189d

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 20 Jan 2023 21:27:00 GMT
cdb
bidder.criteo.com/ Frame 9BDD 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=14355759725&lsavail=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ Frame 9BDD 		139 B
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7ffa37acead2a447d6f1620a5314b36707545dce545c1e5bde983ba6b79273cd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:27:00 GMT
AN-X-Request-Uuid
7810fc2d-b5a2-4b50-8137-0cfc5c9fa1f3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://amenazaytx.site
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.10; 217.64.151.10; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9BDD 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:27:00 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ Frame 9BDD 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:26:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
server
envoy
vary
origin, Accept-Encoding
localstore.js
script.4dex.io/ Frame 55FE 		483 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 21:27:00 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2350548
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0ugv33v8%2BZV6kHdjQKTF2TlMkebIkprP9pEwLs0TRCqw9QGatvLKhyEFD%2B8lNI4D%2BqMSrvuh6GFBm03sQiqha0AMGqCA5FkVqM6JOubeHJQCtNROYYNCHM3ZABs5S6jrJISMUDZsN3N3V4o"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
78cae44549de5c44-FRA
auction
tlx.3lift.com/header/ Frame 55FE 		19 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Famenazaytx.site%2F&tmax=3000
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.28.56 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-28-56.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:00 GMT
accept-ch
sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid-request
onetag-sys.com/ Frame 55FE 		15 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ Frame 55FE 		19 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:27:00 GMT
AN-X-Request-Uuid
14e2b2c2-c86b-4c0a-867b-8e4bac3d6b6f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://amenazaytx.site
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.64.151.10; 217.64.151.10; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ Frame 55FE 		0
132 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:26:59 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
server
envoy
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 55FE 		0
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:27:00 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
adreq
ads.servenobid.com/ Frame 55FE 		730 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3112
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.146.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-146-35.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
158d79fd58c16335daa98076e3212bc0544a0077274ef3ba04da0ff06ec30e4b

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://amenazaytx.site
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ Frame 55FE 		1 KB
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU2BX48Z
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
369241ffa9329b29bf05bd494a0ea370f08ff5cef21d3832959f2e42587e0b76

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:00 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://amenazaytx.site
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 20 Jan 2023 21:27:00 GMT
cdb
bidder.criteo.com/ Frame 55FE 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=48034954902&lsavail=1
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 20 Jan 2023 21:26:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
mp.4dex.io/ Frame 55FE 		99 B
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.psdn.xyz
URL: https://cdn.psdn.xyz/prebid-2022-12-27.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f96064a97b016c25d7a634dfcf6f75aa6f9d2a6c636bc101772b07d181548a5

Request headers

Referer
https://amenazaytx.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-ref-gcp-ams
date
Fri, 20 Jan 2023 21:27:00 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: gpt-passback, Process Seats Booster. unable to get the seat booster engine for organization: 1263
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
78cae4456e9cbb77-FRA
expires
0
adagio.js
script.4dex.io/ Frame 9BDD 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 21:27:00 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
122532
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLR5ZkMAuT3YrL7mE6rAZNH6Dox87OYogWgOd9joK6VU61y66iDtQfEXNEBfTvBMwBISahqFukboVIfD2K7kPPR7nFe%2BlBKhhFOD%2FXn0CPzCZfrtTvPP8y3F7rrlAtmYoHBAw7yBWPzgWS%2FZ"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
78cae4456f179b21-FRA
adagio.js
script.4dex.io/ Frame 55FE 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Fri, 20 Jan 2023 21:27:00 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
44745
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vd0y4aThKI%2BtlRjjkXm08bd%2BOwSTW6CPO%2BjEGcPNcT1ahtGZvBVo6XjHWR5hetvsSlN%2FKlexiPsTp8c5GzrkpFBob4yAmxgPgXWM8SEKRpW7zw0WYxXIhRpbgXP%2BKkozcyUgzEaN2Wswicjj"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
78cae4458ee69006-FRA
Expires
Fri, 20 Jan 2023 21:57:00 GMT
/
api.purpleads.io/x/b/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=5&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=8808ac9e-4978-43c5-b1a0-cdc9495a71a4&demand=unifiedPb&ts=1674250020951
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash
d521337f17e3a6d3534e1bca426003a3c011cb3f5b8de0f31f69e9e81e2414c3

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
gzip
pa-user-id
ce19ec3f-3275-4db6-9f42-51e8ad8ba2fe
etag
W/"9aa-zjODkDJ5RUOXbg68BJepAfcPSJ0"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
58c088a3-e851-45a6-9121-f4f5b7990722
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=5&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[970,90],[728,90],[468,60],[320,100],[320,50],[300,100]]&slotid=8808ac9e-4978-43c5-b1a0-cdc9495a71a4&demand=unifiedPb&ts=1674250020951
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:27:01 GMT
x-request-id
39d76334-d0bd-4d23-878a-257829fe2bac
eyJpdSI6IjBjZTNkYjMxZDdmMTg1ZGIyMDY4NmI2YTE1N2JlNWFkOWNmOTE3ZWEzYTNiMGIyNzA5MGQwOTI5OWJjMTEwMDUiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 40BC 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBjZTNkYjMxZDdmMTg1ZGIyMDY4NmI2YTE1N2JlNWFkOWNmOTE3ZWEzYTNiMGIyNzA5MGQwOTI5OWJjMTEwMDUiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c8d35b6735bd64c48530fe7112c9d455a32daac39b5e3430a6043e817622e28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
last-modified
Mon, 03 Oct 2022 10:49:28 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=676563
access-control-allow-credentials
false
x-traceid
d336b923a4e46c96bbef29110b814063
timing-allow-origin
*, *
content-length
52342
i
api.purpleads.io/x/a/d06e6e04415ff44ec50b6409168e1043:4e8cb505f740d775adec52fed2da0a650127c526e4caa908c49cd55035dba86991b301a5b23e7164a36a0db3b4a5b17f1ea7389218efed814dd081346b34e1cb429350020c5463a... Frame 40BC 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.purpleads.io/x/a/d06e6e04415ff44ec50b6409168e1043:4e8cb505f740d775adec52fed2da0a650127c526e4caa908c49cd55035dba86991b301a5b23e7164a36a0db3b4a5b17f1ea7389218efed814dd081346b34e1cb429350020c5463aca07217ef34a60e03806cc8f35facd12543ad5a95e4d7fe95ddfcdd2419e674403a258a5d8671e5aa395baff307c4570d8c95eeba1ba5df1b977ba8455bf5ae1e42b92b4c2ea6cdc3/i?id=ba5a822b-b034-4d51-93c0-846e9f81f2c1
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
api.purpleads.io
date
Fri, 20 Jan 2023 21:27:01 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
2a9ff310-3163-4c98-8df1-1eb351a4d333
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 40BC 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=a728dbb83e43b8d37b6e7483bab3a493&pvId=a728dbb83e43b8d37b6e7483bab3a493&sid=9435706&pid=45718&idx=4&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:27:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
b719d09d5e540cc80f5cf8f45e0ed48b
Content-Length
4
Expires
0
log-viewability
log.outbrainimg.com/loggerServices/ Frame 40BC 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/log-viewability?requestId=a728dbb83e43b8d37b6e7483bab3a493&position=0
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:27:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
280ed2afde21835e145b90486c7b1a71
Content-Length
4
Expires
0
2490514-15.js
smarttag.rubiconproject.com/a/22554/435054/ Frame 7CD2 		147 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/22554/435054/2490514-15.js?&cb=0.7572552501268388&tk_st=1&rf=https%3A//amenazaytx.site/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=435054_15&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/22554.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
147
expires
Wed, 17 Sep 1975 21:32:10 GMT
container.html
eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0061 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 21:27:00 GMT
expires
Sat, 20 Jan 2024 21:27:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
api.purpleads.io/x/b/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=6&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=a71e7e32-ea1b-456b-aea3-bbb591040a40&demand=unifiedPb&ts=1674250021153
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash
773669739ce7f9de7ec03ebe249378bd6d559bce3ef8e8f2b9ad328e546ddc6a

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer a2741b6d55c6d59d3ca3b61810b2a8f8:981d8d69d9e8956be89103f0d9818163818996da27ceeea35fd96916e2a07ed56d6b62a3390f00edd9911894e1fec747c911ceb89cf8fda5918f54c61b3e2916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
gzip
pa-user-id
4de1b543-987e-4b1b-a820-73b4eb38322d
etag
W/"9aa-x0SFUzf/ZIEsKoG43PRt9siVcZw"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
56ad0378-c003-4189-b438-811ad4c5b22e
/
api.purpleads.io/x/b/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=7&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=1583a00b-949e-471a-ae75-3e0c581c103c&demand=unifiedPb&ts=1674250021154
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash
b97126edfd7e9abad50c5ca9120c67c3763b62579f4768d5b73e672d3ea56826

Request headers

x-request-url
aHR0cHM6Ly9hbWVuYXpheXR4LnNpdGUv
accept-language
de-DE,de;q=0.9
Authorization
Bearer e5503a8be5c59196f7d89d8e3f76081b:dbf913c8afa5de89d6a2201b7b0168ff2e03ae5845bd84a2d8ea8b3f3876e67e82e8e6a8f68f61e4e7db1578fae8c6ec86745a077fe9c25c55d11ca810b16fb2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://amenazaytx.site/
x-purpleads-version
2.4.2

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
gzip
pa-user-id
42699387-c94d-4ecb-91c8-b68ba95aa6be
etag
W/"9aa-rVUHjp/2DdChUlm5kfQ5+jrkSQ0"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://amenazaytx.site
access-control-allow-credentials
true
x-request-id
884ee940-c5e9-4b03-b622-a52ef2153386
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=6&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=a71e7e32-ea1b-456b-aea3-bbb591040a40&demand=unifiedPb&ts=1674250021153
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:27:01 GMT
x-request-id
a01f3e5d-cfab-4d25-a682-797c483b7b48
/
api.purpleads.io/x/b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.purpleads.io/x/b/?idx=7&pid=dd43c076ea544916b4b540018a1350d5&sizes=[[970,250],[970,90],[728,90],[468,60],[336,280],[300,600],[300,250],[160,600],[120,600],[200,200],[250,250],[320,100],[320,50],[320,480],[300,100]]&slotid=1583a00b-949e-471a-ae75-3e0c581c103c&demand=unifiedPb&ts=1674250021154
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-purpleads-version,x-request-url
Access-Control-Request-Method
GET
Origin
https://amenazaytx.site
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,content-type,x-purpleads-version,x-request-url
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://amenazaytx.site
date
Fri, 20 Jan 2023 21:27:01 GMT
x-request-id
5120158b-fe40-4e62-bbc3-894cdc84020c
pixel
googleads.g.doubleclick.net/xbbe/ Frame FCB8 		624 B
741 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYxNPDmAEwAQ&v=APEucNXHo5-AZCzOApupw9QofNUWbMqbEcaZcusO7q8EA6uSLy94xJdiOoprA0jKA-S4f7uCL_80bw9cGIw20C94pozMkJWz-Zz3le9YTS8BX9XwV-8QNgnE2IOqx-skBpVj_SnHQP-zcpt3zS4jfJqgmylZR3HL4iimSee2e7dLvszEv45Wrlg
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 21:27:01 GMT
expires
Fri, 20 Jan 2023 21:27:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0061 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 21:27:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0061 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BzHF1QmpN9m_6v9J7uTW7RSJ-TiA5AgqFi2nV91g8ye84ijaMg2Wpux6dq4e3D48xJzofxzuMTZM1DrCOCqj37kXzwT2Rd3Vf_STzA9B4RE7_43p0
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0061 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4319220163507396005&x=1&ct=76
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 0061 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 19:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
7032
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 19:29:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame 0061 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:49:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
16639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 16:49:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0061 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 21:27:01 GMT
rum
dsum-sec.casalemedia.com/ Frame FCB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-hEm3mL1O3RAAk3lB4siw&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-hEm3mL1O3RAAk3lB4siw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYxNPDmAEwAQ&v=APEucNXHo5-AZCzOApupw9QofNUWbMqbEcaZcusO7q8EA6uSLy94xJdiOoprA0jKA-S4f7uCL_80bw9cGIw20C94pozMkJWz-Zz3le9YTS8BX9XwV-8QNgnE2IOqx-skBpVj_SnHQP-zcpt3zS4jfJqgmylZR3HL4iimSee2e7dLvszEv45Wrlg
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:27:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-hEm3mL1O3RAAk3lB4siw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FCB8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8sHJaR81zo.yCRf-FoDCQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-hEm3mL1O3RAAk3lB4siw&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-hEm3mL1O3RAAk3lB4siw&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYxNPDmAEwAQ&v=APEucNXHo5-AZCzOApupw9QofNUWbMqbEcaZcusO7q8EA6uSLy94xJdiOoprA0jKA-S4f7uCL_80bw9cGIw20C94pozMkJWz-Zz3le9YTS8BX9XwV-8QNgnE2IOqx-skBpVj_SnHQP-zcpt3zS4jfJqgmylZR3HL4iimSee2e7dLvszEv45Wrlg
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:27:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-hEm3mL1O3RAAk3lB4siw&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FCB8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEH0e6WVk-1301ufM2rEy8Cw&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEH0e6WVk-1301ufM2rEy8Cw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYxNPDmAEwAQ&v=APEucNXHo5-AZCzOApupw9QofNUWbMqbEcaZcusO7q8EA6uSLy94xJdiOoprA0jKA-S4f7uCL_80bw9cGIw20C94pozMkJWz-Zz3le9YTS8BX9XwV-8QNgnE2IOqx-skBpVj_SnHQP-zcpt3zS4jfJqgmylZR3HL4iimSee2e7dLvszEv45Wrlg
Protocol
HTTP/1.1
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:27:01 GMT
AN-X-Request-Uuid
c53e16bd-0299-4d32-b49d-05a82057ff1f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.64.151.10; 217.64.151.10; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEH0e6WVk-1301ufM2rEy8Cw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FCB8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5ODA3NzQyMDk2Njk3MjAzNA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5ODA3NzQyMDk2Njk3MjAzNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxDD7WMYxNPDmAEwAQ&v=APEucNXHo5-AZCzOApupw9QofNUWbMqbEcaZcusO7q8EA6uSLy94xJdiOoprA0jKA-S4f7uCL_80bw9cGIw20C94pozMkJWz-Zz3le9YTS8BX9XwV-8QNgnE2IOqx-skBpVj_SnHQP-zcpt3zS4jfJqgmylZR3HL4iimSee2e7dLvszEv45Wrlg
Protocol
H2
Server
142.250.180.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 20 Jan 2023 21:27:01 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.64.151.10; 217.64.151.10; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bf5a6ceb-de3d-45ec-8b03-6d2bccdb8ad7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE5ODA3NzQyMDk2Njk3MjAzNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0061 		0
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8062460231578&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0061 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8062460231578&version=m202209210101&ct=76&x=1&cor=4319220163507396000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0061 		81 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRyd8ZbXB_oWQfBSf8DO1KbA-kMj7teGsiEo_rZVP9hEVb5lHMBNispaikG30cba2xIMfqMwDxNw59EPl1r7YWjMkXzA&cry=1&dbm_d=AKAmf-BNzV6R4yrRuUDYKC5Z748duhbBwNdbq1ihtWcev-D4S-L7znrAXwhnZFNiUZk7bHpt4_FUp9-d-77rztvs_mdMrxCY20O0kwh_-T8QOrJop028E2noT_t6HwDvSh2vW_UBdACOgbrDOxxuqFYpV1xg8T_PoWv2c1Ohzl1alna71rXgpGm6knWGj_A6Kmpt-jk6uAhLYuiAQX00xjY_MilyVAuEaSO1H9F7VyZrvtM0yBiwqD7_dgYYoJfCpqhtoAfNsC7G2u9TBQg_abLsM69wcppJNLcP884J6OHnLB5xvSX1ju5YY2OFpJhiso4u8hZcY4esCR8RkcUZnVOnhCz3C0WfTry9cqqG6khjLA5wZnUXx9AZexUIFqzaFojjAd6wv2tVpStFfEgHEuccNi5SYUrSjYObM9JTN5-ueffxp-00ds82uz6iLfBkaq4XiSptSpFZu3WPUWDy78uLzIlRwwn_JJSqR23wmqpSqSooEWpEdX154CJ0jXqYFlnUuH7R1IomGqMGIA0kRDlzWSFYnZIlNsTmUjNxC1Yux9GlldqnGqXkIMNsJF0BsDJ2TEFc1Dwe-mCwjViIbipwXcxxSj6hEVf838s2lu31Ub9oAf2NP2Xi9ADChT7VnNP7XpEVjSSprKdzZeU-KUTv72uc5xBHqo5jYOKmo834iQP2963kN9ry-6LaDPQue4-wD9XfJoboi5NgRRcZrh4118s_unvJNGyH8S14LSoNHoekGbmmaBOGUQBYpMu_rzVW6hXyjdhQWcGD1TTpEaEVjmuFOTqDMeSQ0TxMoiKzxpoHktnWmdVdkfjmIUQNN2Ff1CpS31omV8Svavjn6Uei9_w_DecPW3kydP9WaKaW5zgn2MFFcKVj76MjaLwy5CXeLWzD6aaHExHi-kCcFqTnAWppncvrzK80LzRG-J35GQSpyNkVolreLtZD8BtCnYMCnfU4E4SX6qa65OH3OcAS275fL5lUCXrcumQXCxJzs4pddtyJufAa7ciFuLnNOqDUzxp_aIR2CTx_-ntbT_FKiFqcQpmkudlQ-T5APpQwdNzHPr9FG-0R7J2kVyAcDv5CiNbAihuMUGqDlp6CnvbOVZRYc-LGJtL5ALq0wXYnBvO4AMxHIfRJXkSAqdFJCTUufzUz1xtnx8h3eu9zIFbn6S6H5vwzjU-rF8LRclQUU_HcZEKWZr_epJfqD6V54_3tYPTDxhaix9VoPUVjjh9Y91caib4CQKbA_xgvaEoTGXMRwa1DG86QfnlL-LFgG5xYZ8UaIIQSw09nYFl-A2GRFoO2wPOefedXYmPIeWzbW9rZ0XjWCFGUZNOFKrT-yfgnZfNlCmOX4JC9gTtw-Nw16ziIl0vX6uXEkCyns4Ruuy1SSYYnU7bbgQkbaFD9WdGi-FgrEOTKqb8F7J9_8I7yTqDWVqq_oCCUXQE-8YzTl0mih8xOUHNWZ-CvsgHhj14IwcjSeO3tXFH4aPrvlkXYSMJ2ICgXjQN87BYmHwqAP5lj_9o2PwkEhs58UjngGuTjzHDaKaHweYmOXGbdvX_Wbt846mujhTKicRmk-1j8uWZgZGGt4hyZbJoHjBRlmoAA6kV3TAdqHQHNZojCaIB7BxzI-qXnQ-TFdZcauKMx_7WN9KwQA2oW2k9YxjYMZn3k71ACEHp9HhIQiEo6-tDIxWyUjC4xNsxCVaJThIZs-szBIAu8w9bQDohL3lbsZWTugm1f8OmPCT4RzKQcl7oOdEDgDLtH1tSeyRUuUWmKraKFo_ByWui8etDpj6lzs2rSf9aKs8Tnx_eEe_QBbbJ8NKBKz2kugYzuNz2Yrl-4JupTtqWGhEQTos8sPJJV7RBvptnZg5yLsRD1HHdHMrQah7JAiH4z89RB-AZIlcm8PP7YQ5RopmRpsM_tAoFebsZZ_9CS6RJ41eUVar3HsytO7m1o0coWcD6WOdTbBEjP2B_XZ1fQ2JKugJTDA3wt9ncRwdLWUcnyfAv_0BVBKPxwLitX6hTSCCUa0C6Jo1q7kjnB9q3N86NQ14_8Ri9UQbDh9_aMw314qY98aPZG_KdBdJrNgO-J6ZtG-L6rkU6651JRbKPHjZWDcN3XeJ9tslik1C9h5fzm-gr2um0A3Pit8PWFPAslidw3BsDryfUTwgZ3AQg7X59GzxkjTzk-9BF7oThFsT_f1mnHyMWyw04xEd2xFAJBnh0V92Sr2hjT0KZPSQVO84TsJtCpwb1w_NsbCf0CdQIsbG5jRGs1Qv0qA-4JLca7YAEMtzv7D0mMnZEpprca7UbQg1bJT5hboHKQtK_9F6cZzDI0GaimuGn1cMXOrvXbtotk_MstCTYIVwZe5m_xF5UoSiI9PGj32kW9mEUrdVKAXkgbRFwuHCFJyxpQ8Ks0wplHNOlbCwu4fbOwupjfONOBxOXsOkXafLErqZr9gUhkpsyUcUca-XDefixskQnFFX5MbK79QdajzW9WAVOsBEK9uGTxUJJCl9hIEC9RUXDnlAB1C42cd6M4CJ8EqwZiKgfEwZ8C4ORTbcCOOwnBHeQhIibgzA8V-xbbCbPl4QApPmUVj4drvAbx2QS-YTSe1J8LMFIcjMG8aLyTjEP6JwafibX0EAfj2HTo6N-ov2Y_9V2J4-yJ4LaS8FLvJqfn3y0KLoOLqx-zhXZK-NxKhQKuMUN_r2P3p2wFWi10Sackx2eLH-R18lF89L6ihnPIH8NeGcLi8-EPrxyc18y671aNeAlcxdX1z7VaeUAAfkk5nkLyvgyJR7BUCQw02HKNs3Uw3lm93m9F2Mq3kkwqmxEaWd73xofjY0c_UUY2TDRia78hQY9dyA8nik7xT0jUsn4zLR3Xxpe717sGsXHS_Dwj-wRG-kqRv8svZF2m8aZx3519BOINcVJlwa5TM0ULzCQoHLcVQ2mWSjtedQVA07SpsTV829tU4B1fKIGxtDNyRtbqhgiwmPLe4grpx2FlOmMe6S64i2y8YGurRK5wIErtqz4PxftrcED5byJTUVy5hJzn1cauEfwOcwvgsm0uAV8OtCZ1SHO8k_y8B5IzZikE9CtzdmLQkbdmPoMl_kutfD4FxwJsxyWqZK3-SLceEReliQr8r_VvFrW5EL5gbrc-pBcee5g4nPd4ZPKXB9iWFGqvxQaDl8v-YhIK7YgXFs9Sw6hA6zNZ4S6NjfXlE24&cid=CAQSTADq26N91H6YCwTYCV_EqLsBXqMY5zNANru62L66220zqfL2GvUnDwwv4nGKsygQquNWRbrCjuaeYm55pvU1c0_0-SIaGLNsNYbpObsYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Famenazaytx.site%2F&ds=l&xdt=1&iif=1&cor=4319220163507396000&adk=2857193498&idt=85&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46dfa5ccfeb01ea2b02c17b912802eeae9bc2fb7b50ce379768a0ab85529b4e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34869
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1x1.png
secure-assets.rubiconproject.com/static/psa/blank/ Frame 7CD2 		156 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-assets.rubiconproject.com/static/psa/blank/1x1.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-145-246.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
gzip
last-modified
Tue, 01 Oct 2019 16:53:58 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-length
155
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0061 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
Origin
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:07:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44379
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Jan 2023 09:07:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/ Frame 0061 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRyd8ZbXB_oWQfBSf8DO1KbA-kMj7teGsiEo_rZVP9hEVb5lHMBNispaikG30cba2xIMfqMwDxNw59EPl1r7YWjMkXzA&cry=1&dbm_d=AKAmf-BNzV6R4yrRuUDYKC5Z748duhbBwNdbq1ihtWcev-D4S-L7znrAXwhnZFNiUZk7bHpt4_FUp9-d-77rztvs_mdMrxCY20O0kwh_-T8QOrJop028E2noT_t6HwDvSh2vW_UBdACOgbrDOxxuqFYpV1xg8T_PoWv2c1Ohzl1alna71rXgpGm6knWGj_A6Kmpt-jk6uAhLYuiAQX00xjY_MilyVAuEaSO1H9F7VyZrvtM0yBiwqD7_dgYYoJfCpqhtoAfNsC7G2u9TBQg_abLsM69wcppJNLcP884J6OHnLB5xvSX1ju5YY2OFpJhiso4u8hZcY4esCR8RkcUZnVOnhCz3C0WfTry9cqqG6khjLA5wZnUXx9AZexUIFqzaFojjAd6wv2tVpStFfEgHEuccNi5SYUrSjYObM9JTN5-ueffxp-00ds82uz6iLfBkaq4XiSptSpFZu3WPUWDy78uLzIlRwwn_JJSqR23wmqpSqSooEWpEdX154CJ0jXqYFlnUuH7R1IomGqMGIA0kRDlzWSFYnZIlNsTmUjNxC1Yux9GlldqnGqXkIMNsJF0BsDJ2TEFc1Dwe-mCwjViIbipwXcxxSj6hEVf838s2lu31Ub9oAf2NP2Xi9ADChT7VnNP7XpEVjSSprKdzZeU-KUTv72uc5xBHqo5jYOKmo834iQP2963kN9ry-6LaDPQue4-wD9XfJoboi5NgRRcZrh4118s_unvJNGyH8S14LSoNHoekGbmmaBOGUQBYpMu_rzVW6hXyjdhQWcGD1TTpEaEVjmuFOTqDMeSQ0TxMoiKzxpoHktnWmdVdkfjmIUQNN2Ff1CpS31omV8Svavjn6Uei9_w_DecPW3kydP9WaKaW5zgn2MFFcKVj76MjaLwy5CXeLWzD6aaHExHi-kCcFqTnAWppncvrzK80LzRG-J35GQSpyNkVolreLtZD8BtCnYMCnfU4E4SX6qa65OH3OcAS275fL5lUCXrcumQXCxJzs4pddtyJufAa7ciFuLnNOqDUzxp_aIR2CTx_-ntbT_FKiFqcQpmkudlQ-T5APpQwdNzHPr9FG-0R7J2kVyAcDv5CiNbAihuMUGqDlp6CnvbOVZRYc-LGJtL5ALq0wXYnBvO4AMxHIfRJXkSAqdFJCTUufzUz1xtnx8h3eu9zIFbn6S6H5vwzjU-rF8LRclQUU_HcZEKWZr_epJfqD6V54_3tYPTDxhaix9VoPUVjjh9Y91caib4CQKbA_xgvaEoTGXMRwa1DG86QfnlL-LFgG5xYZ8UaIIQSw09nYFl-A2GRFoO2wPOefedXYmPIeWzbW9rZ0XjWCFGUZNOFKrT-yfgnZfNlCmOX4JC9gTtw-Nw16ziIl0vX6uXEkCyns4Ruuy1SSYYnU7bbgQkbaFD9WdGi-FgrEOTKqb8F7J9_8I7yTqDWVqq_oCCUXQE-8YzTl0mih8xOUHNWZ-CvsgHhj14IwcjSeO3tXFH4aPrvlkXYSMJ2ICgXjQN87BYmHwqAP5lj_9o2PwkEhs58UjngGuTjzHDaKaHweYmOXGbdvX_Wbt846mujhTKicRmk-1j8uWZgZGGt4hyZbJoHjBRlmoAA6kV3TAdqHQHNZojCaIB7BxzI-qXnQ-TFdZcauKMx_7WN9KwQA2oW2k9YxjYMZn3k71ACEHp9HhIQiEo6-tDIxWyUjC4xNsxCVaJThIZs-szBIAu8w9bQDohL3lbsZWTugm1f8OmPCT4RzKQcl7oOdEDgDLtH1tSeyRUuUWmKraKFo_ByWui8etDpj6lzs2rSf9aKs8Tnx_eEe_QBbbJ8NKBKz2kugYzuNz2Yrl-4JupTtqWGhEQTos8sPJJV7RBvptnZg5yLsRD1HHdHMrQah7JAiH4z89RB-AZIlcm8PP7YQ5RopmRpsM_tAoFebsZZ_9CS6RJ41eUVar3HsytO7m1o0coWcD6WOdTbBEjP2B_XZ1fQ2JKugJTDA3wt9ncRwdLWUcnyfAv_0BVBKPxwLitX6hTSCCUa0C6Jo1q7kjnB9q3N86NQ14_8Ri9UQbDh9_aMw314qY98aPZG_KdBdJrNgO-J6ZtG-L6rkU6651JRbKPHjZWDcN3XeJ9tslik1C9h5fzm-gr2um0A3Pit8PWFPAslidw3BsDryfUTwgZ3AQg7X59GzxkjTzk-9BF7oThFsT_f1mnHyMWyw04xEd2xFAJBnh0V92Sr2hjT0KZPSQVO84TsJtCpwb1w_NsbCf0CdQIsbG5jRGs1Qv0qA-4JLca7YAEMtzv7D0mMnZEpprca7UbQg1bJT5hboHKQtK_9F6cZzDI0GaimuGn1cMXOrvXbtotk_MstCTYIVwZe5m_xF5UoSiI9PGj32kW9mEUrdVKAXkgbRFwuHCFJyxpQ8Ks0wplHNOlbCwu4fbOwupjfONOBxOXsOkXafLErqZr9gUhkpsyUcUca-XDefixskQnFFX5MbK79QdajzW9WAVOsBEK9uGTxUJJCl9hIEC9RUXDnlAB1C42cd6M4CJ8EqwZiKgfEwZ8C4ORTbcCOOwnBHeQhIibgzA8V-xbbCbPl4QApPmUVj4drvAbx2QS-YTSe1J8LMFIcjMG8aLyTjEP6JwafibX0EAfj2HTo6N-ov2Y_9V2J4-yJ4LaS8FLvJqfn3y0KLoOLqx-zhXZK-NxKhQKuMUN_r2P3p2wFWi10Sackx2eLH-R18lF89L6ihnPIH8NeGcLi8-EPrxyc18y671aNeAlcxdX1z7VaeUAAfkk5nkLyvgyJR7BUCQw02HKNs3Uw3lm93m9F2Mq3kkwqmxEaWd73xofjY0c_UUY2TDRia78hQY9dyA8nik7xT0jUsn4zLR3Xxpe717sGsXHS_Dwj-wRG-kqRv8svZF2m8aZx3519BOINcVJlwa5TM0ULzCQoHLcVQ2mWSjtedQVA07SpsTV829tU4B1fKIGxtDNyRtbqhgiwmPLe4grpx2FlOmMe6S64i2y8YGurRK5wIErtqz4PxftrcED5byJTUVy5hJzn1cauEfwOcwvgsm0uAV8OtCZ1SHO8k_y8B5IzZikE9CtzdmLQkbdmPoMl_kutfD4FxwJsxyWqZK3-SLceEReliQr8r_VvFrW5EL5gbrc-pBcee5g4nPd4ZPKXB9iWFGqvxQaDl8v-YhIK7YgXFs9Sw6hA6zNZ4S6NjfXlE24&cid=CAQSTADq26N91H6YCwTYCV_EqLsBXqMY5zNANru62L66220zqfL2GvUnDwwv4nGKsygQquNWRbrCjuaeYm55pvU1c0_0-SIaGLNsNYbpObsYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Famenazaytx.site%2F&ds=l&xdt=1&iif=1&cor=4319220163507396000&adk=2857193498&idt=85&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
16795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 16:47:06 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame 0061 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRyd8ZbXB_oWQfBSf8DO1KbA-kMj7teGsiEo_rZVP9hEVb5lHMBNispaikG30cba2xIMfqMwDxNw59EPl1r7YWjMkXzA&cry=1&dbm_d=AKAmf-BNzV6R4yrRuUDYKC5Z748duhbBwNdbq1ihtWcev-D4S-L7znrAXwhnZFNiUZk7bHpt4_FUp9-d-77rztvs_mdMrxCY20O0kwh_-T8QOrJop028E2noT_t6HwDvSh2vW_UBdACOgbrDOxxuqFYpV1xg8T_PoWv2c1Ohzl1alna71rXgpGm6knWGj_A6Kmpt-jk6uAhLYuiAQX00xjY_MilyVAuEaSO1H9F7VyZrvtM0yBiwqD7_dgYYoJfCpqhtoAfNsC7G2u9TBQg_abLsM69wcppJNLcP884J6OHnLB5xvSX1ju5YY2OFpJhiso4u8hZcY4esCR8RkcUZnVOnhCz3C0WfTry9cqqG6khjLA5wZnUXx9AZexUIFqzaFojjAd6wv2tVpStFfEgHEuccNi5SYUrSjYObM9JTN5-ueffxp-00ds82uz6iLfBkaq4XiSptSpFZu3WPUWDy78uLzIlRwwn_JJSqR23wmqpSqSooEWpEdX154CJ0jXqYFlnUuH7R1IomGqMGIA0kRDlzWSFYnZIlNsTmUjNxC1Yux9GlldqnGqXkIMNsJF0BsDJ2TEFc1Dwe-mCwjViIbipwXcxxSj6hEVf838s2lu31Ub9oAf2NP2Xi9ADChT7VnNP7XpEVjSSprKdzZeU-KUTv72uc5xBHqo5jYOKmo834iQP2963kN9ry-6LaDPQue4-wD9XfJoboi5NgRRcZrh4118s_unvJNGyH8S14LSoNHoekGbmmaBOGUQBYpMu_rzVW6hXyjdhQWcGD1TTpEaEVjmuFOTqDMeSQ0TxMoiKzxpoHktnWmdVdkfjmIUQNN2Ff1CpS31omV8Svavjn6Uei9_w_DecPW3kydP9WaKaW5zgn2MFFcKVj76MjaLwy5CXeLWzD6aaHExHi-kCcFqTnAWppncvrzK80LzRG-J35GQSpyNkVolreLtZD8BtCnYMCnfU4E4SX6qa65OH3OcAS275fL5lUCXrcumQXCxJzs4pddtyJufAa7ciFuLnNOqDUzxp_aIR2CTx_-ntbT_FKiFqcQpmkudlQ-T5APpQwdNzHPr9FG-0R7J2kVyAcDv5CiNbAihuMUGqDlp6CnvbOVZRYc-LGJtL5ALq0wXYnBvO4AMxHIfRJXkSAqdFJCTUufzUz1xtnx8h3eu9zIFbn6S6H5vwzjU-rF8LRclQUU_HcZEKWZr_epJfqD6V54_3tYPTDxhaix9VoPUVjjh9Y91caib4CQKbA_xgvaEoTGXMRwa1DG86QfnlL-LFgG5xYZ8UaIIQSw09nYFl-A2GRFoO2wPOefedXYmPIeWzbW9rZ0XjWCFGUZNOFKrT-yfgnZfNlCmOX4JC9gTtw-Nw16ziIl0vX6uXEkCyns4Ruuy1SSYYnU7bbgQkbaFD9WdGi-FgrEOTKqb8F7J9_8I7yTqDWVqq_oCCUXQE-8YzTl0mih8xOUHNWZ-CvsgHhj14IwcjSeO3tXFH4aPrvlkXYSMJ2ICgXjQN87BYmHwqAP5lj_9o2PwkEhs58UjngGuTjzHDaKaHweYmOXGbdvX_Wbt846mujhTKicRmk-1j8uWZgZGGt4hyZbJoHjBRlmoAA6kV3TAdqHQHNZojCaIB7BxzI-qXnQ-TFdZcauKMx_7WN9KwQA2oW2k9YxjYMZn3k71ACEHp9HhIQiEo6-tDIxWyUjC4xNsxCVaJThIZs-szBIAu8w9bQDohL3lbsZWTugm1f8OmPCT4RzKQcl7oOdEDgDLtH1tSeyRUuUWmKraKFo_ByWui8etDpj6lzs2rSf9aKs8Tnx_eEe_QBbbJ8NKBKz2kugYzuNz2Yrl-4JupTtqWGhEQTos8sPJJV7RBvptnZg5yLsRD1HHdHMrQah7JAiH4z89RB-AZIlcm8PP7YQ5RopmRpsM_tAoFebsZZ_9CS6RJ41eUVar3HsytO7m1o0coWcD6WOdTbBEjP2B_XZ1fQ2JKugJTDA3wt9ncRwdLWUcnyfAv_0BVBKPxwLitX6hTSCCUa0C6Jo1q7kjnB9q3N86NQ14_8Ri9UQbDh9_aMw314qY98aPZG_KdBdJrNgO-J6ZtG-L6rkU6651JRbKPHjZWDcN3XeJ9tslik1C9h5fzm-gr2um0A3Pit8PWFPAslidw3BsDryfUTwgZ3AQg7X59GzxkjTzk-9BF7oThFsT_f1mnHyMWyw04xEd2xFAJBnh0V92Sr2hjT0KZPSQVO84TsJtCpwb1w_NsbCf0CdQIsbG5jRGs1Qv0qA-4JLca7YAEMtzv7D0mMnZEpprca7UbQg1bJT5hboHKQtK_9F6cZzDI0GaimuGn1cMXOrvXbtotk_MstCTYIVwZe5m_xF5UoSiI9PGj32kW9mEUrdVKAXkgbRFwuHCFJyxpQ8Ks0wplHNOlbCwu4fbOwupjfONOBxOXsOkXafLErqZr9gUhkpsyUcUca-XDefixskQnFFX5MbK79QdajzW9WAVOsBEK9uGTxUJJCl9hIEC9RUXDnlAB1C42cd6M4CJ8EqwZiKgfEwZ8C4ORTbcCOOwnBHeQhIibgzA8V-xbbCbPl4QApPmUVj4drvAbx2QS-YTSe1J8LMFIcjMG8aLyTjEP6JwafibX0EAfj2HTo6N-ov2Y_9V2J4-yJ4LaS8FLvJqfn3y0KLoOLqx-zhXZK-NxKhQKuMUN_r2P3p2wFWi10Sackx2eLH-R18lF89L6ihnPIH8NeGcLi8-EPrxyc18y671aNeAlcxdX1z7VaeUAAfkk5nkLyvgyJR7BUCQw02HKNs3Uw3lm93m9F2Mq3kkwqmxEaWd73xofjY0c_UUY2TDRia78hQY9dyA8nik7xT0jUsn4zLR3Xxpe717sGsXHS_Dwj-wRG-kqRv8svZF2m8aZx3519BOINcVJlwa5TM0ULzCQoHLcVQ2mWSjtedQVA07SpsTV829tU4B1fKIGxtDNyRtbqhgiwmPLe4grpx2FlOmMe6S64i2y8YGurRK5wIErtqz4PxftrcED5byJTUVy5hJzn1cauEfwOcwvgsm0uAV8OtCZ1SHO8k_y8B5IzZikE9CtzdmLQkbdmPoMl_kutfD4FxwJsxyWqZK3-SLceEReliQr8r_VvFrW5EL5gbrc-pBcee5g4nPd4ZPKXB9iWFGqvxQaDl8v-YhIK7YgXFs9Sw6hA6zNZ4S6NjfXlE24&cid=CAQSTADq26N91H6YCwTYCV_EqLsBXqMY5zNANru62L66220zqfL2GvUnDwwv4nGKsygQquNWRbrCjuaeYm55pvU1c0_0-SIaGLNsNYbpObsYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Famenazaytx.site%2F&ds=l&xdt=1&iif=1&cor=4319220163507396000&adk=2857193498&idt=85&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:47:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
16746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10811
x-xss-protection
0
server
cafe
etag
10713822464293745175
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 16:47:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0061 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 22:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:49:28 GMT
truncated
/ Frame 0061 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c77ab30c9f12bfcb50c811d6694555798fe9c9ca49828ed9e17ba56917ce4e84

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9646 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
379046
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Jan 2023 12:09:35 GMT
expires
Tue, 16 Jan 2024 12:09:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 9646 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:43:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Jan 2024 16:43:09 GMT
eyJpdSI6IjBjZTNkYjMxZDdmMTg1ZGIyMDY4NmI2YTE1N2JlNWFkOWNmOTE3ZWEzYTNiMGIyNzA5MGQwOTI5OWJjMTEwMDUiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame BD3C 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBjZTNkYjMxZDdmMTg1ZGIyMDY4NmI2YTE1N2JlNWFkOWNmOTE3ZWEzYTNiMGIyNzA5MGQwOTI5OWJjMTEwMDUiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c8d35b6735bd64c48530fe7112c9d455a32daac39b5e3430a6043e817622e28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
last-modified
Mon, 03 Oct 2022 10:49:28 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=676563
access-control-allow-credentials
false
x-traceid
d336b923a4e46c96bbef29110b814063
timing-allow-origin
*, *
content-length
52342
i
api.purpleads.io/x/a/7bee0cfb1b1b212420195eec771bd262:08d749a6975b4c657f6f1d84437fd47ee714d4f1dab49f2632918e482255e622eaf429bcb2d0f49dd6632147d8fe06da6f4c5919a71d93406bb38c80ea861979f9e45e4f4ba2e01... Frame BD3C 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.purpleads.io/x/a/7bee0cfb1b1b212420195eec771bd262:08d749a6975b4c657f6f1d84437fd47ee714d4f1dab49f2632918e482255e622eaf429bcb2d0f49dd6632147d8fe06da6f4c5919a71d93406bb38c80ea861979f9e45e4f4ba2e010fbd2df03a84c1b46e6bcb0c7d51fb5f1106a5a60df210bbda0a7b77346afcba3e56b64726a504ff8a00084283f60e1ead32090d83aff3f4ef4a6bf74e5b71e518a183c5cf4ad53ca/i?id=58c088a3-e851-45a6-9121-f4f5b7990722
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
api.purpleads.io
date
Fri, 20 Jan 2023 21:27:01 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
ddf77392-e20f-4606-8cbd-bf523120f689
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame BD3C 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=5c5e15d514fa4ace22dd7ea789bb8d50&pvId=5c5e15d514fa4ace22dd7ea789bb8d50&sid=9435706&pid=45718&idx=5&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:27:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
562e91a5326e3a18782cd7732ac1a859
Content-Length
4
Expires
0
log-viewability
log.outbrainimg.com/loggerServices/ Frame BD3C 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/log-viewability?requestId=5c5e15d514fa4ace22dd7ea789bb8d50&position=0
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:27:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
5996ec669be035a181a96b3315ba3f80
Content-Length
4
Expires
0
index.html
s0.2mdn.net/sadbundle/9079937949297653269/ Frame 5277 		24 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9079937949297653269/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d48f23db5a2b8ad4bb6ff0601bc21795fd67076e8443e395f8177ea69852861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
121506
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5174
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Jan 2023 11:41:55 GMT
expires
Fri, 19 Jan 2024 11:41:55 GMT
last-modified
Thu, 05 Jan 2023 09:32:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0061 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuS4cidvUZ9wfn-eufeVc-wS3a60Nb1ETncDcsGBbh4c9hX6tWE98L4GcejvPnLKDrCrRZDh_7VSZaM5J6qP0isr4CD9a37NzBuZWJgivsLUtB4grYvU15o9IER_SWOIYB_wO9_6BxAUcRH9cv3m-KsSbk-dzpXbxzBW-bnHccFqjWKs3E0H8f0F0QwjLWPDHfUQDpML_OjBFCc1Xf2nSgrYFtWJVp6IZrv9bRQoHoA0PtxPZF5BN-MJda3C9XT2QszEOhaKeeatxxaclMvDxvL9BqXNFDub9NSUPGT3jlVB1XymKRxYEOcd6-Apea963Ge-OZyNaY4iwx3mML9fk5qonKv42niNXapvsfGIvcfXInR8u96--NGh_bX4a5CycZIQ9aD9JVjJlaT-OGN0M-YgGeY7PrYRMXAP1o6WTxgLV1R3LoJUZL3X4mmXyGcoD61A4XFk9nV9_Ewe2VOEDYayhEKQ5h5YnXBE-h0bZdF8f8WpIjBdnKjvrJaMy5JZFMyk72ChsfPhJvILCRT3nzU8AY6ou37_14EOohV50p0VxoQoKxgf3ryWofaW7KhWOaAEhk_5dwNgJoYAEM100DPVbxa5aSZldcLWWOGVam0s9jMO0N8BoxHLyz6Rq0i9jPV-P7uTqt-8A9KJ06tJVGP_qlwhBYHkq_Jz72XNfxsl7R7zeewHffVciTo2z8w4Y-8x0yznSQjX_ADJ2E1xSRbXHzizfkCRqU9wwU4YBLNAQQLkH0C1lv19HYDQhE30Uw4oxiPf3Mcc9nVyJsc_G3LH70rAXQNEu15cvHYZ8VRk_79b2byqfM7ZQxb4TXeidplQkEu6X5UL0CMY24pzx_599OgS3slCpXh0F-i8f7BsYpMU4wegjIMQMiIWk77wG6v0I_JEC1N5n6D3NcHBnIUekMC3KeEFtcM8DN8t9jbpteuABmvNnkdv1qEhuwxsDi7CPax_2DpcmZoXyp4EerI3sFaR2DTmfkOEZ3tNYaUMozxDqQTMfObN0iXC5g5_Au4EissaFcHtbDHBlMV-rySl_Et_DrKSwOcfDVzClemVcSavejkD2ehqf75hngPF7tML8VkHSKxWZqugpo9DKEzxizpHK7rSC3EYSCeBvPZ8ijkmGfu_WHD9-cnkumozqW65ijnnAw4jPL68N0aOnTUniFDUz8iEJb6DvQI1BdhDqgIe06fmcWlOHX_eQvryG_GVnBRFp2ZI0OYGplPgMks1WgbDKFxWJQ&sai=AMfl-YRQr0OAwaAScnEC4Cy9txxMfpbr4fT46Ful7QkBZBjkKQwEk1sga7LjIe2aE3s90XUCZ9N9RahGWL4UAEHFUNnLDUseoqPXUVXOAHTCwKSBmjdtEy2GRKx_OfflkbzCNXgzpXskDoTqNlggMvlpCahpL6wFVlNFPWFPrQ0dLpTjQcYgenOMt_w9Ykb86yYhEOUuR6fvpbp3BsbThK8AeZUjU_uhq1VBM8I3uzDuMBmjsFmyGETCnk_7CFCPOU_C-fAzhAsafovIL7vsI1NZPVfZttUc1DjQf-XqmkPR5MieGSpUyoaAUgNpOAo7hLUW&sig=Cg0ArKJSzNfBM8b7kN5WEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=145&cbvp=1&cstd=142&cisv=r20230118.24537&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 20 Jan 2023 21:27:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Jan 2023 21:27:01 GMT
baf730f4acad38290c8b64d82f1fe8ea.js
s0.2mdn.net/sadbundle/9079937949297653269/ Frame 5277 		97 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9079937949297653269/baf730f4acad38290c8b64d82f1fe8ea.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9079937949297653269/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d97fb4b9c5d23402762f46c9708bfaf966e2e539a4db2bc16d7b7f4abeb7fb9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9079937949297653269/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 11:41:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121505
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28315
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 09:32:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Jan 2024 11:41:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9646 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BS1CvJQfLY-WBEte_x_AP8fm2qAEAAAAAOAHgBAI&bg=!QUKlQgbNAAYDMoyoIzI7ACkAdvg8WttCG6Htb_Cvkl86xG07WqOraUndbwCDgz2U8wmcGN0xWY-fcgIAAAB0UgAAAANoAQeZAu38YiuFQ05itUcpjXxsWYs-7IXRfs8s7MAoXbMAfyVOK2Uykj70VHpqZck26tqrqWlU_ifU9uwEqMeUh2WbkGpKujSYibclirx5luPHF0ou1TDXj6aY0NIMl5WcxKWEBUhs94OHdw5O2OP_ehnxJQT88OrUYObq-A7aFAzXaPigwl3QINkA3VEwh4xXaWh9Z4meBZ1XHuQEmMTFWXf3grWTtiOIX7K_gVjaPHR83atk7bK_X-9fifQGf7yhx7mtaj__IIC6AE4nVWU2WCs0bsIFMMJAkSoEO2rnhnfwXxg8skUo2-RseC6aBokQQtDWfZvz3tUAArwFGcDTfgJJY14QFbLCJcn-eWjOD9BaublG6-R0NTdB_MS-kyZxVyv4-8AlAf92Qv2-T2NE2ghhuco1HIRqAw69AsFFO5I46TycBjI4Ldc3uVkfZXE0hAHnPcI0Odr-nG0yDOM_OwtGMeZMHhzNSbbvtPhRwJuNIUDoJD0WTo1TF-NaUGeX2eGTka6vLHDFTafey2gaqxCrTA3oCoqZMLCxUYbYuNbxbmr4mD43xWl1F-gBuBn15Gb7C9pUWR996kH5KRaEbRguD274B3vRq-vUNd4CTBFq0j5G9v6ZRH_gR4nfzNHP3gFoNvWopLNCc8NMfg8OqCcPwtj-d_hX9JU-KDH3sszMsacNNJSj2vm1v9adO_dn920KA9jS82go4h8ga8QRDLrcEgeLhf0r3Ilhg8JfLjtpixH5dgmVIppBGXjRqlfHYEjlaMSfjRGQM6RVkA05tlZrxDSKw5AXAUUSd4giA3MhYBZZ-HXvsDzJVnZG5n6AmPZ6SFYeni4lGzSJFnXU9AgykU-1t8OiW4L_AQpfKXahfRicCRfFYyMejS4mF_ofkrvNmU3qHolxuSb89nE2sKYBGtpCc7RyUJHKf8_jM0YL-PfRLhTwnYy_07XQ4LCXtz6FgdfSNG4Ixmyq2gzqpZhyP6a8eoIbR5C2fOXN1f7NTg
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 5277 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9079937949297653269/baf730f4acad38290c8b64d82f1fe8ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 03:11:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Jan 2024 03:11:35 GMT
5f626b70943d423a94bd55dae6acd275.jpg
s0.2mdn.net/sadbundle/9079937949297653269/media/ Frame 5277 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9079937949297653269/media/5f626b70943d423a94bd55dae6acd275.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9079937949297653269/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afebe5d909591baf9ea82d958dc5e981150524f1c5f255686008b4f1348a7098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9079937949297653269/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 02:18:50 GMT
x-content-type-options
nosniff
age
68891
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21789
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 09:32:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Jan 2024 02:18:50 GMT
06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/9079937949297653269/media/ Frame 5277 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9079937949297653269/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9079937949297653269/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9079937949297653269/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 11:41:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121505
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1998
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 09:32:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Jan 2024 11:41:56 GMT
container.html
eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0181 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 21:27:00 GMT
expires
Sat, 20 Jan 2024 21:27:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9D7F 		640 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYtbXOxQEwAQ&v=APEucNUm8s2_RvUNVo5pKA-xjKAhauqptqx-I19mveExyC5axEVgZwzb9p0BJmr6tSCiEc546ALb3Y-SjPMPcFXc7XDHNg6BTBrHp2zPUWX-Mtu8buIzVX_DcLbJ2rmMRiWt2quNHotLGaWBUm5HTsLtYSz-839I_DWISURYAq6qDm6TJFSMopg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 21:27:01 GMT
expires
Fri, 20 Jan 2023 21:27:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame FFFA 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 20 Jan 2023 21:27:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame FFFA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/window_focus_fy2021.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 19:29:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
7032
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 19:29:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/ Frame FFFA 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230118/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:49:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
16639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7515
x-xss-protection
0
server
cafe
etag
5914713042212191929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 16:49:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FFFA 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48518
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674065973849303"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 21:27:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FFFA 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BC9ETPiW3nJmRz9RourkwKmmfT_ZpymU8gSSZ2sBNpm13kmIjZjoG2WwtT0JYCSEtnV0YpjChls6I9ygIg5xIBcR34N-HMG4kLdFUrfHvT7mrW22Y
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FFFA 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14549169557277023091&x=1&ct=76
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 5277 		4 KB
689 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700%7CRoboto:500
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f024141ccf910073696d2264ba468081a352ebacc30448a5b94d2790136bbbfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 20:32:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Jan 2023 21:27:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0061 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuS4cidvUZ9wfn-eufeVc-wS3a60Nb1ETncDcsGBbh4c9hX6tWE98L4GcejvPnLKDrCrRZDh_7VSZaM5J6qP0isr4CD9a37NzBuZWJgivsLUtB4grYvU15o9IER_SWOIYB_wO9_6BxAUcRH9cv3m-KsSbk-dzpXbxzBW-bnHccFqjWKs3E0H8f0F0QwjLWPDHfUQDpML_OjBFCc1Xf2nSgrYFtWJVp6IZrv9bRQoHoA0PtxPZF5BN-MJda3C9XT2QszEOhaKeeatxxaclMvDxvL9BqXNFDub9NSUPGT3jlVB1XymKRxYEOcd6-Apea963Ge-OZyNaY4iwx3mML9fk5qonKv42niNXapvsfGIvcfXInR8u96--NGh_bX4a5CycZIQ9aD9JVjJlaT-OGN0M-YgGeY7PrYRMXAP1o6WTxgLV1R3LoJUZL3X4mmXyGcoD61A4XFk9nV9_Ewe2VOEDYayhEKQ5h5YnXBE-h0bZdF8f8WpIjBdnKjvrJaMy5JZFMyk72ChsfPhJvILCRT3nzU8AY6ou37_14EOohV50p0VxoQoKxgf3ryWofaW7KhWOaAEhk_5dwNgJoYAEM100DPVbxa5aSZldcLWWOGVam0s9jMO0N8BoxHLyz6Rq0i9jPV-P7uTqt-8A9KJ06tJVGP_qlwhBYHkq_Jz72XNfxsl7R7zeewHffVciTo2z8w4Y-8x0yznSQjX_ADJ2E1xSRbXHzizfkCRqU9wwU4YBLNAQQLkH0C1lv19HYDQhE30Uw4oxiPf3Mcc9nVyJsc_G3LH70rAXQNEu15cvHYZ8VRk_79b2byqfM7ZQxb4TXeidplQkEu6X5UL0CMY24pzx_599OgS3slCpXh0F-i8f7BsYpMU4wegjIMQMiIWk77wG6v0I_JEC1N5n6D3NcHBnIUekMC3KeEFtcM8DN8t9jbpteuABmvNnkdv1qEhuwxsDi7CPax_2DpcmZoXyp4EerI3sFaR2DTmfkOEZ3tNYaUMozxDqQTMfObN0iXC5g5_Au4EissaFcHtbDHBlMV-rySl_Et_DrKSwOcfDVzClemVcSavejkD2ehqf75hngPF7tML8VkHSKxWZqugpo9DKEzxizpHK7rSC3EYSCeBvPZ8ijkmGfu_WHD9-cnkumozqW65ijnnAw4jPL68N0aOnTUniFDUz8iEJb6DvQI1BdhDqgIe06fmcWlOHX_eQvryG_GVnBRFp2ZI0OYGplPgMks1WgbDKFxWJQ&sai=AMfl-YRQr0OAwaAScnEC4Cy9txxMfpbr4fT46Ful7QkBZBjkKQwEk1sga7LjIe2aE3s90XUCZ9N9RahGWL4UAEHFUNnLDUseoqPXUVXOAHTCwKSBmjdtEy2GRKx_OfflkbzCNXgzpXskDoTqNlggMvlpCahpL6wFVlNFPWFPrQ0dLpTjQcYgenOMt_w9Ykb86yYhEOUuR6fvpbp3BsbThK8AeZUjU_uhq1VBM8I3uzDuMBmjsFmyGETCnk_7CFCPOU_C-fAzhAsafovIL7vsI1NZPVfZttUc1DjQf-XqmkPR5MieGSpUyoaAUgNpOAo7hLUW&sig=Cg0ArKJSzNfBM8b7kN5WEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=361&vt=11&dtpt=216&dett=3&cstd=142&cisv=r20230118.24537&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Jan 2023 21:27:01 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5277 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700%7CRoboto:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 16:44:52 GMT
x-content-type-options
nosniff
age
362529
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 16 Jan 2024 16:44:52 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5277 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700%7CRoboto:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sat, 14 Jan 2023 09:07:05 GMT
x-content-type-options
nosniff
age
562796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jan 2024 09:07:05 GMT
sd
us-u.openx.net/w/1.0/ Frame 9D7F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEVivBRoSUQrZzM7dImyc4Q&google_cver=1
43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEVivBRoSUQrZzM7dImyc4Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYtbXOxQEwAQ&v=APEucNUm8s2_RvUNVo5pKA-xjKAhauqptqx-I19mveExyC5axEVgZwzb9p0BJmr6tSCiEc546ALb3Y-SjPMPcFXc7XDHNg6BTBrHp2zPUWX-Mtu8buIzVX_DcLbJ2rmMRiWt2quNHotLGaWBUm5HTsLtYSz-839I_DWISURYAq6qDm6TJFSMopg
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEVivBRoSUQrZzM7dImyc4Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 9D7F 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYtbXOxQEwAQ&v=APEucNUm8s2_RvUNVo5pKA-xjKAhauqptqx-I19mveExyC5axEVgZwzb9p0BJmr6tSCiEc546ALb3Y-SjPMPcFXc7XDHNg6BTBrHp2zPUWX-Mtu8buIzVX_DcLbJ2rmMRiWt2quNHotLGaWBUm5HTsLtYSz-839I_DWISURYAq6qDm6TJFSMopg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 9D7F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBNF6gHJ_ng09MO7VbgPiIQ&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBNF6gHJ_ng09MO7VbgPiIQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYtbXOxQEwAQ&v=APEucNUm8s2_RvUNVo5pKA-xjKAhauqptqx-I19mveExyC5axEVgZwzb9p0BJmr6tSCiEc546ALb3Y-SjPMPcFXc7XDHNg6BTBrHp2zPUWX-Mtu8buIzVX_DcLbJ2rmMRiWt2quNHotLGaWBUm5HTsLtYSz-839I_DWISURYAq6qDm6TJFSMopg
Protocol
H2
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
Fri, 20 Jan 2023 21:27:02 GMT
pragma
no-cache
date
Fri, 20 Jan 2023 21:27:02 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEBNF6gHJ_ng09MO7VbgPiIQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 9D7F 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYtbXOxQEwAQ&v=APEucNUm8s2_RvUNVo5pKA-xjKAhauqptqx-I19mveExyC5axEVgZwzb9p0BJmr6tSCiEc546ALb3Y-SjPMPcFXc7XDHNg6BTBrHp2zPUWX-Mtu8buIzVX_DcLbJ2rmMRiWt2quNHotLGaWBUm5HTsLtYSz-839I_DWISURYAq6qDm6TJFSMopg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.96.128.226 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-96-128-226.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
Fri, 20 Jan 2023 21:27:02 GMT
pragma
no-cache
date
Fri, 20 Jan 2023 21:27:02 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
eyJpdSI6IjBjZTNkYjMxZDdmMTg1ZGIyMDY4NmI2YTE1N2JlNWFkOWNmOTE3ZWEzYTNiMGIyNzA5MGQwOTI5OWJjMTEwMDUiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 40A2 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBjZTNkYjMxZDdmMTg1ZGIyMDY4NmI2YTE1N2JlNWFkOWNmOTE3ZWEzYTNiMGIyNzA5MGQwOTI5OWJjMTEwMDUiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c8d35b6735bd64c48530fe7112c9d455a32daac39b5e3430a6043e817622e28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
last-modified
Mon, 03 Oct 2022 10:49:28 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=676563
access-control-allow-credentials
false
x-traceid
d336b923a4e46c96bbef29110b814063
timing-allow-origin
*, *
content-length
52342
i
api.purpleads.io/x/a/7112386aec52db227f9645555a753d94:c454dd1a2735e8fc65d839ec20834e4d9d4912b17d19e05099cd96246035bdcd402258be5687e5abd1cb2dd0ae80f1b335a8368d77d373cd5d0be4b4fc95139984fddfb669cdbaa... Frame 40A2 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.purpleads.io/x/a/7112386aec52db227f9645555a753d94:c454dd1a2735e8fc65d839ec20834e4d9d4912b17d19e05099cd96246035bdcd402258be5687e5abd1cb2dd0ae80f1b335a8368d77d373cd5d0be4b4fc95139984fddfb669cdbaaa795127fcd23c7df1bbbf071a3f22911e2c92efdbf602fa72f91495c62ca1fc8d1dc22448bf04f9763d0c45d489124b09f87037ec7268ceaa71a5ebba6f5738315490a46243143640/i?id=56ad0378-c003-4189-b438-811ad4c5b22e
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
api.purpleads.io
date
Fri, 20 Jan 2023 21:27:01 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
c845442c-9346-40d9-be52-d93252095ec0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 40A2 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=e5e71e6102b7b62d6e4cb120127696e4&pvId=e5e71e6102b7b62d6e4cb120127696e4&sid=9435706&pid=45718&idx=6&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:27:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
db764be3bea294027344c91b87f806f0
Content-Length
4
Expires
0
log-viewability
log.outbrainimg.com/loggerServices/ Frame 40A2 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/log-viewability?requestId=e5e71e6102b7b62d6e4cb120127696e4&position=0
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:27:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
5451a992cfd07b285beab9f5f40b286a
Content-Length
4
Expires
0
06f91b438b5c0d7fe6dff4bf6c24cf00.svg
s0.2mdn.net/sadbundle/9079937949297653269/media/ Frame 5277 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9079937949297653269/media/06f91b438b5c0d7fe6dff4bf6c24cf00.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9079937949297653269/baf730f4acad38290c8b64d82f1fe8ea.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9079937949297653269/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 11:41:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121505
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1998
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 09:32:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Jan 2024 11:41:56 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame 5277 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9079937949297653269/baf730f4acad38290c8b64d82f1fe8ea.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 03:11:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Jan 2024 03:11:35 GMT
6c7d573eec81c58ef3029762e2c07b66.png
s0.2mdn.net/sadbundle/9079937949297653269/media/ Frame 5277 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9079937949297653269/media/6c7d573eec81c58ef3029762e2c07b66.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d5e54f3697a04beafe4c0d87c693de12f9501f97d29bf12b39ae90c8f8fceed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9079937949297653269/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 11:41:57 GMT
x-content-type-options
nosniff
age
121504
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3790
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 09:32:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Jan 2024 11:41:57 GMT
0ef23ca768185e8ea34d7f3a39f47c76.png
s0.2mdn.net/sadbundle/9079937949297653269/media/ Frame 5277 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9079937949297653269/media/0ef23ca768185e8ea34d7f3a39f47c76.png
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
258cdd8c4084a561a757b87722ed754094bfab9d157d8369034900bdd56af915
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9079937949297653269/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 11:41:57 GMT
x-content-type-options
nosniff
age
121504
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2946
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 09:32:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 19 Jan 2024 11:41:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FFFA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5570297459137&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FFFA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5570297459137&version=m202209210101&ct=76&x=1&cor=14549169557277022000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame FFFA 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DqIqJwc-N5a1-DyYwMY92XwxgqllxPVVL_M1qrn47WvgmMcLFD8AHoiEUVJxHDmt1QYs3wFpeRJcj4OyA6fNcRx8YAaNO2ziVqAJzwPBaiHrUlWwcc2Pvm_K4O4BhUO2ZeE1fcU1Q1TSVvbTynZpBz2_iu80sL-6noWYpSLlDUAvxOSQY&dbm_d=AKAmf-BxTkR7FrcVhnN4X2Yj7kLjTO3evOUav18PPO3ti5prrUWtMRtMg9IE1jCodR_xdlKd9aOh1FGPVSCCoQIuyjsws9cR4_7F35pQAEWrz0Wu19z4W_TXqhpSLnm9KNyj1z1IxZJ-QSMYJp_BjaFiFyoNQGFtXGu6nAsVQpgkwid_D_-Yx6tvmVpTIqo7_xNZeZTa4ZMQ0yBvKqwtHrA_0mQmByEpUJlgED7qCrfgHMvbAJPmI1jM3ziotLrLNU7LOdnMOP1X0el30Nq6pLNUKeVZnXudZVqO9_wN0s56lARC8Vq_erL0Q6NetoEjkIDG0z-xD43ShxEL58nx1oY6sA4AXHR1HrKgNmVWaTmR00EFk5LtlqQ5h-Tte0JjtqPWmraCrNt43Cr_RkLnX0nxv08tP0Ysm3rK6XBZFbt-pktdVeIx1BJ6CJWZ21ApfLIZnT9ZKzpEO3EShfqAvpqD8KmFhkqpeIh-F1wynStrrOpmeTu36GIwDu3Zhx9ZTni_mb--ORohT9WZfRVp-9o3hEuzYBJwVj2_O2w2mzWz44BfK-RQhJmTqgx1ozQeJghcKY8eAXewmn2nCitMINHjCoClmyeswhKm78ywfQz9XYGKqUhwbYBuMC6CzQH21VNWqh-nuEUZTJsBAvpdpKKryKnAiLq2jfbb97W_UNsmnvcsKFdwGkGL1vF5c_1NbSbO74apMqyU-3YBBFuL3uUOrmXyNkYwek6Lij41mvg45-bEkPevE95kf9ZlbpbnjZ_92_lFTRXyw72ag1grTY9DN919jjOi6as3TbAReZzj3mrxmhlzsAWQVFiDjhypUfeu1_ll34vTx2iZCIxO--0OiuX0l4t7NnGtV469tD4xbJM-_VVjCP80DI-4ukK3cOPMMXjkvIUh0jHXEI9c8DRpn_UxgtRQi0Cg4HBHPpRVdTzdO-fOzRv3nb4aJcN6B85F3XJc4DY2L6xDuWMRbFtS5wehyp7EK8WH6PK2Dskq77TUhCBrzFebueIXxIKx6mHMoTfcRTNorIZDKeW9o9cUQsRO-0_kmoSNHxXdNINN5VQUgxcq4M3CnLifrmB9-9rxMCjIOe4fSmcUUehS3RGbhxsFaZd1T5PNABdKb3jbSsI17TXOtXaNkR2pO80gTTyMD3QfcnWVWZGU22V-Xgtop_QwPNKZLuz_HvxBhAQygxkGgRvJBNoJw60hkX3lJLLqdoBjtyIvNvX-5RH2tC2uMmA8lhHVOoE8o5RIiUX7264HeSmddzpulpNi0zkwHIU3TSe1kcp-DWqRXZprSqtzZbHhzbHfWb4zZMa4a1GEzdRHjMPYbyVk8FELUohxChkqANpQ3NFrsGqA_Ioi-FuBol8QdNyWMPWLOmaH35rHvwERqnzJVWzSIkQvvsOiY9hMmysT5DHnt6KudidM1yQUM3ZZoLZkxtQi08YWySf_5wt2J8qgVnFXHs16NddfwK1S3DlaYvu6kS6snV73a9uRXiBQ6vWf9Pf86Bx5SqQwexr01hrzzBsV5N0wJ5DQoiAyzpWkoWM25Fsjpcj3Et23Xi5NmS6y7G6iO4EsUwW_DXqFiktnwdQNPwr2_aofeM_N_5LuwYbGnVW2ZHPnbYcI8oM6sOp__gSKfJTAEow9Ok7cK3gknByI0jaNSP9RkakRPjfCXUknyuOBVj6iXGnhDGUlR8JPh2-EJ35mbs3LBQJt9ssXxpE5iH29lUeiof9l_JFtTFZq7aWq1IaDYGCGhFI0l-8HguoG7kHGBSjpsJhV0sZjE3bXIhMXZS5U497UAzeyqKCOKDq2UpP3G5qzxESKZcu-Um97mMERvvYrSpJmHqWcgoKZCy1hiYYhoVQjB1isYpDMSxRNW0kbs0UxicoI3X0Aw7bu55R9626KNThZUhfHohsfIJxt5Ka7aTzrZg1TajYituFgcIdA1e-MVUuKwXSjspgvNhw_88GGYJVJPZGXblHlFX4Mk2_VM1m0LLym7vfN5ec6s-z0_MU2Jj-MJDagFMxh9A8YaC3oqRZkM_HOF1V91Q8aXdmACh23i9AqobOrI_KgIKHttfohzU5Heuk3_Vm8TL8nwpaeXOXv-7n8zTDWBjICqpCp-zU63Rdgz0l4IyrtbimvtoV1P2xn2AB6wxznCDJ4HAUWyFFj09S904tmo_qEvqzpg3lP7FDhDPtx7RzN7vNpuLhI6RqKkL3p1D5RUrbS0RMJqISUVU6kxdHLxGiUalJZgUzfeJ7zj6iNaYFpAAlSFG14BOeWFO3JuIOvrHrT--UFnZVXj_BcBtIuMAZOI5AXhlhYEo0CK3WOTqbTvKPoAP5FuJQKQv3Ng4iI4OkRuFOXBlN6VRbrsxtEEWo3K0BUJuyzNsUZufjuKKTILyUj3PZYeed9CDcS-MmyDdTA-TVR4Qe_3Hw-xE9p9CIuD92aVBJw3IW18HPflRzB2m9Hb0XuNpNKznyGJVlRHUnulmkZEe-CBTQx3B_uwu6uxZgy04cdDG3AhN-uPm0txDgITwRZLX4MYNLHn7TZM6K6chSZ9J03LYUngPh67u_ge5CsoGs7qGKcMM2vEe3W-48K3l0U8Qo0xaTS5xq1d_jiS0mQk6dB3Ra_AarB60UU1eB-rw9h03Yvmhxq_D4iKPHznQCpQjwyEKcLPg4XaFzVypjYothiVA01q0tT4J1F9H3Lfgf16wfrKX2i3P60z0CHfBcjlpcMYksF5nhBF2bv5f-mOLIgFlwkZtDTGHTt-uwx2VSqLyf3Gw7tTyBttZv-Ox3_mtlxipw-wKQY_ScLQHfqnMbv38_WxkXqnv93F7PcxKhg_ozLuV7rKpXtyzEO-IpgnMlHhIxPFmUax2Q3KCbsH4kLfnboZYjjP99ZmhFNrNAQD8XMR7guf2THr0BCMyuWIth-LTFwFUgAYgfxEDMK37ON9bVevp_BPzrobrH35TzwOaGO7LiNG7EXPo4ncJViRSRcfF2gKPrLsnSKgRhwedFTwnG7C1aS82TfESNTqF0KkRlvgWTGtbct36dZeFonTCwKupTti2bozMm5DxGMdbnQIXOHfXj6sBAiA8YTbMOAWoEmRcSNABaVSy2JPEzrMsHl96Kwj-mtt1BQIxZRTeOYdcczHsynlxG0pF1o3Rff0PeXEwgd84uzs4qEeFEIZFr_6o8iNIM-lQzyxn-Kagnp9W28cIPl0bqzjUOBF8R_kDu4eW0SKsqyfSY3NgMe0gviIFuDkteOz_yqC3nkikSVzFePkZOUhSild_KGd77-9SY1C5Ecp0bSWKOxYZVc7qCz4Zz1Tg-TUyf1-KXr6JYjiWvDHpxH3TsZL5gSTJNzCzAI97B0&cid=CAQSSwDq26N9-mcaOVWrpfIHA33AvyU1GvhiyzfjSZLLB3bNT0CFOG_UkergJ0BEyyQatIupe0QugCAXBDYES5AWR87XKxto40SrQHjyVBgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Famenazaytx.site%2F&ds=l&xdt=1&iif=1&cor=14549169557277022000&adk=1877897943&idt=86&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
225ecc9c45244bc12f5eef16f80c0077979c74093fd380e3e5a95eb0e70e9720
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37425
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5f626b70943d423a94bd55dae6acd275.jpg
s0.2mdn.net/sadbundle/9079937949297653269/media/ Frame 5277 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9079937949297653269/media/5f626b70943d423a94bd55dae6acd275.jpg
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afebe5d909591baf9ea82d958dc5e981150524f1c5f255686008b4f1348a7098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9079937949297653269/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 02:18:50 GMT
x-content-type-options
nosniff
age
68891
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21789
x-xss-protection
0
last-modified
Thu, 05 Jan 2023 09:32:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 20 Jan 2024 02:18:50 GMT
css
fonts.googleapis.com/ Frame 5277 		2 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 20 Jan 2023 21:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 20 Jan 2023 20:03:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 20 Jan 2023 21:27:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5277 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 19:42:15 GMT
x-content-type-options
nosniff
age
92686
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 19:42:15 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/990511/61634092/ Frame FFFA 		242 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/990511/61634092/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.110.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-110-39.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
147f6577a0412f68897034a230662e60fd5d844a5b32248e3c2f3cb3be3ff538

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:02 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame FFFA 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
Origin
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 09:07:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44379
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Jan 2023 09:07:22 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/ Frame FFFA 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DqIqJwc-N5a1-DyYwMY92XwxgqllxPVVL_M1qrn47WvgmMcLFD8AHoiEUVJxHDmt1QYs3wFpeRJcj4OyA6fNcRx8YAaNO2ziVqAJzwPBaiHrUlWwcc2Pvm_K4O4BhUO2ZeE1fcU1Q1TSVvbTynZpBz2_iu80sL-6noWYpSLlDUAvxOSQY&dbm_d=AKAmf-BxTkR7FrcVhnN4X2Yj7kLjTO3evOUav18PPO3ti5prrUWtMRtMg9IE1jCodR_xdlKd9aOh1FGPVSCCoQIuyjsws9cR4_7F35pQAEWrz0Wu19z4W_TXqhpSLnm9KNyj1z1IxZJ-QSMYJp_BjaFiFyoNQGFtXGu6nAsVQpgkwid_D_-Yx6tvmVpTIqo7_xNZeZTa4ZMQ0yBvKqwtHrA_0mQmByEpUJlgED7qCrfgHMvbAJPmI1jM3ziotLrLNU7LOdnMOP1X0el30Nq6pLNUKeVZnXudZVqO9_wN0s56lARC8Vq_erL0Q6NetoEjkIDG0z-xD43ShxEL58nx1oY6sA4AXHR1HrKgNmVWaTmR00EFk5LtlqQ5h-Tte0JjtqPWmraCrNt43Cr_RkLnX0nxv08tP0Ysm3rK6XBZFbt-pktdVeIx1BJ6CJWZ21ApfLIZnT9ZKzpEO3EShfqAvpqD8KmFhkqpeIh-F1wynStrrOpmeTu36GIwDu3Zhx9ZTni_mb--ORohT9WZfRVp-9o3hEuzYBJwVj2_O2w2mzWz44BfK-RQhJmTqgx1ozQeJghcKY8eAXewmn2nCitMINHjCoClmyeswhKm78ywfQz9XYGKqUhwbYBuMC6CzQH21VNWqh-nuEUZTJsBAvpdpKKryKnAiLq2jfbb97W_UNsmnvcsKFdwGkGL1vF5c_1NbSbO74apMqyU-3YBBFuL3uUOrmXyNkYwek6Lij41mvg45-bEkPevE95kf9ZlbpbnjZ_92_lFTRXyw72ag1grTY9DN919jjOi6as3TbAReZzj3mrxmhlzsAWQVFiDjhypUfeu1_ll34vTx2iZCIxO--0OiuX0l4t7NnGtV469tD4xbJM-_VVjCP80DI-4ukK3cOPMMXjkvIUh0jHXEI9c8DRpn_UxgtRQi0Cg4HBHPpRVdTzdO-fOzRv3nb4aJcN6B85F3XJc4DY2L6xDuWMRbFtS5wehyp7EK8WH6PK2Dskq77TUhCBrzFebueIXxIKx6mHMoTfcRTNorIZDKeW9o9cUQsRO-0_kmoSNHxXdNINN5VQUgxcq4M3CnLifrmB9-9rxMCjIOe4fSmcUUehS3RGbhxsFaZd1T5PNABdKb3jbSsI17TXOtXaNkR2pO80gTTyMD3QfcnWVWZGU22V-Xgtop_QwPNKZLuz_HvxBhAQygxkGgRvJBNoJw60hkX3lJLLqdoBjtyIvNvX-5RH2tC2uMmA8lhHVOoE8o5RIiUX7264HeSmddzpulpNi0zkwHIU3TSe1kcp-DWqRXZprSqtzZbHhzbHfWb4zZMa4a1GEzdRHjMPYbyVk8FELUohxChkqANpQ3NFrsGqA_Ioi-FuBol8QdNyWMPWLOmaH35rHvwERqnzJVWzSIkQvvsOiY9hMmysT5DHnt6KudidM1yQUM3ZZoLZkxtQi08YWySf_5wt2J8qgVnFXHs16NddfwK1S3DlaYvu6kS6snV73a9uRXiBQ6vWf9Pf86Bx5SqQwexr01hrzzBsV5N0wJ5DQoiAyzpWkoWM25Fsjpcj3Et23Xi5NmS6y7G6iO4EsUwW_DXqFiktnwdQNPwr2_aofeM_N_5LuwYbGnVW2ZHPnbYcI8oM6sOp__gSKfJTAEow9Ok7cK3gknByI0jaNSP9RkakRPjfCXUknyuOBVj6iXGnhDGUlR8JPh2-EJ35mbs3LBQJt9ssXxpE5iH29lUeiof9l_JFtTFZq7aWq1IaDYGCGhFI0l-8HguoG7kHGBSjpsJhV0sZjE3bXIhMXZS5U497UAzeyqKCOKDq2UpP3G5qzxESKZcu-Um97mMERvvYrSpJmHqWcgoKZCy1hiYYhoVQjB1isYpDMSxRNW0kbs0UxicoI3X0Aw7bu55R9626KNThZUhfHohsfIJxt5Ka7aTzrZg1TajYituFgcIdA1e-MVUuKwXSjspgvNhw_88GGYJVJPZGXblHlFX4Mk2_VM1m0LLym7vfN5ec6s-z0_MU2Jj-MJDagFMxh9A8YaC3oqRZkM_HOF1V91Q8aXdmACh23i9AqobOrI_KgIKHttfohzU5Heuk3_Vm8TL8nwpaeXOXv-7n8zTDWBjICqpCp-zU63Rdgz0l4IyrtbimvtoV1P2xn2AB6wxznCDJ4HAUWyFFj09S904tmo_qEvqzpg3lP7FDhDPtx7RzN7vNpuLhI6RqKkL3p1D5RUrbS0RMJqISUVU6kxdHLxGiUalJZgUzfeJ7zj6iNaYFpAAlSFG14BOeWFO3JuIOvrHrT--UFnZVXj_BcBtIuMAZOI5AXhlhYEo0CK3WOTqbTvKPoAP5FuJQKQv3Ng4iI4OkRuFOXBlN6VRbrsxtEEWo3K0BUJuyzNsUZufjuKKTILyUj3PZYeed9CDcS-MmyDdTA-TVR4Qe_3Hw-xE9p9CIuD92aVBJw3IW18HPflRzB2m9Hb0XuNpNKznyGJVlRHUnulmkZEe-CBTQx3B_uwu6uxZgy04cdDG3AhN-uPm0txDgITwRZLX4MYNLHn7TZM6K6chSZ9J03LYUngPh67u_ge5CsoGs7qGKcMM2vEe3W-48K3l0U8Qo0xaTS5xq1d_jiS0mQk6dB3Ra_AarB60UU1eB-rw9h03Yvmhxq_D4iKPHznQCpQjwyEKcLPg4XaFzVypjYothiVA01q0tT4J1F9H3Lfgf16wfrKX2i3P60z0CHfBcjlpcMYksF5nhBF2bv5f-mOLIgFlwkZtDTGHTt-uwx2VSqLyf3Gw7tTyBttZv-Ox3_mtlxipw-wKQY_ScLQHfqnMbv38_WxkXqnv93F7PcxKhg_ozLuV7rKpXtyzEO-IpgnMlHhIxPFmUax2Q3KCbsH4kLfnboZYjjP99ZmhFNrNAQD8XMR7guf2THr0BCMyuWIth-LTFwFUgAYgfxEDMK37ON9bVevp_BPzrobrH35TzwOaGO7LiNG7EXPo4ncJViRSRcfF2gKPrLsnSKgRhwedFTwnG7C1aS82TfESNTqF0KkRlvgWTGtbct36dZeFonTCwKupTti2bozMm5DxGMdbnQIXOHfXj6sBAiA8YTbMOAWoEmRcSNABaVSy2JPEzrMsHl96Kwj-mtt1BQIxZRTeOYdcczHsynlxG0pF1o3Rff0PeXEwgd84uzs4qEeFEIZFr_6o8iNIM-lQzyxn-Kagnp9W28cIPl0bqzjUOBF8R_kDu4eW0SKsqyfSY3NgMe0gviIFuDkteOz_yqC3nkikSVzFePkZOUhSild_KGd77-9SY1C5Ecp0bSWKOxYZVc7qCz4Zz1Tg-TUyf1-KXr6JYjiWvDHpxH3TsZL5gSTJNzCzAI97B0&cid=CAQSSwDq26N9-mcaOVWrpfIHA33AvyU1GvhiyzfjSZLLB3bNT0CFOG_UkergJ0BEyyQatIupe0QugCAXBDYES5AWR87XKxto40SrQHjyVBgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Famenazaytx.site%2F&ds=l&xdt=1&iif=1&cor=14549169557277022000&adk=1877897943&idt=86&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:47:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
16795
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 16:47:06 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/ Frame FFFA 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230118/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DqIqJwc-N5a1-DyYwMY92XwxgqllxPVVL_M1qrn47WvgmMcLFD8AHoiEUVJxHDmt1QYs3wFpeRJcj4OyA6fNcRx8YAaNO2ziVqAJzwPBaiHrUlWwcc2Pvm_K4O4BhUO2ZeE1fcU1Q1TSVvbTynZpBz2_iu80sL-6noWYpSLlDUAvxOSQY&dbm_d=AKAmf-BxTkR7FrcVhnN4X2Yj7kLjTO3evOUav18PPO3ti5prrUWtMRtMg9IE1jCodR_xdlKd9aOh1FGPVSCCoQIuyjsws9cR4_7F35pQAEWrz0Wu19z4W_TXqhpSLnm9KNyj1z1IxZJ-QSMYJp_BjaFiFyoNQGFtXGu6nAsVQpgkwid_D_-Yx6tvmVpTIqo7_xNZeZTa4ZMQ0yBvKqwtHrA_0mQmByEpUJlgED7qCrfgHMvbAJPmI1jM3ziotLrLNU7LOdnMOP1X0el30Nq6pLNUKeVZnXudZVqO9_wN0s56lARC8Vq_erL0Q6NetoEjkIDG0z-xD43ShxEL58nx1oY6sA4AXHR1HrKgNmVWaTmR00EFk5LtlqQ5h-Tte0JjtqPWmraCrNt43Cr_RkLnX0nxv08tP0Ysm3rK6XBZFbt-pktdVeIx1BJ6CJWZ21ApfLIZnT9ZKzpEO3EShfqAvpqD8KmFhkqpeIh-F1wynStrrOpmeTu36GIwDu3Zhx9ZTni_mb--ORohT9WZfRVp-9o3hEuzYBJwVj2_O2w2mzWz44BfK-RQhJmTqgx1ozQeJghcKY8eAXewmn2nCitMINHjCoClmyeswhKm78ywfQz9XYGKqUhwbYBuMC6CzQH21VNWqh-nuEUZTJsBAvpdpKKryKnAiLq2jfbb97W_UNsmnvcsKFdwGkGL1vF5c_1NbSbO74apMqyU-3YBBFuL3uUOrmXyNkYwek6Lij41mvg45-bEkPevE95kf9ZlbpbnjZ_92_lFTRXyw72ag1grTY9DN919jjOi6as3TbAReZzj3mrxmhlzsAWQVFiDjhypUfeu1_ll34vTx2iZCIxO--0OiuX0l4t7NnGtV469tD4xbJM-_VVjCP80DI-4ukK3cOPMMXjkvIUh0jHXEI9c8DRpn_UxgtRQi0Cg4HBHPpRVdTzdO-fOzRv3nb4aJcN6B85F3XJc4DY2L6xDuWMRbFtS5wehyp7EK8WH6PK2Dskq77TUhCBrzFebueIXxIKx6mHMoTfcRTNorIZDKeW9o9cUQsRO-0_kmoSNHxXdNINN5VQUgxcq4M3CnLifrmB9-9rxMCjIOe4fSmcUUehS3RGbhxsFaZd1T5PNABdKb3jbSsI17TXOtXaNkR2pO80gTTyMD3QfcnWVWZGU22V-Xgtop_QwPNKZLuz_HvxBhAQygxkGgRvJBNoJw60hkX3lJLLqdoBjtyIvNvX-5RH2tC2uMmA8lhHVOoE8o5RIiUX7264HeSmddzpulpNi0zkwHIU3TSe1kcp-DWqRXZprSqtzZbHhzbHfWb4zZMa4a1GEzdRHjMPYbyVk8FELUohxChkqANpQ3NFrsGqA_Ioi-FuBol8QdNyWMPWLOmaH35rHvwERqnzJVWzSIkQvvsOiY9hMmysT5DHnt6KudidM1yQUM3ZZoLZkxtQi08YWySf_5wt2J8qgVnFXHs16NddfwK1S3DlaYvu6kS6snV73a9uRXiBQ6vWf9Pf86Bx5SqQwexr01hrzzBsV5N0wJ5DQoiAyzpWkoWM25Fsjpcj3Et23Xi5NmS6y7G6iO4EsUwW_DXqFiktnwdQNPwr2_aofeM_N_5LuwYbGnVW2ZHPnbYcI8oM6sOp__gSKfJTAEow9Ok7cK3gknByI0jaNSP9RkakRPjfCXUknyuOBVj6iXGnhDGUlR8JPh2-EJ35mbs3LBQJt9ssXxpE5iH29lUeiof9l_JFtTFZq7aWq1IaDYGCGhFI0l-8HguoG7kHGBSjpsJhV0sZjE3bXIhMXZS5U497UAzeyqKCOKDq2UpP3G5qzxESKZcu-Um97mMERvvYrSpJmHqWcgoKZCy1hiYYhoVQjB1isYpDMSxRNW0kbs0UxicoI3X0Aw7bu55R9626KNThZUhfHohsfIJxt5Ka7aTzrZg1TajYituFgcIdA1e-MVUuKwXSjspgvNhw_88GGYJVJPZGXblHlFX4Mk2_VM1m0LLym7vfN5ec6s-z0_MU2Jj-MJDagFMxh9A8YaC3oqRZkM_HOF1V91Q8aXdmACh23i9AqobOrI_KgIKHttfohzU5Heuk3_Vm8TL8nwpaeXOXv-7n8zTDWBjICqpCp-zU63Rdgz0l4IyrtbimvtoV1P2xn2AB6wxznCDJ4HAUWyFFj09S904tmo_qEvqzpg3lP7FDhDPtx7RzN7vNpuLhI6RqKkL3p1D5RUrbS0RMJqISUVU6kxdHLxGiUalJZgUzfeJ7zj6iNaYFpAAlSFG14BOeWFO3JuIOvrHrT--UFnZVXj_BcBtIuMAZOI5AXhlhYEo0CK3WOTqbTvKPoAP5FuJQKQv3Ng4iI4OkRuFOXBlN6VRbrsxtEEWo3K0BUJuyzNsUZufjuKKTILyUj3PZYeed9CDcS-MmyDdTA-TVR4Qe_3Hw-xE9p9CIuD92aVBJw3IW18HPflRzB2m9Hb0XuNpNKznyGJVlRHUnulmkZEe-CBTQx3B_uwu6uxZgy04cdDG3AhN-uPm0txDgITwRZLX4MYNLHn7TZM6K6chSZ9J03LYUngPh67u_ge5CsoGs7qGKcMM2vEe3W-48K3l0U8Qo0xaTS5xq1d_jiS0mQk6dB3Ra_AarB60UU1eB-rw9h03Yvmhxq_D4iKPHznQCpQjwyEKcLPg4XaFzVypjYothiVA01q0tT4J1F9H3Lfgf16wfrKX2i3P60z0CHfBcjlpcMYksF5nhBF2bv5f-mOLIgFlwkZtDTGHTt-uwx2VSqLyf3Gw7tTyBttZv-Ox3_mtlxipw-wKQY_ScLQHfqnMbv38_WxkXqnv93F7PcxKhg_ozLuV7rKpXtyzEO-IpgnMlHhIxPFmUax2Q3KCbsH4kLfnboZYjjP99ZmhFNrNAQD8XMR7guf2THr0BCMyuWIth-LTFwFUgAYgfxEDMK37ON9bVevp_BPzrobrH35TzwOaGO7LiNG7EXPo4ncJViRSRcfF2gKPrLsnSKgRhwedFTwnG7C1aS82TfESNTqF0KkRlvgWTGtbct36dZeFonTCwKupTti2bozMm5DxGMdbnQIXOHfXj6sBAiA8YTbMOAWoEmRcSNABaVSy2JPEzrMsHl96Kwj-mtt1BQIxZRTeOYdcczHsynlxG0pF1o3Rff0PeXEwgd84uzs4qEeFEIZFr_6o8iNIM-lQzyxn-Kagnp9W28cIPl0bqzjUOBF8R_kDu4eW0SKsqyfSY3NgMe0gviIFuDkteOz_yqC3nkikSVzFePkZOUhSild_KGd77-9SY1C5Ecp0bSWKOxYZVc7qCz4Zz1Tg-TUyf1-KXr6JYjiWvDHpxH3TsZL5gSTJNzCzAI97B0&cid=CAQSSwDq26N9-mcaOVWrpfIHA33AvyU1GvhiyzfjSZLLB3bNT0CFOG_UkergJ0BEyyQatIupe0QugCAXBDYES5AWR87XKxto40SrQHjyVBgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Famenazaytx.site%2F&ds=l&xdt=1&iif=1&cor=14549169557277022000&adk=1877897943&idt=86&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:47:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
16746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10811
x-xss-protection
0
server
cafe
etag
10713822464293745175
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Feb 2023 16:47:55 GMT
eyJpdSI6IjBjZTNkYjMxZDdmMTg1ZGIyMDY4NmI2YTE1N2JlNWFkOWNmOTE3ZWEzYTNiMGIyNzA5MGQwOTI5OWJjMTEwMDUiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 779F 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjBjZTNkYjMxZDdmMTg1ZGIyMDY4NmI2YTE1N2JlNWFkOWNmOTE3ZWEzYTNiMGIyNzA5MGQwOTI5OWJjMTEwMDUiLCJ3Ijo2NDAsImgiOjQ4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: cdn.purpleads.io
URL: https://cdn.purpleads.io/agent.js?publisherId=a8dbba899ffa9904c83f8f31297c4fb1:c482d5deb8980b8bc6b754dfe31eed2e17521c0bce0234ab44da16e47c5d442a7f8c26c14dc235933b8861dc33ca79009bd5fe48e2eab3becb88e57a359ee908
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c8d35b6735bd64c48530fe7112c9d455a32daac39b5e3430a6043e817622e28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:01 GMT
last-modified
Mon, 03 Oct 2022 10:49:28 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=676563
access-control-allow-credentials
false
x-traceid
d336b923a4e46c96bbef29110b814063
timing-allow-origin
*, *
content-length
52342
i
api.purpleads.io/x/a/ff57408f6644da738120c965853e59a6:b72a7c91ae1a474b44967eeda83953494deca190d87801af9eaa229d6900bf6300953653dc395d4ac42a58303aa52d350f2599699449c9591386b4732a539b5bde4981e17e95000... Frame 779F 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.purpleads.io/x/a/ff57408f6644da738120c965853e59a6:b72a7c91ae1a474b44967eeda83953494deca190d87801af9eaa229d6900bf6300953653dc395d4ac42a58303aa52d350f2599699449c9591386b4732a539b5bde4981e17e95000f53e9fdb6b559dcac2785125677bf2d5ee682cecddca4e009b665a3a0967f5c1975d2c72b1761a4ce5a16c61b3f512b753d9c3ef85d6d0ad2a74044e738df5bdc7caf802c3597f29d/i?id=884ee940-c5e9-4b03-b622-a52ef2153386
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.250.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-250-34.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
api.purpleads.io
date
Fri, 20 Jan 2023 21:27:02 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
x-request-id
d8557a9d-d54e-4c7d-aa9e-a324c1b9fd58
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ Frame 779F 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=a073e97014ed40603b76719965ca5537&pvId=a073e97014ed40603b76719965ca5537&sid=9435706&pid=45718&idx=7&wId=171&pad=1&org=0&tm=0&eT=3&cnsnt=no_consent
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:27:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
b1e86d028699a88388c7de39b5220b40
Content-Length
4
Expires
0
log-viewability
log.outbrainimg.com/loggerServices/ Frame 779F 		4 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.outbrainimg.com/loggerServices/log-viewability?requestId=a073e97014ed40603b76719965ca5537&position=0
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.13.96.71 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 20 Jan 2023 21:27:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
36ab5157a902f36d290baee753ecb21c
Content-Length
4
Expires
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FFFA 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 22:49:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 22:49:28 GMT
truncated
/ Frame FFFA 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2401db0756c61f783c664e502ebae5f3499e4c2f5fa58d6dbc18c243c9e6fe8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/6764783864924189503/ Frame 5953 		116 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00207e5ef7753a1a13a155d469c582c0df746a56540b9c3e02a91b2113b00df6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
197628
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21222
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 14:33:13 GMT
expires
Thu, 18 Jan 2024 14:33:13 GMT
last-modified
Mon, 07 Mar 2022 09:37:37 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FFFA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssz09QtKEbhItul-vy-c8xHcHPcaH_9HZs9gF5VQMg0AGyjSWRdf6wkVDU1cRcd5Iwbft3NS-CcwYQlZ0EoXswBhaPcRYcOqz5KtoJTqgXrxDHucmkFv1CW2YTmCQiEIuAKJNJAQElWq_IYCI9zsCOhjwPlIp9BYuWBjvfAdU3dx2BW-ugWkiiZhxrHzd63R1Il3GumMQjRoLVLYPxWhTFNJa4913jsmI2jJdXkPCYSpFwe5y8EGEmmjm-NYr0TU10gEyeCLaZmh4kGt_lo6P2-Vj4UFFW2gr9NOWa2dOKMlcTvv6nnPEcKKYYzn6mmtXd3cULyE8_9POlkJmmEn4oBpUo8N6r16tHwecjhk9QexJ6Q-kQf87z9Fz09TnTaj9JKLPlAf7K9qv7N3RambFEEhkO4hoAQdQoeZUTHhIkfTdb-Z3E3Ar_YHvR_yZHF1h__xeZOsGWMHVRRqgonLOUVdQN_liWBTPMu4NSNdVrLAlytpFE83Gv3xx1RfclCxsXWFT9vQBUmVmKNSTSiIPFVxARolswWj4q8EkM3DR3cs6i1MgtAHFtLFLXKAVSsH-jBTnAO9RW-BkGbqd89kbCGQ_al6mCZQuU0PoejHcAEm09TO9uQXcj-LyjZpmGPuN1etHp_xSmIMQF4yChSx6g93Ga_rIaB578VC0qp3wd9SfvAw0G1ShFRR6bObu6mftQPSQwUe2FdovFG10FdQl_n476xmw7WDbBCR_7DsfqJjutagWFGOZjumkM39vE4K2lZs686hJ_sWps85FfDebKohR5dQrComs8-rBDgJeQaY3p_LhLQq7WJrePH1ANFSfq7wmgO1YtNXEPk1QleKBPa3Abmx9gvFaWKQcLZp6l_rULnRWBA174pNo_ebFDiPYHps5mdnG2kxQQMLgQtmaBLNQvvFbT3-cIQTi0m5dPyiBEVUO1dPSQjOxmUi39ea8SHSP0XcAgrstAlcIrv7YLqppZE90h4Q6n5zLVwzv86HICNXa8_V0PwX083wbqagwDdxdF5L9EvFOrElrmVyBcZuwyugkmMUTi-4Df98is-BypS8g2eU1CQ09D7KFoR625GKsWVv3GFTcJOqS6mUQS1OmUNA-XyVBfF3nivlmZw5kc6-b9SjQzq6yKcQQqT8DFfls_yVfPKRSzVUY9cZdVCRMpuEQnTKDu_9QGzxJrj06UsZmyi-Xy2LRLhOPa_Rh-fOQlFrC3buT1MnYR4mfkVcaN5oP3iTqRtGzx_6iKzw7LaYaT53dZ0l9nKXflO&sai=AMfl-YQ60kdGtfzaVmnPYqbKAgUhPbQV-MEJZhD6KtIl_aam5FxvdaD1uj0piQ-YHXg8rExwBJpg1tWflUHwp9ivoVCgHcuti9cUkUjNVQfGMass6X15bdjVgWRTMq_kcE5dmRHcypdmASsE3HjoSa8iojHjFwRIY-dLbJoE3XxwFX6xQQBkJdg4aXhD3kAOIjeUaPOjZlcgep9SW3fC_ddo5a8ntAoDbN-poZRya0BTWsmLFscHaqAiEdhWqBTB04koCcHV6gGFtNi-zYuyvIpil2kkUTHcWXIKs13RNQc&sig=Cg0ArKJSzNVwmD0z4dT6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=59&cbvp=1&cstd=56&cisv=r20230118.12625&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 20 Jan 2023 21:27:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Jan 2023 21:27:01 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F87D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
379046
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Jan 2023 12:09:35 GMT
expires
Tue, 16 Jan 2024 12:09:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 5953 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6764783864924189503/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 10:42:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 21 Jan 2023 10:42:11 GMT
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame F87D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:43:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17032
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Jan 2024 16:43:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FFFA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssz09QtKEbhItul-vy-c8xHcHPcaH_9HZs9gF5VQMg0AGyjSWRdf6wkVDU1cRcd5Iwbft3NS-CcwYQlZ0EoXswBhaPcRYcOqz5KtoJTqgXrxDHucmkFv1CW2YTmCQiEIuAKJNJAQElWq_IYCI9zsCOhjwPlIp9BYuWBjvfAdU3dx2BW-ugWkiiZhxrHzd63R1Il3GumMQjRoLVLYPxWhTFNJa4913jsmI2jJdXkPCYSpFwe5y8EGEmmjm-NYr0TU10gEyeCLaZmh4kGt_lo6P2-Vj4UFFW2gr9NOWa2dOKMlcTvv6nnPEcKKYYzn6mmtXd3cULyE8_9POlkJmmEn4oBpUo8N6r16tHwecjhk9QexJ6Q-kQf87z9Fz09TnTaj9JKLPlAf7K9qv7N3RambFEEhkO4hoAQdQoeZUTHhIkfTdb-Z3E3Ar_YHvR_yZHF1h__xeZOsGWMHVRRqgonLOUVdQN_liWBTPMu4NSNdVrLAlytpFE83Gv3xx1RfclCxsXWFT9vQBUmVmKNSTSiIPFVxARolswWj4q8EkM3DR3cs6i1MgtAHFtLFLXKAVSsH-jBTnAO9RW-BkGbqd89kbCGQ_al6mCZQuU0PoejHcAEm09TO9uQXcj-LyjZpmGPuN1etHp_xSmIMQF4yChSx6g93Ga_rIaB578VC0qp3wd9SfvAw0G1ShFRR6bObu6mftQPSQwUe2FdovFG10FdQl_n476xmw7WDbBCR_7DsfqJjutagWFGOZjumkM39vE4K2lZs686hJ_sWps85FfDebKohR5dQrComs8-rBDgJeQaY3p_LhLQq7WJrePH1ANFSfq7wmgO1YtNXEPk1QleKBPa3Abmx9gvFaWKQcLZp6l_rULnRWBA174pNo_ebFDiPYHps5mdnG2kxQQMLgQtmaBLNQvvFbT3-cIQTi0m5dPyiBEVUO1dPSQjOxmUi39ea8SHSP0XcAgrstAlcIrv7YLqppZE90h4Q6n5zLVwzv86HICNXa8_V0PwX083wbqagwDdxdF5L9EvFOrElrmVyBcZuwyugkmMUTi-4Df98is-BypS8g2eU1CQ09D7KFoR625GKsWVv3GFTcJOqS6mUQS1OmUNA-XyVBfF3nivlmZw5kc6-b9SjQzq6yKcQQqT8DFfls_yVfPKRSzVUY9cZdVCRMpuEQnTKDu_9QGzxJrj06UsZmyi-Xy2LRLhOPa_Rh-fOQlFrC3buT1MnYR4mfkVcaN5oP3iTqRtGzx_6iKzw7LaYaT53dZ0l9nKXflO&sai=AMfl-YQ60kdGtfzaVmnPYqbKAgUhPbQV-MEJZhD6KtIl_aam5FxvdaD1uj0piQ-YHXg8rExwBJpg1tWflUHwp9ivoVCgHcuti9cUkUjNVQfGMass6X15bdjVgWRTMq_kcE5dmRHcypdmASsE3HjoSa8iojHjFwRIY-dLbJoE3XxwFX6xQQBkJdg4aXhD3kAOIjeUaPOjZlcgep9SW3fC_ddo5a8ntAoDbN-poZRya0BTWsmLFscHaqAiEdhWqBTB04koCcHV6gGFtNi-zYuyvIpil2kkUTHcWXIKs13RNQc&sig=Cg0ArKJSzNVwmD0z4dT6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=152&vt=11&dtpt=93&dett=3&cstd=56&cisv=r20230118.12625&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: amenazaytx.site
URL: https://amenazaytx.site/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 20 Jan 2023 21:27:02 GMT
TUI_smile.svg
s0.2mdn.net/creatives/assets/3060934/ Frame 5953 		1 KB
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/3060934/TUI_smile.svg
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
603
x-xss-protection
0
last-modified
Tue, 27 Nov 2018 13:48:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Jan 2023 21:42:02 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 5953 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:15:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1056
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 09:19:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Jan 2023 21:30:53 GMT
head2_family_mob.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 5953 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/head2_family_mob.svg
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9e6ed62d5ff953eb0b609a2970f0734f80b70522e0a4af2a93d870807520ea9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3094
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 07:48:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Jan 2023 21:42:02 GMT
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 5953 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:15:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1288
x-xss-protection
0
last-modified
Thu, 21 Oct 2021 13:24:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Jan 2023 21:30:53 GMT
familienzeit_mob.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 5953 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/familienzeit_mob.svg
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
846a93669a4bb91146f245de74a56312277a94e07ac74721056459bcc8035aae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1278
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 07:48:13 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Jan 2023 21:42:02 GMT
mob_300x50_kv.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 5953 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4453672/mob_300x50_kv.jpg
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cd8f70ac868a2ef49819dc1322632684738fae890caa93b11118f01ade0fa9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6764783864924189503/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:02 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22587
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 07:48:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 20 Jan 2023 21:42:02 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F87D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7Q-cJQfLY-2xMPuH9u8PuPG3oAwAAAAAOAHgBAI&bg=!vb6lvvrNAAYDMoyoIzI7ACkAdvg8WnxYC7-M93M6u3E4LjPyGUD3NQATJ8GgwLDO240NooOdZDshfgIAAABiUgAAAAJoAQcKAFHEWbW55jdB89tFwgR8ws4g3QC4TTaTaa-0TwOCAYySyz-izf0zUm7uLaQowDf5_G2EF-RyQCmVIQCUlOvlfSxAkcsV-CusBDNEmybkPol77l-ZAzWy_taMJEOFINz2JPxekcO4xIVSe-BqEn59cp_s2Gd6oPuSSoWVBhA7jgP8geCwQlUPKNsrblt05ROwsMUvmd-C1kDaPYSNK4sJYPO7H5h_7G9ozgDpY4xDK4ejHSLJxX3YyJYb4tb4aB6P0SVjfGNmuLM32CzAWgSazeieEY-7AuhqS4N-5SAadUWi8Rp-Q5xXGs2q4fQ3JMxowCuzfwXyiNX8G91KjfSPfMRkFPwyAoAXHNsiKNCVw62-WqM6OCT4NF_x1VbGFug23V6Zt28VRcXmsaeYV-RYX67FH4YwzPXU_jnMrouTjowMk41mbqkmipA4ddp0IOvgXtPO6IxE20IKpU9MfPiFBQXU287rBBB154zc0ZcGeoWt-vh9X2fBhG-nlC9JcVVfvNg91XOt2HhM94P2-c1Olv3nnbypjTH8ZzFDZA_FCmadRbhIJG1dxHlQSRAtt8NcoKjhNekMSLBhdt3oeeuC_j2gaLOBA3MDFaRDtaBpmE9vBZT37wcd7QfdDkOIOyFqC-SYYp7eFWh8YX2YZwIyp2mDlKAf4GypH2TkP3-S2znkx5sdyXU6j_vK5TxH3Bb8Ppvum-K7PhaHhvldYH08FubMCBQVJ6XrFGHkH3D_WIQdYKhsmwezpyEg6dY8EaLtdU7N5uklfKQ4dje6fKu41U_GFnEZIGJ4OxdDUdCQhl8vNT6jmuHr4xuuwXsUSQN6cVpzBiBVnancHXAIyA5CnB55Nwl9b9BvMGWd_zeF-PaJRFGBI48mnOtCaRI2RgJxA8nArkZ0SLUq0-Q8XyC1vxc-EUh_DbEy2y5wXCjHTEQu13H_gW3MRICXSOeyuSmpp0r2uQyNJ_We1gO2hePZOW3DZDwySubVzAw7xyCOOwbrnGMKnwnBHhLIvvyPVwWPjcBqkFkTT9WIKvncKzSzacThOSAmgfk4wKhwgQ1C3YGzwh0Sivii3IPQ1f4sM6NkHd4MktRLg3xQ3FRGV6hGTTOoYo6sGDt515UwauClyip29YfGwnr5zFPiP5l_inPAGDxb04LucoeaQBeJ2urSi_a5M7Okq-tVUhq-0Crr3fX2kQlhg9NdsQlUHg
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4.js
static.adsafeprotected.com/ Frame FFFA
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/990511/61634092/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_JQfLY-...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:2304:5200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 19:44:46 GMT
x-amz-version-id
zY2JBCN4YW7W9FILnhc6dvLmbr8sZib9
content-encoding
gzip
via
1.1 89a6fa6293c9b0bbce683ad0b9f7f538.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
178937
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 18 Jan 2023 19:44:35 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
j5yEmqjUNxfUm3oqfrhTzrd89mABVJo5tKmYv9jbIX3BFD11oXahAg==

Redirect headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:02 GMT
server
nginx
x-server-name
app13.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 7BCE 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:5200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 89a6fa6293c9b0bbce683ad0b9f7f538.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
10475446
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
BXtP7E5WJC8Tp8cCV4ukKVRtisWA5kQFZuehiTvNgbDvq5k5RbA6zQ==
dt
dt.adsafeprotected.com/ Frame FFFA 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1a1c736b-c148-e30f-27f6-fc90918d2784&tv=%7Bc:1Sk0aR,pingTime:-3,time:44,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:50,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:44,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~300.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttwat9z+11%7C12%7C131%7C14%7C151%7C152%7C153%7C16%7C171*.990511-61634092%7C1711%7C1712%7C1713%7C18%7C19,idMap:171*,rmeas:1,rend:0,renddet:na,siq:19%7D&br=c
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:02 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FFFA 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1a1c736b-c148-e30f-27f6-fc90918d2784&tv=%7Bc:1Sk0aU,pingTime:-6,time:47,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:47,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~300.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttwat9z+11%7C12%7C131%7C14%7C151%7C152%7C153%7C16%7C171*.990511-61634092%7C1711%7C1712%7C1713%7C18%7C19,idMap:171*,rmeas:1,rend:0,renddet:na,siq:19%7D&tpiLookup=ao:amenazaytx.site*%2Ceb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com*&br=c
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:02 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FFFA 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1a1c736b-c148-e30f-27f6-fc90918d2784&tv=%7Bc:1Sk0aX,pingTime:-2,time:50,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:505,beZ:506,mfA:508,cmA:509,inA:509,inZ:513,prA:513,prZ:518,si:523,poA:524,poZ:544,cmZ:544,mfZ:544,loA:552,loZ:554,ltA:555,ltZ:555%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.50,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:50,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:50,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~300.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:ttwat9z+11%7C12%7C131%7C14%7C151%7C152%7C153%7C16%7C171*.990511-61634092%7C1711%7C1712%7C1713%7C18%7C19,idMap:171*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:19,sinceFw:31,readyFired:true%7D&br=c
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:02 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 0061 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOEelDaQdoZXhn8EuZ3zrO6IQk5PqcIvQNsPRsWmUITafltavr84TEodJ69ZNO6VM2V3Z9BAohQCxZXkqjcPuKDKzymlwnY1NOqSxl7wx_GlrT2ocRE3qdtZBfIG-NLLqRP-n8uw&sai=AMfl-YS97s3KLxhwoxmlUUmltzdsWajsIsr1Gf7HcqhmgH5jSMuXsc5tcSKl29PlsrUGiUe8e0HoNKdPFDDryabx3uyZjjh6rYbtyHUApE4WSKtWbr4OAdRA1G92oYjJkgTgNtyQUV99wRcBDUamvpi8&sig=Cg0ArKJSzP_sK9ejzFALEAE&cid=CAQSTADq26N91H6YCwTYCV_EqLsBXqMY5zNANru62L66220zqfL2GvUnDwwv4nGKsygQquNWRbrCjuaeYm55pvU1c0_0-SIaGLNsNYbpObsYASAT&id=lidar2&mcvt=1000&p=1051,1342,1091,1383&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1107868161&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674250021149&rpt=221&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame FFFA 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1a1c736b-c148-e30f-27f6-fc90918d2784&tv=%7Bc:1Sk0hf,pingTime:-10,time:440,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC43NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1674250022605%7C%7C1baac9ede10ab8081a7542495e2c3186%7C%7C8e7a3195fc7d943b14e55b6c8e00d314%7C%7Cdc4bf3488b79e93c207cf339c3e34a23%7C%7C0d48b0732de7a02aaccf8ccf4f9b3f99%7C%7C293a2505ad3e8cc6f3815eccb111464d%7C%7Cb52d45805750aaf292c83fa4b1d2bc40%7C%7C46880ca165e0ea95570036145624544f%7C%7C1663701684%7D
Requested by
Host: eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
URL: https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:02 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0061 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8062460231578&version=m202209210101&ct=76&x=1&cor=4319220163507396000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a566392d5b8aa308684567152882797eba5babb030134b2fa4fd91045c7f0f5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11064
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FFFA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7yN56FLFPDwqJZG4doFzhy83aLiiMlJT6FCV6xPh1kp8n1oM23PtK8DQSSpveUBQxKiBBgxxfMxfDsn3FKHdh2GBSNXp--SJS-aNK5Cb2RZ1cdpFpbBCxZeurjrGCpQGUxmvNsg&sai=AMfl-YR3GhE0Gxf7aqV5AmkaIQaU8XxoKv6g4Bu9HAtzz0rJszf33f01BPwfTo7n0wfLS9ZIsYxiFsJBpzkFoqh5RZ8md1HUAsHLYRJYrcBAPV23wOgqlKtPNgmRT4gxRiRNou5cuyGqnaGQoqW7s5w&sig=Cg0ArKJSzBEuPN0suXxjEAE&cid=CAQSSwDq26N9-mcaOVWrpfIHA33AvyU1GvhiyzfjSZLLB3bNT0CFOG_UkergJ0BEyyQatIupe0QugCAXBDYES5AWR87XKxto40SrQHjyVBgBIBM&id=lidar2&mcvt=1000&p=86,15,136,315&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230118&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=841822932&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674250021660&rpt=226&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame FFFA 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1a1c736b-c148-e30f-27f6-fc90918d2784&tv=%7Bc:1Sk0mk,time:755,type:e,im:%7Bpci:%7Btdr:709%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:755,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B749~0%5D,as:%5B749~300.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:282,fm:ttwat9z+11%7C12%7C131%7C14%7C151%7C152%7C153%7C16%7C171*.990511-61634092%7C1711%7C1712%7C1713%7C18%7C19,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:19,sis:142%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:03 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011101.js?cb=31071775
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 21:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 20 Jan 2023 21:27:02 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 64CF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5470
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 19:55:53 GMT
expires
Sat, 20 Jan 2024 19:55:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8D43 		783 B
916 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cf2dd93f89a6a8d241a3aecfd3ecae76ab00e118e9ec55fc1e1af714b47fb30a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dDijsCNjOOWxGjTLYAcevg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://amenazaytx.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-dDijsCNjOOWxGjTLYAcevg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 20 Jan 2023 21:27:03 GMT
expires
Fri, 20 Jan 2023 21:27:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
pagead2.googlesyndication.com/bg/ Frame 64CF 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KJeI0sMyo1Q6mjhDM9mKcjS2IqRt95c1wIDqLysfd0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 20 Jan 2023 16:43:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16068
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 20 Jan 2024 16:43:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8D43 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011101&jk=3901675974967001&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame FFFA 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1a1c736b-c148-e30f-27f6-fc90918d2784&tv=%7Bc:1Sk0r8,pingTime:0,time:1053,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:50,t:17%7D,%7Bpiv:100,vs:i,r:,t:1052%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:1052,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1046~0,1~100%5D,as:%5B1047~300.50%5D%7D%7D,%7Bsl:i,t:1052,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1046~0,1~100%5D,as:%5B1047~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:169,fm:ttwat9z+11%7C12%7C131%7C14%7C151%7C152%7C153%7C16%7C171*.990511-61634092%7C1711%7C1712%7C1713%7C18%7C19,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:19,sis:142%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:03 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011101&jk=3901675974967001&bg=!p6SlpODNAAYDMoyoIzI7ACkAdvg8WmyLsKNK75dEJaOCE_ZGjHlf242u3JINEjJQ40z85Phy88nnawIAAABQUgAAAAJoAQcKAFyF1ZZXacAgjWGIb0LSZtpOAuYY8Nk0vHoKyjaswgx0LNEPkylVsFZuiTtS2rg6snfttsu7DcJfXp3j8nUjafG85gp1nU5yRLO_4WXZBiHh0v6THvkWG8JuzbQB9ZkCp68ZkEh23_WEsGh7PGwfKPQXDxleaZSogjr-fkoYYaMgQFasrFpE9em_KLsNNhb35RBluJTqAPoJrjJ68CNtAKgJY8aMZp1PBTJmozsZloxJ9_gpWFW-6NCH0xhg2bBnj-5LFQqvIjfNgoZjINvLap20fYMgOg6y2EBjDozmpAxs9jAOo2mmtxMClqY-cGC_ZKnhMNDpuHtQODfTeJifstxiE15BH85B2s0hp2Y1dSVchST_pln79Y0Okll4ePgMrrk1lnmlgHe6dyF8ud3hdOKa6tiqfGbB5XBe5K4mlh5ucnsZCRDN-rz_FnDd-Yy7IPSpvvsSkZGPA7SxhrtkZEX6OVsa557PunGElIkgqCDsFENk-UudODJX2y7IRbb4NPrsf9-xUnV0xH_-Ol0Zbv6vLOE8RWUuhjtnsAVIOn_GCamyhQgY3vapr9yiiaTce0rMQrpmT5QiMA3hiUxOrF3A-NEbgTGKFrEN9FKUcra_KZqUVc7zPUlXy60BhoNGQ8NyG6fsHq3KegCHAxfmtueUH_Z39XW5D8WwM59Lhz-bbBIbSqXScfuQJVer8P2w_uyr06YQNOEIMJw66ivmsp5bwwGOL--ZeMICjFcmCSuCC5zdCm3U2MG9mdOF7LF8CieoYoq98OWeoiEOt-ZHA6qa8-yNPsS1uNsJD0y1JSW2Hfrxmv-8KbsdJKdaqVKb7o9YQUcLZcWLzhLVR-mJfjyiAf3ZMJbmP5Xg_tjFMdaKAjiuBkIFqnZaPCCdRypdhfW4vNSg2Qg4UnHHgL0XDvEJILuH1gYG4zC5-LGaahRHfjTiBThhEfP_5GdW7_CMHROdWmHPY9gDet__cKFQnKzhD8c_7YS0fDD1cqB0bQ9A3D8b5Wtq40yeIl6hjZ-BcH48TeA0Dzc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame FFFA 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5570297459137&version=m202209210101&ct=76&x=1&cor=14549169557277022000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-HVPFKTV6LZ&gtm=2oe1i0&_p=1578021164&cid=479643305.1674250019&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1674250019&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=scroll&epn.percent_scrolled=90&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVPFKTV6LZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame FFFA 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1a1c736b-c148-e30f-27f6-fc90918d2784&tv=%7Bc:1Sk0Hh,pingTime:1,time:2054,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:50,t:17%7D,%7Bpiv:100,vs:i,r:,t:1052%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:1052,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1046~0,1~100%5D,as:%5B1047~300.50%5D%7D%7D,%7Bsl:i,t:1052,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:172,fm:ttwat9z+11%7C12%7C131%7C14%7C151%7C152%7C153%7C16%7C171*.990511-61634092%7C1711%7C1712%7C1713%7C18%7C19,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:19,sis:142%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:04 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame FFFA 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=990511&asId=1a1c736b-c148-e30f-27f6-fc90918d2784&tv=%7Bc:1Sk0Hh,pingTime:1,time:2054,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:50,t:17%7D,%7Bpiv:100,vs:i,r:,t:1052%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1002,o:1052,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1046~0,1~100%5D,as:%5B1047~300.50%5D%7D%7D,%7Bsl:i,t:1052,wc:0.0.1600.1200,ac:NaN.NaN.300.50,am:sp,cc:0.0.300.50,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.50%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:172,fm:ttwat9z+11%7C12%7C131%7C14%7C151%7C152%7C153%7C16%7C171*.990511-61634092%7C1711%7C1712%7C1713%7C18%7C19,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:19,sis:142,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:04 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-GG2SR4CZDE&gtm=2oe1i0&_p=1578021164&cid=479643305.1674250019&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1674250019&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=scroll&epn.percent_scrolled=90&_et=25
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GG2SR4CZDE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2ZXVHQW49E&gtm=2oe1i0&_p=1578021164&cid=479643305.1674250019&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1674250019&sct=1&seg=0&dl=https%3A%2F%2Famenazaytx.site%2F&dt=MundoYT%20NBM%20-%20Tus%20mejores%20archivos%20aqu%C3%AD&en=scroll&epn.percent_scrolled=90&_et=10
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ZXVHQW49E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://amenazaytx.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 20 Jan 2023 21:27:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amenazaytx.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| oncontentvisibilityautostatechange object| _wpemojiSettings object| twemoji object| wp function| $ function| jQuery object| Cli_Data object| cli_cookiebar_settings object| log_object object| CLI_Cookie object| CLI object| cliBlocker string| CLI_ACCEPT_COOKIE_NAME string| CLI_PREFERNCE_COOKIE number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP function| gtag object| dataLayer object| _0x6932 object| _0x21f3 function| _0x48e6 boolean| _purpleAdsDisplayInit object| globalSlots string| purpleadsInstanceId object| purpleadsAgent object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal number| persistclose number| startX number| startY string| verticalpos function| iecompattest function| get_cookie function| closebar function| staticbar function| verifyCallback function| onloadCallback object| Light function| updateDCPAProgress object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| ADAGIO object| recaptcha object| _ADAGIO object| _0x6197 function| ver_enlaces object| interstitialSlot object| googletag object| ggeac object| google_js_reporting_queue object| kadenceConfig object| kadence undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| currentText string| categoryCookie object| categoryCookieValue object| cli_chkbox_elm string| cli_chkbox_data_id string| cli_chkbox_data_id_trimmed object| srcReplaceableElms number| barheight function| stayTopLeft object| ftlObj object| GoogleGcLKhOms object| google_image_requests

25 Cookies

Domain/Path Name / Value
.amenazaytx.site/ Name: _ga_HVPFKTV6LZ
Value: GS1.1.1674250019.1.0.1674250019.0.0.0
.amenazaytx.site/ Name: _ga_GG2SR4CZDE
Value: GS1.1.1674250019.1.0.1674250019.0.0.0
.amenazaytx.site/ Name: _ga_2ZXVHQW49E
Value: GS1.1.1674250019.1.0.1674250019.0.0.0
.amenazaytx.site/ Name: _ga
Value: GA1.2.479643305.1674250019
.amenazaytx.site/ Name: _gid
Value: GA1.2.344008259.1674250020
.amenazaytx.site/ Name: _gat_gtag_UA_205586502_1
Value: 1
amenazaytx.site/ Name: cookielawinfo-checkbox-necessary
Value: yes
amenazaytx.site/ Name: cookielawinfo-checkbox-functional
Value: no
amenazaytx.site/ Name: cookielawinfo-checkbox-performance
Value: no
amenazaytx.site/ Name: cookielawinfo-checkbox-analytics
Value: no
amenazaytx.site/ Name: cookielawinfo-checkbox-advertisement
Value: no
amenazaytx.site/ Name: cookielawinfo-checkbox-others
Value: no
amenazaytx.site/ Name: viewed_cookie_policy
Value: yes
.servenobid.com/ Name: cap_559
Value: 10
.prebid.a-mo.net/ Name: __amc
Value: 4_1674250019_1674250020
.doubleclick.net/ Name: IDE
Value: AHWqTUkoLuCOvQ_dfBoyd9QQtp2XtloktMR3CqBcmbbon3bqAjkcSf7maEUaaqbX
.adnxs.com/ Name: uuid2
Value: 6198077420966972034
.rubiconproject.com/ Name: khaos
Value: LD518GA6-1-6R8O
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpRs0kaLH/qITpcd3HBZZ775PzI6EyVJjldQcjwJyI7358yxR+JBKaI5DHMgkKKbK3BBJ+bs5TL6iYbB5SW5XQ350C9q4E3dK2ma+WVcS1g3g==
.casalemedia.com/ Name: CMID
Value: Y8sHJaR81zo.yCRf-FoDCQAA
.casalemedia.com/ Name: CMPS
Value: 2172
.casalemedia.com/ Name: CMPRO
Value: 2172
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>:hEfyP!]tbPl1M>e)ZlrFUfJ+tGXxou9+s*7APTF._'9AyVbkWRGWhe.aaU^05AtLK*bpRz*qF1`*b^p0)ix'c
.amenazaytx.site/ Name: __gads
Value: ID=3a0a3f6cd1ca3f0f:T=1674250020:S=ALNI_MZXl58ynGxShfn_uskDM7sLGe00Hg
.amenazaytx.site/ Name: __gpi
Value: UID=00000bc733644dad:T=1674250020:RT=1674250020:S=ALNI_MYDD5hNiHEq36WWr9KJxSgWLdTN1Q

26 Console Messages

Source Level URL
Text
javascript warning URL: https://cdn.eswhik.com/npm/theme.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/npm/tags, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/theme.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/npm/tags, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cdn.sendwebpush.com/adsendwebpush/client_services/603d92f98981a_2103.js
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/jquery/jquery-3.5.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/jquery/jquery-3.5.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://eswhik.github.io/drive/buttons/z1/config, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/300x250-cpm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/analytics-eswhik, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/reCAPTCHA/sites, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/reCAPTCHA/Sistema-Blogger-2.0, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/api-popunder.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/pregressAdTime, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/api/api-eswhik-push, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/copyright-eswhik.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/npm/tags
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/load-scripts-eswhik-premium.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://eswhik.github.io/drive/buttons/z1/config
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://unpkg.com/ionicons@5.5.2/dist/ionicons/ionicons.esm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://eswhik.github.io/drive/buttons/z1/config
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://eswhik.github.io/drive/buttons/z1/error, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://cdn.eswhik.com/drive/reCAPTCHA/sites
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/progressAd.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/tags/pregressAdTime
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/ConfigProgressAd.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/api/api-eswhik-push(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/eswhik-push, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/api/api-eswhik-push(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/eswhik-push, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/tags/eswhik-push
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/script/eswhik-push.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/cpm-script-v2-eswhik, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cdn.eswhik.com/drive/api/api-eswhik-cpm-v2(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.eswhik.com/drive/tags/cpm-script-v2-eswhik, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.rubiconproject.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
amenazaytx.site
api.purpleads.io
bidder.criteo.com
cdn.eswhik.com
cdn.psdn.xyz
cdn.purpleads.io
cdn.sendwebpush.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb331333eca667b5bfff6635a3c26dad.safeframe.googlesyndication.com
eswhik.github.io
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
images.outbrainimg.com
log.outbrainimg.com
mp.4dex.io
onetag-sys.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.media.net
region1.google-analytics.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
smarttag.rubiconproject.com
static.adsafeprotected.com
sync.teads.tv
tlx.3lift.com
tpc.googlesyndication.com
unpkg.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.111.217.162
104.96.128.226
104.96.145.246
13.32.27.110
142.250.180.194
147.75.85.234
172.217.16.194
18.200.146.35
185.184.8.90
185.80.39.216
20.13.96.71
2001:4860:4802:34::36
205.185.216.42
2600:1f13:800:7781:1ff7:f8bb:5daf:de82
2600:9000:2304:5200:8:48e:53c0:93a1
2602:803:c003:200::21
2606:4700:10::ac43:19b3
2606:4700:20::681a:9a9
2606:4700::6810:7aaf
2606:4700::6812:372
2606:50c0:8001::153
2a00:1450:4001:801::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400d:803::2003
2a00:1450:400d:805::200a
2a00:1450:400d:806::2001
2a00:1450:400d:807::2006
2a00:1450:400d:80a::2004
2a00:1450:400d:80a::2008
2a02:2638:1::1a
2a02:4780:b:730:0:2ede:94d2:a
2a06:98c1:3120::c
3.214.250.34
34.107.148.139
34.98.64.218
37.252.172.123
51.75.86.98
52.57.28.56
54.78.110.39
00207e5ef7753a1a13a155d469c582c0df746a56540b9c3e02a91b2113b00df6
0121bf42f1b2aa9d0a57f8911e9a80d4744a910ccf8c1363b2ddbcf58765992e
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0ae6ea856aeb74f538733cde9374efd62277638efade11e0cedf596be1f3d559
0afa89cb6e2f3db520516d605e1bfcc52b0818c0bacc2ccdbc36a99c1e2b40e3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c8d35b6735bd64c48530fe7112c9d455a32daac39b5e3430a6043e817622e28
0f14b612adef254430bdf87ec7405512fe8f5d39de4d789841d1239ef6420492
11401b059365dd387ba607aa55ca532d326d764253ea85de141a4423cedfef27
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
147f6577a0412f68897034a230662e60fd5d844a5b32248e3c2f3cb3be3ff538
15863c30adbf1f3dd1c4eb22b9ed6826d01a9beadf44db08d7ecedb6836ed131
158d79fd58c16335daa98076e3212bc0544a0077274ef3ba04da0ff06ec30e4b
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
1ed6438bfe41ea5183dba8da3c961dfa38e3090c39d6694fc5dd974f57ca56cf
200b32faba6d425db016e3cf45bca5e1c2093677fa9172e914b955dca7569824
20193736d900f0b602a678f804676349764578ab2adcd07ffebb6d06df1afd96
225ecc9c45244bc12f5eef16f80c0077979c74093fd380e3e5a95eb0e70e9720
22c72dadcee3108bec75726d338589e95b3e4f3800336c966a4f03f62a0ef7a6
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
258cdd8c4084a561a757b87722ed754094bfab9d157d8369034900bdd56af915
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2804abe47f80f47f18c36af50e7bf8e520e37eea1b8426110e8f7b2e0cbf4ce6
289788d2c332a3543a9a384333d98a7234b622a46df79735c080ea2f2b1f7743
2cd28b80d9e535057a264ac2c787339c3a6e114da736881003dfd5e98ad3de47
2e2f2336b5e6698b628afc75fa9a24c67b73d5872c1d4af99ca436064f636ee0
2f4d3d0e7fd1a21de4e275fd70b4ad1c4534abb87f800475966bfd3bff0d56e1
31145b69a3dd573c8158f915353b0fef018b8eeacc9e756ae0ea9ff8670b46b2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3434bc3dd0c771a9fd5fc2cd2579c8e8af1a8cdf136927f4ad883f236f62fb4a
34dd97dc4df4b7473a8c722f5ee839300e53b5a2aefb2a051f6066bb93834e68
360daeec209221147de55fc51d2e156ef1ae75a6cd630f538bbeec3de3496e74
369241ffa9329b29bf05bd494a0ea370f08ff5cef21d3832959f2e42587e0b76
39ad42648baede16996541d1293446e9b2a0df02bb5305b6e5131255872b37ee
3a696b72625c76c1c238f9a1f4a84549ab2af6a805ae2dd7c1cac6c429454f1c
3d5e54f3697a04beafe4c0d87c693de12f9501f97d29bf12b39ae90c8f8fceed
3eb0c77d847b04466e4de3138d69c534f71a829db53498a6b10d6c570815fc47
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
411ebf3f42ff97b8fdcb02ef60f534e0fd011b86878ec33abf2509b4bfe58037
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46dfa5ccfeb01ea2b02c17b912802eeae9bc2fb7b50ce379768a0ab85529b4e3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cdf058286dcc09e5511ec4f021ce5ce4d22052312bf08ce7b672e08eb5a4a9f
4d48f23db5a2b8ad4bb6ff0601bc21795fd67076e8443e395f8177ea69852861
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51bb6e5e42da084b36fc157bdc14d6df9a559d918da43fd26bc9ff80d9e1b4d0
54e5a87d0b6a722ce2c8f0950e23f6b8205f391eaf52a4c10c8956b1560d3a52
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5602905cd2a14cedc8625f943afd5be4cade0e98a5a0dffe443007a62d3359a7
589289a1564f9b2715865a4f4157b18c7fe2f5356640040b18fe4794b0c20cd6
58a617d2c88d378bfd267e2817e2228e82ef0c3f28d8ac3458b18af77335c39e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b8cc851d8366d011ad51901c3d940c5ba435c3397b7f64bf1aceaa27ba708c1
5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff
5e517ad8e188a0988539134143b8bdd42ae4bbeb66c9fa45fb4407489050d0e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e581c1bbd38d721d61d9854299ff84c3a2fc39879bfbc97f0fe718f36a73ba
64f9e98a68d94c6ee1bdaee26992bd796d293641ad202e3d311c146dabe3b67d
655ae452d922f501b62c7028fc35e238138de989387381cc1ed9cea9085864db
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
6b82df01256e32a7e0225fcd06012bba6d8ea272a96f3e43a5331a059fc170d4
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6c52384c7b0641dd1ead85d079c22d39bcc6dc5f2537afb1e6396bb619771a3f
6e00e8106852b7f72579fe646747028c496cb328fdfea0db3b95c1f1d6e0d7f8
708a6d945667538389adeb9c23a11b00454203b2fd404b12895dd1d299a8be17
7520d7376659fb82408fb03f940ca06a2ae4ba9723394ace502a90d0c06a9da7
7640773899458de6505f8d74452bac91d2cbf258cb95e650c0db507d51a5e5bf
773669739ce7f9de7ec03ebe249378bd6d559bce3ef8e8f2b9ad328e546ddc6a
7816252ae6607ec390b3c7c0a7223949d21681bd07452c96997ddb4979b56973
7899e4ccdbb66bba8489aec160f24c1cb19781ae6811fc9ec69f582697e35a4b
7a1841f8d7eab15782f203edf6f8dcf08816a138034f5595a477043e3b0d5ed2
7fde7ce58c8978f3beb20f0406165d41a9700189b99b314c9d10220237ecb484
7ffa37acead2a447d6f1620a5314b36707545dce545c1e5bde983ba6b79273cd
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
820a1fddd5a609082271df120797fde740e6114eef0efe101b9a57d9158e6036
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
83e9a2e4876f61521aed687586e4840c65bf58d912a4a381440acf47577ea62c
846a93669a4bb91146f245de74a56312277a94e07ac74721056459bcc8035aae
8ac459d121d8925bf01df7171ad77cf4d71374605c8eea575b68b2adfc005921
9337d4581e7a2b92236a8b8de8d8170c3fdd70c02533afe58c9a1295b69031d8
96436759c0f56224789cfb0aedbd39bc9c99190efa420d2870a8251c30f58dfa
97b42f5456d33762968c00d290a9c536564d2cfd693fc15cf81a454d72e06610
9983e07b9631af361911c4abfcddf64df4a51003d916415dfab1e19c9cd16749
9a2723c21fb1b7dff0e2aa5dc6be24a9670220a17ae21f70fdbc602d1f8acd38
9a531463641125977e3c0db5fb89fde3ecd4b0ac25ea0aceb3c235dd55a5472c
9cd8f70ac868a2ef49819dc1322632684738fae890caa93b11118f01ade0fa9d
9f96064a97b016c25d7a634dfcf6f75aa6f9d2a6c636bc101772b07d181548a5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a566392d5b8aa308684567152882797eba5babb030134b2fa4fd91045c7f0f5c
a675db82126493bf9927ab29dba89f77e0e763622eb5f7725af4aa10b204c807
a78c84726b5a002c2cc508b9cd2b4157597a2402cabc1e430470f08804acd5f9
a9e6ed62d5ff953eb0b609a2970f0734f80b70522e0a4af2a93d870807520ea9
ac275ca2a119d8080881532a278a3fbec41631fadac0ab42fe51795ba673f9fd
ac34695b72e4e902bba01b5ef320dcd2aa03edf02bfb909a3ca23b9d2607899c
ad5d6395683df0773cfe7fa4d5a43d0f80399e6000469783a2dcae9522902986
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
afd173873666e734af01e7660b353fa868002616bfd9f53ae26d538f14628afc
afebe5d909591baf9ea82d958dc5e981150524f1c5f255686008b4f1348a7098
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b967a9c7e9f51e6f3864be1eb181611d4565d82b4d91a3f2df663a4200ce1f63
b97126edfd7e9abad50c5ca9120c67c3763b62579f4768d5b73e672d3ea56826
bb28d5000b17859dbee113b7ac6558134eaf9ab5bba8b41d48c1610e8804b596
bc4ff10b35a5ba443996e0aa309f63af282a2a81a02e35705430ec21892984dd
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd910a0e75b960acc6dd11ac4d5064f949e2597fdee997ee19b0fd7f55176e56
be53e65e477f21d0e1df301be1077c090084ff561f2023eff0600841a4433c9c
befbc9a1795c7cae97e34dc7dbec03bcd1402656f22d28a63a3d38660023f501
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c77ab30c9f12bfcb50c811d6694555798fe9c9ca49828ed9e17ba56917ce4e84
cf2dd93f89a6a8d241a3aecfd3ecae76ab00e118e9ec55fc1e1af714b47fb30a
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d190fcd22bee0b1952bd5d85ab6db8eff58d036a0208f762a4545057894ac559
d1928021ac2964da4cb99e2cb77e08d93d00cfe849c65fbce3587231837b6c29
d2401db0756c61f783c664e502ebae5f3499e4c2f5fa58d6dbc18c243c9e6fe8
d3c4c837b5819844279739c76c3bffcfea32c9446541115d2b2275675b1190fc
d521337f17e3a6d3534e1bca426003a3c011cb3f5b8de0f31f69e9e81e2414c3
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d97fb4b9c5d23402762f46c9708bfaf966e2e539a4db2bc16d7b7f4abeb7fb9b
daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197
db355226168af7d46d5cef627cd58bac67c728ab4d22e1c6b4a47af69f8b951e
db3c4bd109137190d4a6cdb66954772cf7d0072d3e202fa6ce7ca40a2f70a65e
dcc19958809bc3db2abb40ba313906fe1bfa2c235357f39da400709e9c79c1e7
df737f7d616845bd721aaa0b5d368b2de14d24334190eb3d03d1bdd78824a96d
e11a1b1adf786512587e757e9b095ffc77770f5a6dbaa66615398bc903fab82e
e1613679a503735ee9bcbbae077f9ebed01b42be461360c9d2c1514ef3f3ef06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4f011e9a762c0349e2f4aa73435601afa2f5b7c86634b1d13052dee04e9897d
e5d849fb0afa0d8f713cf491728fb65eb9c616a49322bf9e185a4109395358c1
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9567220eb5f2b07603aae51a311748502edfa671e807f99196f34af344ef306
eb4a29554c161fc6298d26273c106770fbe6c66bff37bb0db2e7826a9f84cb4d
ec2bd8770ac639cdf0f54fee30d908ffe67ebda12580cc16311c620336bb27c1
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f008162fa330a82dceb974a8e4e0ab2bfdeef1e3c2a417a0a517ccbfe4674505
f024141ccf910073696d2264ba468081a352ebacc30448a5b94d2790136bbbfc
f46d94840c903a15d22f37b355f71205554b15abd725d6ad0d81f7ca21e8f38e
f5536aad22eaec75feb7fea986b8f40679daefaf9ad561eb2965c756d474947c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb5be4f76b8b9bca096d778a090fab19db64da40b1b5ca8dfbf9f4e175806ec0
fbe820b6140ad28e86f34ffae507d807cf591a22697a05b71958f2014e96a9e4
fe2ddd327ba1389a8ccbf86d25ad624307c74b0728f498b95daba3b175f2ff21
ff677d148c959d7f477efe17cbf64fae2c9d84711e9539cc11ad949c3796189d
ff6aaa3f3b8023816a9b164be90fb958c63857e984fea977c3b38d1542566299
fffcc891cdc95d0aab4d32618aced4f6467fd6a92dc1696d3f297e33e966b728