levelingsolo.com Open in urlscan Pro
104.21.57.60 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://levelingsolo.com/
Submission: On September 30 via api (September 30th 2021, 12:50:43 pm UTC) from GB — Scanned from DE

Summary HTTP 194 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 37 IPs in 7 countries across 22 domains to perform 194 HTTP transactions. The main IP is 104.21.57.60, located in and belongs to CLOUDFLARENET, US. The main domain is levelingsolo.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 30th 2021. Valid for: a year.

This is the only time levelingsolo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.21.57.60 104.21.57.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
4	216.58.212.168 216.58.212.168	15169 (GOOGLE) (GOOGLE)
8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	172.67.75.177 172.67.75.177	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
5	104.18.225.52 104.18.225.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
8	172.67.222.146 172.67.222.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.172.148.128 185.172.148.128	44239 (PROINITY ...) (PROINITY PROINITY)
12	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
13	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
5	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3	142.250.186.97 142.250.186.97	15169 (GOOGLE) (GOOGLE)
2	104.21.35.132 104.21.35.132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1	74.125.71.156 74.125.71.156	15169 (GOOGLE) (GOOGLE)
1	104.18.226.52 104.18.226.52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.16.138 172.217.16.138	15169 (GOOGLE) (GOOGLE)
3 6	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
9	54.39.16.115 54.39.16.115	16276 (OVH) (OVH)
2	216.58.212.174 216.58.212.174	15169 (GOOGLE) (GOOGLE)
4	129.159.70.95 129.159.70.95	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
4	104.21.24.175 104.21.24.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
18	54.39.51.175 54.39.51.175	16276 (OVH) (OVH)
1	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1 23	142.250.185.193 142.250.185.193	15169 (GOOGLE) (GOOGLE)
4	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
1	142.250.184.206 142.250.184.206	15169 (GOOGLE) (GOOGLE)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
3	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
2	152.199.22.191 152.199.22.191	15133 (EDGECAST) (EDGECAST)
194	37

7 104.21.57.60 (None, )

ASN13335 (CLOUDFLARENET, US)

levelingsolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.168 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.177 (United States)

ASN13335 (CLOUDFLARENET, US)

protagcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.225.52 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.222.146 (United States)

ASN13335 (CLOUDFLARENET, US)

a.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.172.148.128 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

static1.twitcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f1.1e100.net

4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.35.132 (None, )

ASN13335 (CLOUDFLARENET, US)

targeting.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.71.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.226.52 (None, )

ASN13335 (CLOUDFLARENET, US)

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.164 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.39.16.115 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns555277.ip-54-39-16.net

analytics.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.174 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

zero1.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.24.175 (None, )

ASN13335 (CLOUDFLARENET, US)

www.healthzap.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.33.221.87 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.178.65.246 (Woerden, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.39.51.175 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns559790.ip-54-39-51.net

c1.vdo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 142.250.185.193 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 152.199.22.191 (United States)

ASN15133 (EDGECAST, US)

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com 1 redirects pagead2.googlesyndication.com 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com tpc.googlesyndication.com	483 KB
37	vdo.ai a.vdo.ai targeting.vdo.ai analytics.vdo.ai c1.vdo.ai Failed	3 MB
19	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	274 KB
14	adnxs.com ib.adnxs.com acdn.adnxs.com	62 KB
12	google-analytics.com www.google-analytics.com	39 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com	211 KB
8	google.com 3 redirects adservice.google.com www.google.com	2 KB
7	googleapis.com fonts.googleapis.com imasdk.googleapis.com	501 KB
7	levelingsolo.com levelingsolo.com	274 KB
6	technoratimedia.com zero1.technoratimedia.com ad-cdn.technoratimedia.com	12 KB
6	onesignal.com cdn.onesignal.com onesignal.com img.onesignal.com	112 KB
5	googletagservices.com www.googletagservices.com	176 KB
4	healthzap.co www.healthzap.co	364 KB
4	googletagmanager.com www.googletagmanager.com	153 KB
3	e-planning.net 1 redirects ads.us.e-planning.net	1 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	youtube.com www.youtube.com	45 KB
2	twitcount.com static1.twitcount.com	3 KB
1	creativecdn.com prebid-asia.creativecdn.com	178 B
1	2mdn.net s0.2mdn.net	17 KB
1	googleadservices.com partner.googleadservices.com	442 B
1	protagcdn.com protagcdn.com	89 KB
194	22

	Domain	Requested by
23	tpc.googlesyndication.com	1 redirects 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	c1.vdo.ai	levelingsolo.com a.vdo.ai
14	pagead2.googlesyndication.com	levelingsolo.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com levelingsolo.com a.vdo.ai
11	ib.adnxs.com	a.vdo.ai acdn.adnxs.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com googleads.g.doubleclick.net
9	analytics.vdo.ai	a.vdo.ai
8	a.vdo.ai	levelingsolo.com a.vdo.ai
7	securepubads.g.doubleclick.net	levelingsolo.com securepubads.g.doubleclick.net
7	levelingsolo.com	levelingsolo.com
6	www.google.com	3 redirects levelingsolo.com 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com tpc.googlesyndication.com
6	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagservices.com	pagead2.googlesyndication.com 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	www.gstatic.com	4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
4	www.healthzap.co	levelingsolo.com
4	zero1.technoratimedia.com	a.vdo.ai
4	www.googletagmanager.com	levelingsolo.com a.vdo.ai www.googletagmanager.com
4	fonts.googleapis.com	levelingsolo.com 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
3	acdn.adnxs.com	a.vdo.ai
3	ads.us.e-planning.net	1 redirects levelingsolo.com a.vdo.ai
3	imasdk.googleapis.com	a.vdo.ai imasdk.googleapis.com
3	4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	onesignal.com	cdn.onesignal.com
2	ad-cdn.technoratimedia.com	a.vdo.ai
2	www.youtube.com	a.vdo.ai www.youtube.com
2	targeting.vdo.ai	a.vdo.ai
2	adservice.google.com	pagead2.googlesyndication.com
2	platform.twitter.com	static1.twitcount.com platform.twitter.com
2	static1.twitcount.com	levelingsolo.com static1.twitcount.com
2	cdn.onesignal.com	levelingsolo.com cdn.onesignal.com
1	prebid-asia.creativecdn.com	a.vdo.ai
1	encrypted-tbn3.gstatic.com	4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
1	encrypted-tbn1.gstatic.com	4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
1	s0.2mdn.net	imasdk.googleapis.com
1	img.onesignal.com	levelingsolo.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	syndication.twitter.com	platform.twitter.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	protagcdn.com	levelingsolo.com
194	39

This site contains links to these domains. Also see Links.

Domain
y.healthzap.co
vdo.ai
fatchillimedia.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-30` - `2022-06-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.protagcdn.com R3	`2021-09-19` - `2021-12-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
static1.twitcount.com R3	`2021-08-15` - `2021-11-13`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.vdo.ai Go Daddy Secure Certificate Authority - G2	`2019-10-15` - `2021-10-15`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
ads.us.e-planning.net R3	`2021-08-01` - `2021-10-30`	3 months	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-17` - `2022-10-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://levelingsolo.com/
Frame ID: C4D50DA8F04E8147137BF7195489B19A
Requests: 114 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20190131/zrt_lookup.html
Frame ID: A5A9A8F1A97C29D68CBDE427E59CD258
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3823914152594467&output=html&h=280&slotname=5036591060&adk=1127836827&adf=94180401&pi=t.ma~as.5036591060&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fmbascholarship.statusaboutlove.com%2Fonline-mba-programs-scholarship%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633006236141&bpp=3&bdt=250&idt=98&shv=r20210927&mjsv=m202109240101&ptt=9&saldr=aa&abxe=1&correlator=3325576050530&frm=20&pv=2&ga_vid=1429539003.1633006236&ga_sid=1633006236&ga_hid=83480732&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=632&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062936%2C21065725&oid=3&pvsid=4337922526716469&pem=497&loc=https%3A%2F%2Flevelingsolo.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMfgR10y20&p=https%3A//levelingsolo.com&dtd=114
Frame ID: 5C6E4156AFABD9369C25DC4081AAC4BF
Requests: 10 HTTP requests in this frame

Frame: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FADF77E0F58411E6D092D91580A9E2F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3823914152594467&output=html&adk=1812271804&adf=3025194257&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmbascholarship.statusaboutlove.com%2Fonline-mba-programs-scholarship%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633006236154&bpp=1&bdt=262&idt=165&shv=r20210927&mjsv=m202109240101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&nras=1&correlator=3325576050530&frm=20&pv=1&ga_vid=1429539003.1633006236&ga_sid=1633006236&ga_hid=83480732&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062936%2C21065725&oid=3&pvsid=4337922526716469&pem=497&loc=https%3A%2F%2Flevelingsolo.com%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=171
Frame ID: 606755CB2B2626CE72B639EDD8EDD3BA
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Flevelingsolo.com
Frame ID: AC8650F47E12E0BF3E2CFB3375C354AE
Requests: 2 HTTP requests in this frame

Frame: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 42EEAA2B314E50A99028F651A07059B4
Requests: 5 HTTP requests in this frame

Frame: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DCE0F58B59717F89BCCC5DF7F9F27D8B
Requests: 14 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.482.0_en.html
Frame ID: FA8F5EB9C01A6D1C7E127D1C580E48AC
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 04F86ECBC1BBC197D071ABC5A61C8C0E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 29B7D4AEE880B4A7329DB09AEA4D86AF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A1B00808C2B6B35EF0627AC9BF656682
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9050B57C59F6CEEC13BB79B34B49DEB0
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.482.0_en.html
Frame ID: A538E6E831A0A7BCC0508876D0878D16
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
Frame ID: 5AB5D06878E45A3F9D751C24BDB89830
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 5AE8E2640D40DA82E0557631E1D7BCC5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js
Frame ID: 9AE57BE1EED534B3EED394E25E2D4EF1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1182B5BB108157CDB4A6CEE59CA762B4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CAFBD9242A6F89F8A879600A93206E5D
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F03106BA7F1D8D27EC73A2C8A7DF9FBC
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5B491E9EBA4BDB9C5EFFA84325CCDFED
Requests: 3 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_5.6.0
Frame ID: 71E474F07B4BD8D97B69ADF576F9BF47
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5F3FC65153BC02F1098912C6BA840CF7
Requests: 3 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.38.0
Frame ID: E7D19BF3D514C632742B09316708E452
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Solo Leveling Manga Online

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

194
Requests

98 %
HTTPS

0 %
IPv6

22
Domains

39
Subdomains

37
IPs

7
Countries

5705 kB
Transfer

11546 kB
Size

16
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://y.healthzap.co/these-wonders-happen-to-your-body-if-you-start-consuming-two-eggs-a-day/?utm_campaign=eggs-consume&utm_medium=organic&utm_source=vdoai-stories&k=y1993?utm_campaign=b-levelingsolo&utm_medium=recirculation&utm_source=vdoai_stories

Search URL Search Domain Scan URL

URL: https://y.healthzap.co/do-essential-oils-control-or-reduce-snoring-10-oils-to-help-you-sleep/?utm_campaign=essential-oils&utm_medium=organic&utm_source=vdoai-stories&k=y1992?utm_campaign=b-levelingsolo&utm_medium=recirculation&utm_source=vdoai_stories

Search URL Search Domain Scan URL

URL: https://y.healthzap.co/7-herbs-that-can-help-you-lose-weight/?utm_campaign=lose-weight&utm_medium=organic&utm_source=vdoai-stories&k=y1991?utm_campaign=b-levelingsolo&utm_medium=recirculation&utm_source=vdoai_stories

Search URL Search Domain Scan URL

URL: https://y.healthzap.co/best-natural-hair-masks-that-works-like-magic/?utm_campaign=natural-hair&utm_medium=organic&utm_source=vdoai-stories&k=y1990?utm_campaign=b-levelingsolo&utm_medium=recirculation&utm_source=vdoai_stories

Search URL Search Domain Scan URL

URL: https://y.healthzap.co/these-wonders-happen-to-your-body-if-you-start-consuming-two-eggs-a-day/?utm_campaign=eggs-consume&utm_medium=organic&utm_source=vdoai-stories&k=y1993
Title: These Wonders Happen To Your Body If You Start Consuming Two Eggs A Day

Search URL Search Domain Scan URL

URL: https://y.healthzap.co/do-essential-oils-control-or-reduce-snoring-10-oils-to-help-you-sleep/?utm_campaign=essential-oils&utm_medium=organic&utm_source=vdoai-stories&k=y1992
Title: Do Essential Oils Control Or Reduce Snoring? 10 Oils To Help You Sleep

Search URL Search Domain Scan URL

URL: https://y.healthzap.co/7-herbs-that-can-help-you-lose-weight/?utm_campaign=lose-weight&utm_medium=organic&utm_source=vdoai-stories&k=y1991
Title: 7 Herbs That Can Help You Lose Weight

Search URL Search Domain Scan URL

URL: https://y.healthzap.co/best-natural-hair-masks-that-works-like-magic/?utm_campaign=natural-hair&utm_medium=organic&utm_source=vdoai-stories&k=y1990
Title: Best Natural Hair Masks That Work Like Magic!

Search URL Search Domain Scan URL

URL: https://vdo.ai/?utm_medium=stories&utm_term=levelingsolo.com&utm_source=vdoai_logo

Search URL Search Domain Scan URL

URL: https://fatchillimedia.com/?utm_source=levelingsolo.com&utm_medium=banner_ad&utm_campaign=logo_click
Title: FatChilli

Search URL Search Domain Scan URL

URL: https://vdo.ai/?utm_medium=video&utm_term=levelingsolo.com&utm_source=vdoai_logo

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://ads.us.e-planning.net/pbjs/1/30135/1/levelingsolo.com/ROS?rnd=0.05985518044820681&e=300x250_0%3A300x250&ur=https%3A%2F%2Flevelingsolo.com%2F&pbv=5.6.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Flevelingsolo.com%2F HTTP 302
https://ads.us.e-planning.net/hb/1/30135/1/levelingsolo.com/ROS?ct=1&r=pbjs&rnd=0.05985518044820681&e=300x250_0%3A300x250&ur=https%3A%2F%2Flevelingsolo.com%2F&pbv=5.6.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Flevelingsolo.com%2F

Request Chain 111

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCAyOLvUxCACBiAAjIIgAiqUIiBuxI HTTP 301
https://tpc.googlesyndication.com/simgad/16244644792186432680

Request Chain 115

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 151

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 154

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

194 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
levelingsolo.com/ 47 KB
10 KB 65ms
30ms Document
text/html 104.21.57.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://levelingsolo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.57.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5656c1fc5407eff38062bbead2773b293d8933c5c3b22a30bcedae7609ad2b4a

Request headers

:method: GET
:authority: levelingsolo.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 30 Sep 2021 12:50:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,Cookie
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3NTlxoJZj99hpFIP4fPYNGZ9X2kcceu1OKcGaYzPAIl%2BqZ4QAZkJ45uDP1Ef%2FqA8a%2Fvdhf9RBxYxBrsZblNYmr0wvCb6y%2FMfBYxyxQwtb59XdaeUnjUafaJW45y8pwZrMpif"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 696d93ee1c4c2488-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 autoptimize_2a985b21955e9ed2312ff4369db2e711.css
levelingsolo.com/wp-content/cache/autoptimize/css/ 213 KB
44 KB 18ms
17ms Stylesheet
text/css 104.21.57.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://levelingsolo.com/wp-content/cache/autoptimize/css/autoptimize_2a985b21955e9ed2312ff4369db2e711.css
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.57.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6217131c3ed7a6e0ce1bbaaebf3da326d47fba2f51da3b84ff072c33c7aecbe8

Request headers

:path: /wp-content/cache/autoptimize/css/autoptimize_2a985b21955e9ed2312ff4369db2e711.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: levelingsolo.com
referer: https://levelingsolo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13785592
cf-polished: origSize=219764
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 23 Apr 2021 23:30:42 GMT
server: cloudflare
etag: W/"608358a2-35a74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S2udAFkhK%2Bce9EfELgEjbaK5B68bQXIV4EUmMkCi9ZVgSi0RzfyToLqK2bkt3F2%2FC8h73ZlazQMPQ2BLf7iLidE2%2FIBchr8ny7wVE2dx0XyruuJc%2B3W6TghyqCU9l8lCnQJf"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 696d93ee7cce2488-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 68ms
26ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

b18681a82ac52105a909d98563860994fa9002da2b3d44b2ed98640e49dbfd73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 11:13:38 GMT
server: ESF
date: Thu, 30 Sep 2021 12:50:35 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 30 Sep 2021 12:50:35 GMT

GET
H2 200 jquery.js Show response
levelingsolo.com/wp-includes/js/jquery/ 95 KB
34 KB 20ms
20ms Script
application/javascript 104.21.57.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://levelingsolo.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.57.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: levelingsolo.com
referer: https://levelingsolo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5985413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 27 Jun 2020 18:37:29 GMT
server: cloudflare
etag: W/"5ef791e9-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQ0zJ8EJkFyPwB7o3pxEdH9uEgOZDO4DnLQz8oiwfSfRbjKZlVB6JwghRS9hip8Q4BDGUL9y0eFKmpDhz6s3X5VUK47mM9e1Ic9OUqXr2j7coJpIkX5vVSwskwWATKKRW5F%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 696d93ee7cd02488-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
39 KB 43ms
21ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-151251999-7

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

338ab3f2a325e1b58359c52213760c9954b3d9aa9aefbfc30226efc6e150cfe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38989
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Sep 2021 12:50:35 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 73 KB
26 KB 55ms
20ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

5384f283d6d8f069714ce8ce7d75a1f190b788df9f8922bd3897ba00cdb8d24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1001 / 969 of 1000 / last-modified: 1632780598"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25684
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H2 200 site.js Show response
protagcdn.com/s/levelingsolo.com/ 298 KB
89 KB 92ms
35ms Script
application/javascript 172.67.75.177
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://protagcdn.com/s/levelingsolo.com/site.js
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.177 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e673499e398dc69ace48be0c4b3c5776c3878b2e7197121fa0ba7e6fd166c5a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3010
cf-polished: origSize=305841
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: no-cache
last-modified: Tue, 15 Jun 2021 08:53:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EM2nleBXSC%2BDjoFgojDe3GgRKRv7JcPHpLVy5uZoT4R9M4W%2F9Fz97%2BDMS3XdH3woP%2FIbN6LJANtNKuEhJdz0NndgnWbajv5Zl84xoMhOl8XgLQ%2F1XkBVgosf5SxZkV8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 696d93ef586ef9d6-PRG
expires: Thu, 30 Sep 2021 13:20:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 141 KB
50 KB 85ms
46ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a3ea75949334134708de40e7e52887025f971fa400c56ab59c4bfec7ae4c92fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50371
x-xss-protection: 0
server: cafe
etag: 13710140270311078070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H3 200 solo-leveling-manga-online.jpeg
levelingsolo.com/wp-content/uploads/2020/01/ 20 KB
21 KB 18ms
17ms Image
image/jpeg 104.21.57.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://levelingsolo.com/wp-content/uploads/2020/01/solo-leveling-manga-online.jpeg
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.57.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f7666008ef241ee8454a1c6e5e9d4ed39a83e13047d9b87f1cd7115b60c9203

Request headers

:path: /wp-content/uploads/2020/01/solo-leveling-manga-online.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: levelingsolo.com
referer: https://levelingsolo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13889175
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20882
last-modified: Sat, 27 Jun 2020 18:19:12 GMT
server: cloudflare
etag: "5ef78da0-5192"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2PJqb%2FelMr%2BOOBXKBZwBUUt9TDL7qASqf9OxEfb0Gkrw84g3NB01TRtCf%2BB28DjyzSqGUyfsdbfT3SEuJvosLFnptzPG%2FP40d4SHZB5O6O9x2PXGMApQaf4D0k9IMTJA1kK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 696d93eefdb3d6d5-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 solo-leveling-manga.jpeg
levelingsolo.com/wp-content/uploads/2020/01/ 30 KB
30 KB 26ms
25ms Image
image/jpeg 104.21.57.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://levelingsolo.com/wp-content/uploads/2020/01/solo-leveling-manga.jpeg
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.57.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9d9af9e32c8dbc9474fd7c29a5b05fb3fb051b91cbf84eb68636f0040488550

Request headers

:path: /wp-content/uploads/2020/01/solo-leveling-manga.jpeg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: levelingsolo.com
referer: https://levelingsolo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14224300
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30518
last-modified: Sat, 27 Jun 2020 18:19:12 GMT
server: cloudflare
etag: "5ef78da0-7736"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6fthOQPQFma3ssQqYQmLWutGP%2FaEtDtKuMOuyed4l0sZycb79GEMl4rwk9%2FmXjgCp6P9DzPf190e7c8T61pujvPZA0Qq7coDAPbPyVQs3ZqsMVvosr3W7CfwYtXWy54V%2FIG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 696d93eefdb6d6d5-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 50ms
17ms Script
application/javascript 104.18.225.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.2.12
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 4
etag: W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 696d93ef2aa23250-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 03 Oct 2021 12:50:36 GMT

GET
H3 200 autoptimize_c797d5ed455c7ae27da81364b0eea826.js Show response
levelingsolo.com/wp-content/cache/autoptimize/js/ 52 KB
16 KB 25ms
24ms Script
application/javascript 104.21.57.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://levelingsolo.com/wp-content/cache/autoptimize/js/autoptimize_c797d5ed455c7ae27da81364b0eea826.js
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.57.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a79597d6a7f4758d0bdbcdf02d7da904139ae4095947d883dc6a7027579aa802

Request headers

:path: /wp-content/cache/autoptimize/js/autoptimize_c797d5ed455c7ae27da81364b0eea826.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: levelingsolo.com
referer: https://levelingsolo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14127711
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 15 Apr 2021 08:01:52 GMT
server: cloudflare
etag: W/"6077f2f0-cf4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6hqRYmARAbRb3%2B8OrxVrUjcCi7PGdF502CCbBF0VDUNABAFHr74gGfWdJSy6ZP8AdCc5vJZaHllKeE4Ddz7xn7GfEI%2Fx2vyQ0wuqcsyj1CDl%2BnbineBrpVArCsDpP0dxM%2FJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 696d93eefdb9d6d5-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cropped-SOLOLEVELING-MANGA.jpg
levelingsolo.com/wp-content/uploads/2020/03/ 118 KB
119 KB 31ms
31ms Image
image/jpeg 104.21.57.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://levelingsolo.com/wp-content/uploads/2020/03/cropped-SOLOLEVELING-MANGA.jpg
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.57.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79957868172b22a027d0965e4bbd238e52589f31027dc7cdbe4ae2c14b5438e7

Request headers

:path: /wp-content/uploads/2020/03/cropped-SOLOLEVELING-MANGA.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: levelingsolo.com
referer: https://levelingsolo.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14142190
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 121017
last-modified: Sat, 27 Jun 2020 18:19:28 GMT
server: cloudflare
etag: "5ef78db0-1d8b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FBbzbeGWrbv9%2B39q9cuGERUehyZODsZ2dXF%2FWqr4kHqLrf2C1pSPcP7vtlvxM%2FrRaQtWgSJszIa6qT92eZChdBhA5o9SjolnNMomUrjEJvp7VK6i%2BbqPh3%2FGajO7Ksd09vD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 696d93eefdbcd6d5-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 34ms
8ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C300italic%2C400italic%2C700italic%7CRaleway%3A400%2C600%2C500%2C700%2C800&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://levelingsolo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 06:39:46 GMT
x-content-type-options: nosniff
age: 367850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 06:39:46 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v22/ 46 KB
46 KB 40ms
14ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v22/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://levelingsolo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 04:17:51 GMT
x-content-type-options: nosniff
age: 203565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 19:40:30 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 04:17:51 GMT

GET
H2 200 S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v20/ 17 KB
18 KB 46ms
20ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u_w4BMUTPHjxsI9w2_Gwft.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://levelingsolo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 23:31:49 GMT
x-content-type-options: nosniff
age: 134327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17640
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:34 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Sep 2022 23:31:49 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 47ms
21ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://levelingsolo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 04:13:08 GMT
x-content-type-options: nosniff
age: 203848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 04:13:08 GMT

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/v-levelingsolo/ 11 KB
4 KB 285ms
223ms Script
text/javascript 172.67.222.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/v-levelingsolo/vdo.ai.js
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.222.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.30
Resource Hash: 06a1172292af1d4f325343dacfe30edb60ad552d9bf5af3347b2e38ecfdb931d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
via: 1.1 varnish-v4
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.30
x-cache: HIT
vdo-server: Tag3
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 13309 312030
last-modified: Thu, 30 Sep 2021 12:47:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ke6UyTsLU7XGCWQWqHM%2F6GODwXPBqGH6Kx8qv9FlJsblxYR9tGJu0nUl2UaQ5LNVxxLQ5xMswXACMrA%2Foso%2BVF6HUAMldeu%2BG5zOUey7RrskN0p0QBNDPVeg2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: max-age=1800
cf-ray: 696d93ef88ff410e-PRG

GET
H2 200 vdo.ai.js Show response
a.vdo.ai/core/b-levelingsolo/ 12 KB
5 KB 279ms
219ms Script
text/javascript 172.67.222.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/b-levelingsolo/vdo.ai.js
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.222.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.30
Resource Hash: 4975c38424c3785c3f5484b2ed12632915ff171b163831b271a1744e393fcef4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
via: 1.1 varnish-v4
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.2.30
x-cache: HIT
vdo-server: Tag3
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-varnish: 442765 12827
last-modified: Thu, 30 Sep 2021 12:47:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVVsIaDS722016VS2QiU283Y8bdUkyEL33vwLHpeApL5%2FHeGvtvqR%2F359snrbQJpNimJRaMEFnTg5jPguyVuPMsKtg8dyunrHnhrfmPe2Kv8lFen8HsHlzv%2Bog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: max-age=1800
cf-ray: 696d93ef8900410e-PRG

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064

Request headers

Referer
Origin: https://levelingsolo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 twitcount.js Show response
static1.twitcount.com/js/ 5 KB
2 KB 63ms
6ms Script
application/javascript 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.twitcount.com/js/twitcount.js
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 73d958b46847fa025a00564df3010dc62d1b89472d22edaca0d34d9257f89b76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
last-modified: Wed, 03 Oct 2018 10:22:48 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"5bb49878-1539"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: *
expires: Thu, 07 Oct 2021 12:50:36 GMT

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 22ms
7ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://levelingsolo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 15:49:32 GMT
x-content-type-options: nosniff
age: 334864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:53 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 15:49:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 64ms
17ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-151251999-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 219
date: Thu, 30 Sep 2021 12:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 30 Sep 2021 14:46:57 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 33ms
19ms Script
application/javascript 104.18.225.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.2.12
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 38
etag: W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 696d93efdf864e26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 03 Oct 2021 12:50:36 GMT

GET
H3 200 pubads_impl_2021092001.js Show response
securepubads.g.doubleclick.net/gpt/ 336 KB
117 KB 65ms
39ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120245
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 08:37:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 74 B
98 B 45ms
23ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=levelingsolo.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0a37b82cb47cee4c6015ee252c5383571768e892a51a447610417b115c08016f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73
x-xss-protection: 0
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109240101/ 255 KB
94 KB 48ms
34ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109240101/show_ads_impl_fy2019.js?bust=31062936

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

5818e7907c70160d02c8319a6e58d55b269b66befd72a4aa47d3b6d0b8d2a004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96633
x-xss-protection: 0
server: cafe
etag: 5787833813846140304
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210927/r20190131/ Frame A5A9 10 KB
5 KB 41ms
13ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210927/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210927/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://levelingsolo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 29 Sep 2021 23:50:07 GMT
expires: Wed, 13 Oct 2021 23:50:07 GMT
content-type: text/html; charset=UTF-8
etag: 297313706323796346
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4617
x-xss-protection: 0
age: 46829
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 twitcount.css
static1.twitcount.com/css/ 2 KB
755 B 7ms
6ms Stylesheet
text/css 185.172.148.128
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://static1.twitcount.com/css/twitcount.css
Requested by: Host: static1.twitcount.com
URL: https://static1.twitcount.com/js/twitcount.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.148.128 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 4d9bac431741073b96fe0d5388397a6413930c598e9ce847ac47756d5fc2c128

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
last-modified: Wed, 03 Oct 2018 10:22:48 GMT
server: keycdn-engine
x-edge-location: defr
etag: W/"5bb49878-702"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-headers: *
expires: Thu, 07 Oct 2021 12:50:36 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 29ms
6ms Script
application/javascript 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: static1.twitcount.com
URL: https://static1.twitcount.com/js/twitcount.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 12:50:36 GMT
Content-Encoding: gzip
Last-Modified: Mon, 02 Aug 2021 20:34:57 GMT
Server: ECS (frb/6731)
Age: 993
Etag: "d405b816322f9770c70cbd10cfa87be4+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28872

GET
H2 200 web Show response
onesignal.com/api/v1/sync/1be151bf-e9c7-4853-9f55-1e62110ec91c/ 3 KB
2 KB 28ms
14ms Script
text/javascript 104.18.225.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/1be151bf-e9c7-4853-9f55-1e62110ec91c/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R)

Resource Hash

3446f6823d1a6a5f424dbd1836446019e2d3f5b57bb74c251a9adadafc195007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2665
x-powered-by: Phusion Passenger(R)
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 35999ace-53cc-4f8b-9588-473f84183a41
x-runtime: 0.567098
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e7737eb7f4844d0f32725035d78bd39e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-polished: origSize=3393
cf-ray: 696d93f06c993250-FRA
access-control-allow-headers: SDK-Version
expires: Thu, 30 Sep 2021 13:50:36 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 43ms
21ms XHR
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=83480732&t=pageview&_s=1&dl=https%3A%2F%2Flevelingsolo.com%2F&ul=en-us&de=UTF-8&dt=Solo%20Leveling%20Manga%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=741154686&gjid=543347473&cid=1429539003.1633006236&tid=UA-151251999-7&_gid=532807237.1633006236&_r=1&gtm=2ou9r0&z=111002905

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 12:50:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://levelingsolo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
442 B 29ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=levelingsolo.com&callback=_gfp_s_&client=ca-pub-3823914152594467

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109240101/show_ads_impl_fy2019.js?bust=31062936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

051f88a44798b537df0bc62e78b6acf7ea972819351320019dd4768a8bb2fea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 56ms
17ms Script
application/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=levelingsolo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109240101/show_ads_impl_fy2019.js?bust=31062936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C6E 67 KB
25 KB 849ms
827ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3823914152594467&output=html&h=280&slotname=5036591060&adk=1127836827&adf=94180401&pi=t.ma~as.5036591060&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fmbascholarship.statusaboutlove.com%2Fonline-mba-programs-scholarship%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633006236141&bpp=3&bdt=250&idt=98&shv=r20210927&mjsv=m202109240101&ptt=9&saldr=aa&abxe=1&correlator=3325576050530&frm=20&pv=2&ga_vid=1429539003.1633006236&ga_sid=1633006236&ga_hid=83480732&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=632&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062936%2C21065725&oid=3&pvsid=4337922526716469&pem=497&loc=https%3A%2F%2Flevelingsolo.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMfgR10y20&p=https%3A//levelingsolo.com&dtd=114

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109240101/show_ads_impl_fy2019.js?bust=31062936

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

cabea33759f6e897531f8baae94356f96e3e18b6e6dd8d9a97e6bb9098d6b61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3823914152594467&output=html&h=280&slotname=5036591060&adk=1127836827&adf=94180401&pi=t.ma~as.5036591060&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fmbascholarship.statusaboutlove.com%2Fonline-mba-programs-scholarship%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633006236141&bpp=3&bdt=250&idt=98&shv=r20210927&mjsv=m202109240101&ptt=9&saldr=aa&abxe=1&correlator=3325576050530&frm=20&pv=2&ga_vid=1429539003.1633006236&ga_sid=1633006236&ga_hid=83480732&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=632&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062936%2C21065725&oid=3&pvsid=4337922526716469&pem=497&loc=https%3A%2F%2Flevelingsolo.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMfgR10y20&p=https%3A//levelingsolo.com&dtd=114
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://levelingsolo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 30 Sep 2021 12:50:37 GMT
server: cafe
content-length: 25321
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 30-Sep-2021 13:05:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Sep 2021 12:50:37 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 673ms
632ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109240101/show_ads_impl_fy2019.js?bust=31062936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27596
x-xss-protection: 0
server: sffe
etag: "1632742284803949"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
11 KB 360ms
360ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6a86bd0e204c68ea8187232cbb77dd3bd3ecc97f1cde72072f11ff01e98359db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10738
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://levelingsolo.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FADF 6 KB
4 KB 66ms
15ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://levelingsolo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 30 Sep 2021 12:50:36 GMT
expires: Fri, 30 Sep 2022 12:50:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 180 KB
39 KB 467ms
466ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4337922526716469&correlator=1212303664220542&output=ldjh&impl=fifs&eid=31061815%2C31062862%2C21065725&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20210930&iu_parts=162717810%3A22417206420%2Clevelingsolo.com%2Cbefore_content%2Cinterstitial&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=640x480%7C640x300%7C468x280%7C336x280%7C300x300%7C300x250%2C1x1&ists=1&fas=0%2C8&prev_scp=env%3Dprod%26site%3Dlevelingsolo.com%26referrer%3D-%26protag_env%3Dprod%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_segment_20m%3D38%26protag_minutes%3D50%26protag_hours%3D12%26protag_day%3D4%26protag_enable_native%3Dtrue%26protag_proSlotId%3Dprotag-before_content%7Cenv%3Dprod%26site%3Dlevelingsolo.com%26referrer%3D-%26protag_env%3Dprod%26utm_campaign%3D-%26utm_source%3D-%26utm_medium%3D-%26utm_term%3D-%26utm_content%3D-%26protag_segment_20m%3D38%26protag_minutes%3D50%26protag_hours%3D12%26protag_day%3D4%26protag_interstitial%3Dinterstitial%26protag_proSlotId%3Dprotag-interstitial&cookie_enabled=1&bc=31&abxe=1&lmt=1633006236&dt=1633006236301&dlt=1633006235892&idt=374&frm=20&biw=1600&bih=1200&oid=3&adxs=480%2C-9&adys=989%2C-9&adks=2197596328%2C2822877486&ucis=2%7C3&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Flevelingsolo.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=700x0%7C0x-1&msz=700x0%7C0x-1&ga_vid=1429539003.1633006236&ga_sid=1633006236&ga_hid=83480732&ga_fc=false&fws=0%2C2&ohw=0%2C0&btvi=0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ec688916766f7da6ed29e873c0d05d953bc8270a405563b4dd15f1a657179f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39703
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://levelingsolo.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads_2021092001.js Show response
securepubads.g.doubleclick.net/gpt/ 39 KB
14 KB 25ms
25ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021092001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

7d09f57e557d83ed800a611c2d73b14e9d3884ac706d56afe6abf04f60aaf790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14182
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 08:37:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 25ms
25ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Flevelingsolo.com%2F&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 12:50:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6067 109 KB
32 KB 828ms
828ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3823914152594467&output=html&adk=1812271804&adf=3025194257&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmbascholarship.statusaboutlove.com%2Fonline-mba-programs-scholarship%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633006236154&bpp=1&bdt=262&idt=165&shv=r20210927&mjsv=m202109240101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&nras=1&correlator=3325576050530&frm=20&pv=1&ga_vid=1429539003.1633006236&ga_sid=1633006236&ga_hid=83480732&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062936%2C21065725&oid=3&pvsid=4337922526716469&pem=497&loc=https%3A%2F%2Flevelingsolo.com%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=171

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109240101/show_ads_impl_fy2019.js?bust=31062936

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

98d0024367ca4e53177cdee254773e43ffeca617590c504b141dd07c6b9838a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3823914152594467&output=html&adk=1812271804&adf=3025194257&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmbascholarship.statusaboutlove.com%2Fonline-mba-programs-scholarship%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633006236154&bpp=1&bdt=262&idt=165&shv=r20210927&mjsv=m202109240101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&nras=1&correlator=3325576050530&frm=20&pv=1&ga_vid=1429539003.1633006236&ga_sid=1633006236&ga_hid=83480732&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062936%2C21065725&oid=3&pvsid=4337922526716469&pem=497&loc=https%3A%2F%2Flevelingsolo.com%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=171
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://levelingsolo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 30 Sep 2021 12:50:37 GMT
server: cafe
content-length: 32782
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 30-Sep-2021 13:05:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Sep 2021 12:50:37 GMT
cache-control: private

GET
H/1.1 200
OK widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response
platform.twitter.com/widgets/ Frame AC86 319 KB
103 KB 7ms
7ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Flevelingsolo.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67F3) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://levelingsolo.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1411710
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 30 Sep 2021 12:50:36 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 02 Aug 2021 20:33:53 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67F3)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 32ms
17ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-34

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/b-levelingsolo/vdo.ai.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

89e74722a5493fa8803b32aeabe7533e6238eb24935b0676fb14739a847f373e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38930
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 30ms
16ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-34&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-151251999-7

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1151c61511dddd42334eb2c13b7ec27f5eff2e911554d9cf22fd0820c6e25a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38940
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H2 200 allowed_url.php Show response
targeting.vdo.ai/ 4 KB
2 KB 89ms
38ms XHR
application/json 104.21.35.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.vdo.ai/allowed_url.php?type=json&url=levelingsolo.com%2F&tag=b-levelingsolo&domain=levelingsolo.com
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/b-levelingsolo/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.35.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb5f0939df3cf6eba570971ff593b539c02abdc68cfd01537af4bc439a186047

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zw66Mn%2BJMn6nbw9aLD8VyFFaYYxzO1k4s3mfzJGBMFR4cbkDMfVy2EbLUdC%2B6NSkdqZ2rxqZ8uuAoeb2%2F1rnSCe4t38gf07s6JERGYw4PSjRJMdqGHlW%2FfhtyU%2FITmbrAny5"}],"group":"cf-nel","max_age":604800}
cf-ray: 696d93f1dd0b278c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 allowed_url.php Show response
targeting.vdo.ai/ 4 KB
2 KB 86ms
36ms XHR
application/json 104.21.35.132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.vdo.ai/allowed_url.php?type=json&url=levelingsolo.com%2F&tag=v-levelingsolo&domain=levelingsolo.com
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-levelingsolo/vdo.ai.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.35.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b83715515dba22e4e5eada494e1998b7fbe9a062eebc0e62df9f3abb9ceb108

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcpY9lAnpDWvf1WopfHqEH0UJUazNmyJpzxcHAw2eA%2FZwG5cOiAMWiim7RcLIhqVN33O9CENJ6iKpQjbjLDpkiWkIw9VNUVZheKjcyI2WTcf1HOS4Mut9uCPqnhkfI0QmLWz"}],"group":"cf-nel","max_age":604800}
cf-ray: 696d93f1dd0c278c-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 settings Show response
syndication.twitter.com/ Frame AC86 232 B
431 B 133ms
118ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=8c0d12ad88f4d3bb9449cb880b3a11661d56d5b5

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Flevelingsolo.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 12:50:36 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 6867c0bb93a2e8eea68690f98da49d83ae5854fa67052747b1fac614c21bd1c7
content-length: 166

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 15ms
14ms Stylesheet
text/css 104.18.225.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 111
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 696d93f1bb5c4e26-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 03 Oct 2021 12:50:36 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 21ms
21ms XHR
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=83480732&t=event&_s=1&dl=https%3A%2F%2Flevelingsolo.com%2F&ul=en-us&de=UTF-8&dt=Solo%20Leveling%20Manga%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=vdoaijs&ea=loaded&el=b-levelingsolo&_u=aEDAAUABAAAAAC~&jid=1797665567&gjid=1866391235&cid=1429539003.1633006236&tid=UA-113932176-34&_gid=532807237.1633006236&_r=1&gtm=2ou9r0&z=381927588

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 12:50:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://levelingsolo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=83480732&t=event&_s=2&dl=https%3A%2F%2Flevelingsolo.com%2F&ul=en-us&de=UTF-8&dt=Solo%20Leveling%20Manga%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=vdoaijs&ea=loaded&el=v-levelingsolo&_u=aEDAAUABAAAAAC~&jid=&gjid=&cid=1429539003.1633006236&tid=UA-113932176-34&_gid=532807237.1633006236&gtm=2ou9r0&z=519394185

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 09:45:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11136
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
461 B 45ms
14ms XHR
text/plain 74.125.71.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-113932176-34&cid=1429539003.1633006236&jid=1797665567&gjid=1866391235&_gid=532807237.1633006236&_u=aEDAAUABAAAAAC~&z=1654904525

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.71.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wn-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 30 Sep 2021 12:50:36 GMT
content-type: text/plain
access-control-allow-origin: https://levelingsolo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/1be151bf-e9c7-4853-9f55-1e62110ec91c/ 192 B
636 B 30ms
18ms Fetch
application/json 104.18.226.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/1be151bf-e9c7-4853-9f55-1e62110ec91c/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.226.52 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Phusion Passenger(R)

Resource Hash

8d432019b85704759c8bf58c285d3b46f9d964e4acbff37e24d2af2817d949ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 29
x-powered-by: Phusion Passenger(R)
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f7451203-2393-481c-a92a-e7ced31eae10
x-runtime: 0.008469
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8d432019b85704759c8bf58c285d3b46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=7200
cf-ray: 696d93f21a05dffb-FRA
access-control-allow-headers: SDK-Version
expires: Thu, 30 Sep 2021 14:50:36 GMT

GET
H3 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_hbv4_latest/ 373 KB
118 KB 56ms
32ms Script
application/javascript 172.67.222.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-levelingsolo/vdo.ai.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.222.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83cc43493664b426bfd23b2df89150ecccb88df396646a19f9223c6cd98afe39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13
cf-ray: 696d93f248164120-PRG
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 30 Sep 2021 06:25:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vpi2lFRoMoftTaKmjQ21H2gYbYQ7l7OIsY%2BgRRsIdUSjFHOoVnvPMJZqqS7nS5yKVd4sbMLz3%2FO1cy%2F0OWsZlFcLt%2B4pQkxlcgqcemolDctI33cdwl0yQa%2BHwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 394334 764487
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 346 KB
119 KB 46ms
22ms Script
text/javascript 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/v-levelingsolo/vdo.ai.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f10.1e100.net

Software

sffe /

Resource Hash

3a641f236a23c5a62a5bfe6a7dc8c739753e908df1e46349a826808466f68afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121639
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H3 200 vdo.min.js Show response
a.vdo.ai/core/dependencies_stories_v1/ 296 KB
100 KB 71ms
50ms Script
application/javascript 172.67.222.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/dependencies_stories_v1/vdo.min.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/b-levelingsolo/vdo.ai.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.222.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d1e80dca804946cb3c9100b4a5eb0308572b223af10c30acfb5191fafd05f53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-ray: 696d93f248174120-PRG
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 28 Sep 2021 07:53:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zRJkzKZXLMI5vqLvYcvbwA%2FRSEz19Hk3FJe7I2pO4GZA3csDoHQ3yHRTYfO1zUR6NLfLrUrOcGz%2F8HhfEdn6t6NT8y%2BRtdMLhjxMq4bTAQ2yhd6nXwhJvGVPA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 545029 371759
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 78383c10-853f-4511-b39f-af7b6ad1cba6.png
img.onesignal.com/permanent/ 29 KB
29 KB 33ms
14ms Image
image/png 104.18.225.52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.onesignal.com/permanent/78383c10-853f-4511-b39f-af7b6ad1cba6.png
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.225.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5a94d599f09ee486e62955f09c1857cfa6c029f9b27c568298d60855c265cd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
cf-cache-status: HIT
age: 1839
x-amz-meta-cache-control: public, maxage=604800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29336
x-amz-id-2: EqvFUhJBge7eUt6O8ZHP8lzWerAlVCzye0zG9BHSNz6L3tI8E8AaVwKte+TJnWHuZNvgJXk0p48=
last-modified: Wed, 19 Aug 2020 09:06:50 GMT
server: cloudflare
etag: "902b6875a8aa7d172093616993b69bf8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: FB4T3P9YEFXTP9Z5
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 696d93f25fc23250-FRA
expires: Sun, 31 Oct 2021 12:50:36 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 42ms
18ms Image
image/gif 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-113932176-34&cid=1429539003.1633006236&jid=1797665567&_u=aEDAAUABAAAAAC~&z=2025804777

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 12:50:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 16ms
15ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-113932176-34

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.168 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

89e74722a5493fa8803b32aeabe7533e6238eb24935b0676fb14739a847f373e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38930
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 14ms
14ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 219
date: Thu, 30 Sep 2021 12:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 30 Sep 2021 14:46:57 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 299ms
94ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 30 Sep 2021 12:50:36 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3 200 vdo.player.js Show response
a.vdo.ai/core/assets/ 651 KB
180 KB 38ms
38ms Script
application/javascript 172.67.222.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/vdo.player.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.222.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-ray: 696d93f338b84120-PRG
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 23 Jul 2021 13:25:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVJ3vG%2BUBpxBL67CLbUxNTP2ucfp8wm0NyfW7ACgRfJ48WJGX%2F6ZphQwgVXfSrVx%2BfxYi%2FEsdX7AM%2BsbfpfeIYIf4xlOOFOuFk8yamw00C34VkfZxGc2MJY6%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 372927 635783
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 rtb_v4.js Show response
a.vdo.ai/core/assets/ 382 KB
113 KB 535ms
535ms Script
application/javascript 172.67.222.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/rtb_v4.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.222.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38b0d7ede13016d5dd8d15faf6d912c31e91b59a589bbb7f2b5184d9f21020a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:37 GMT
via: 1.1 varnish-v4
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696d93f338b94120-PRG
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 23 Sep 2021 06:51:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9tQ7%2FnegNcSXtlpMxrtIqgYBOhiMJnzlM6WxK5VPEf8dibIYBQ2hQ%2BZQZqqVfkWRVPNR%2F93xaXnwGtptaeF%2ByuUVEussF%2Bp0cwTLJRL7SM3YGgTtdoCkX0yjA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 372948 400025
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 284ms
96ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_stories_v1/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 30 Sep 2021 12:50:36 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3 200 rtb_stories.js Show response
a.vdo.ai/core/assets/ 407 KB
119 KB 35ms
35ms Script
application/javascript 172.67.222.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.vdo.ai/core/assets/rtb_stories.js
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_stories_v1/vdo.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.222.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69a244928846a0a6de92dfe03b7866ad0d4ac4f42793cf58d8e866854d0508ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5
cf-ray: 696d93f399024120-PRG
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 23 Sep 2021 06:52:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnVpVi%2Bq%2Bm1Y6QDqn8V4C78vbS5OlRLgZoXhT5ZJhV1SXiooBNRUG7YhhCsf8A6FgWq1VihmwuPkZNEHJS5cLzfKhxmyoPHFtH%2FPoPoImtNSKvlNiMmM7zDpsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 239297 238305
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=83480732&t=pageview&_s=1&dl=https%3A%2F%2Flevelingsolo.com%2F&ul=en-us&de=UTF-8&dt=Solo%20Leveling%20Manga%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAUABC~&jid=&gjid=&cid=1429539003.1633006236&tid=UA-113932176-34&_gid=532807237.1633006236&gtm=2ou9r0&z=669804370

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 09:45:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11136
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=83480732&t=event&_s=2&dl=https%3A%2F%2Flevelingsolo.com%2F&ul=en-us&de=UTF-8&dt=Solo%20Leveling%20Manga%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=initVdo&el=v-levelingsolo&_u=QACAAUABC~&jid=&gjid=&cid=1429539003.1633006236&tid=UA-113932176-34&_gid=532807237.1633006236&gtm=2ou9r0&z=1003334219

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 09:45:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11136
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=83480732&t=event&_s=3&dl=https%3A%2F%2Flevelingsolo.com%2F&ul=en-us&de=UTF-8&dt=Solo%20Leveling%20Manga%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=stories&ea=initVdo&el=b-levelingsolo&_u=QACAAUABC~&jid=&gjid=&cid=1429539003.1633006236&tid=UA-113932176-34&_gid=532807237.1633006236&gtm=2ou9r0&z=1559049325

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 09:45:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11136
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 66ms
30ms Script
text/javascript 216.58.212.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f14.1e100.net

Software

ESF /

Resource Hash

7b6ca722b11ece7b4d120738db3c14b8880487b0646a71812abaa66755033d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H3 200 container.html Show response
4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 42EE 6 KB
3 KB 25ms
11ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://levelingsolo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 30 Sep 2021 12:50:36 GMT
expires: Fri, 30 Sep 2022 12:50:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 204 zero1
zero1.technoratimedia.com/openrtb/bids/ Frame 0
0 336ms
93ms Preflight 129.159.70.95
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://zero1.technoratimedia.com/openrtb/bids/zero1?src=prebid_prebid_5.6.0
Protocol: H2
Server: 129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://levelingsolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 30 Sep 2021 12:50:37 GMT
access-control-allow-headers: content-type
access-control-allow-origin: https://levelingsolo.com
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 600855530
age: 0
via: 1.1 varnish

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 216ms
92ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_stories_v1/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 30 Sep 2021 12:50:37 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 260ms
95ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_stories_v1/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 30 Sep 2021 12:50:37 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 8-Easy-Egg-Recipes-With-up-to-22-Grams-of-Protein-2.jpg
www.healthzap.co/wp-content/uploads/2018/08/ 87 KB
88 KB 50ms
16ms Image
image/jpeg 104.21.24.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.healthzap.co/wp-content/uploads/2018/08/8-Easy-Egg-Recipes-With-up-to-22-Grams-of-Protein-2.jpg
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9cf9defb127aedf3ee6a008c98e83fe27cddfe03b7a22a4e5b2ebcec7bd9489

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3237
content-type: image/jpeg
x-ua-device: mobile-android
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 89479
last-modified: Sat, 18 Aug 2018 10:42:47 GMT
server: cloudflare
etag: "5b77f827-15d87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOU4is54nUu2hXTCwQZKhlxjO0oFWYHG2U4bn1l%2F6Yv8zSuIH6om4AZQxDmE2%2BWTxSvGKKvXyjy6t%2BYbkQqgzQHzN1PFHkldWv%2FBHnWeFDWC8Qkz9yiitapLyeRDgilNWNLt"}],"group":"cf-nel","max_age":604800}
x-varnish: 51810924 56689527
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 696d93f47b8ac2a9-FRA

GET
H2 200 EOCheatSheet_Header-1-759x365.jpg
www.healthzap.co/wp-content/uploads/2018/07/ 52 KB
53 KB 59ms
26ms Image
image/jpeg 104.21.24.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.healthzap.co/wp-content/uploads/2018/07/EOCheatSheet_Header-1-759x365.jpg
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b428bc45d43e230d1ef93a39bb48f53cadc575474ce4f6fba50d68a5207aa25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3238
content-type: image/jpeg
x-ua-device: mobile-android
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 53703
last-modified: Sat, 18 Aug 2018 10:42:47 GMT
server: cloudflare
etag: "5b77f827-d1c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CCSAl8q1fTqTOINhne2XF16Q65JXURc%2F0U4Wv5tUubw8l%2Fd1fSFc%2FUgz%2FIqUyLdlJchW374dvb0k0yJohDYn%2BUl0fFa%2F%2B4Ibx%2FO2nfjwsgzh7isIXGsux3Q1%2BhOE8z6s4xZ%2F"}],"group":"cf-nel","max_age":604800}
x-varnish: 54395358 56689215
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 696d93f47b8cc2a9-FRA

GET
H2 200 12-herbs-and-spices-759x500.jpg
www.healthzap.co/wp-content/uploads/2018/08/ 126 KB
126 KB 58ms
25ms Image
image/jpeg 104.21.24.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.healthzap.co/wp-content/uploads/2018/08/12-herbs-and-spices-759x500.jpg
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99052a1481e3c3e401864e5df92489f13d15e7a1709d70c5f42d9cab485875d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3237
content-type: image/jpeg
x-ua-device: mobile-iphone
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 128660
last-modified: Sat, 18 Aug 2018 10:42:46 GMT
server: cloudflare
etag: "5b77f826-1f694"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LelmvR%2Fom59eyfA3Gw2lMZIjZakWOrcffW9cqmOBLxbu0MXKonmU5S%2BRrU0Lg7VWTfE%2F1D3%2BJdUj%2FYkTnVAhBrAOzzc1Z7s9%2BI%2B%2FqgF1XLDMIZOLisNrjJBX8Z4ub7SQqBBZ"}],"group":"cf-nel","max_age":604800}
x-varnish: 51808324 53351746
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 696d93f47b8fc2a9-FRA

GET
H2 200 f75bc46d-0e28-4ccf-a419-79a05d9836d2-759x500.jpeg
www.healthzap.co/wp-content/uploads/2018/08/ 96 KB
97 KB 58ms
25ms Image
image/jpeg 104.21.24.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.healthzap.co/wp-content/uploads/2018/08/f75bc46d-0e28-4ccf-a419-79a05d9836d2-759x500.jpeg
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e57d9f58033daa3d68243392c6d9c7ddd76513af270bbb1a329fcfb7a2d0090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3237
content-type: image/jpeg
x-ua-device: pc
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 98713
last-modified: Sat, 18 Aug 2018 10:42:49 GMT
server: cloudflare
etag: "5b77f829-18199"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAFER4m3Hcs%2Ftd%2FVu4QtsCvdf%2B6t2PNBg%2Fx16kv6PHrk63klMdluR0LOyh1TUiEwTuB9nBDHr5Bkanqz1WPL2KpdQX7SGueZgVO2Gtwd2WL%2BJ4vscpwDAYFuouwkCkM3qjfU"}],"group":"cf-nel","max_age":604800}
x-varnish: 55253839 52757895
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 696d93f47b90c2a9-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 247 B
931 B 67ms
36ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_stories.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

31baf9c4eda4d6e0b2c41dfd2bca59c25b0c47d2ff5910c851abf8ffb6d890be

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 12:50:36 GMT
X-Proxy-Origin: 216.131.114.222; 216.131.114.222; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 74f6003a-bc89-4a5d-b8f2-26e346c7be78
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://levelingsolo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 247
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ROS Show response
ads.us.e-planning.net/hb/1/30135/1/levelingsolo.com/
Redirect Chain

https://ads.us.e-planning.net/pbjs/1/30135/1/levelingsolo.com/ROS?rnd=0.05985518044820681&e=300x250_0%3A300x250&ur=https%3A%2F%2Flevelingsolo.com%2F&pbv=5.6.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2F...
https://ads.us.e-planning.net/hb/1/30135/1/levelingsolo.com/ROS?ct=1&r=pbjs&rnd=0.05985518044820681&e=300x250_0%3A300x250&ur=https%3A%2F%2Flevelingsolo.com%2F&pbv=5.6.0&ncb=1&vs=F&crs=UTF-8&fr=http...

63 B
384 B

16ms
16ms

XHR
application/json

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/30135/1/levelingsolo.com/ROS?ct=1&r=pbjs&rnd=0.05985518044820681&e=300x250_0%3A300x250&ur=https%3A%2F%2Flevelingsolo.com%2F&pbv=5.6.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Flevelingsolo.com%2F
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: b438d942a508f452149cc18f55223e0b2df2c3b3e481cc24b8b40b4c7682fd21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://levelingsolo.com
expires: Thu, 30 Sep 2021 12:50:36 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 63
x-sid: AMS-606

Redirect headers

date: Thu, 30 Sep 2021 12:50:36 GMT
server: openresty
access-control-allow-origin: https://levelingsolo.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/30135/1/levelingsolo.com/ROS?ct=1&r=pbjs&rnd=0.05985518044820681&e=300x250_0%3A300x250&ur=https%3A%2F%2Flevelingsolo.com%2F&pbv=5.6.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Flevelingsolo.com%2F
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-606

POST
H2 204 zero1 Show response
zero1.technoratimedia.com/openrtb/bids/ 0
294 B 280ms
94ms XHR
text/plain 129.159.70.95
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://zero1.technoratimedia.com/openrtb/bids/zero1?src=prebid_prebid_5.6.0
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_stories.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Sep 2021 12:50:37 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 393793654
access-control-allow-origin: https://levelingsolo.com
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 261 B
1 KB 187ms
158ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_stories.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

822d499d2f426b963bd55175843b02b752f810a9a99682e8bed8c1d792e5725c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 12:50:37 GMT
X-Proxy-Origin: 216.131.114.222; 216.131.114.222; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8f5e9d6b-fc3e-40de-bf2e-e777418ef2ee
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://levelingsolo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 261
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=83480732&t=event&_s=4&dl=https%3A%2F%2Flevelingsolo.com%2F&ul=en-us&de=UTF-8&dt=Solo%20Leveling%20Manga%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=stories&ea=pageview&el=b-levelingsolo&_u=SACAAUABC~&jid=&gjid=&cid=1429539003.1633006236&tid=UA-113932176-34&_gid=532807237.1633006236&gtm=2ou9r0&z=522601050

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 09:45:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11136
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=83480732&t=event&_s=5&dl=https%3A%2F%2Flevelingsolo.com%2F&ul=en-us&de=UTF-8&dt=Solo%20Leveling%20Manga%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=stories&ea=website_pageview&el=b-levelingsolo&_u=SACAAUABC~&jid=&gjid=&cid=1429539003.1633006236&tid=UA-113932176-34&_gid=532807237.1633006236&gtm=2ou9r0&z=2097408973

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 09:45:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11136
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo.svg
a.vdo.ai/core/assets/img/ 1 KB
1 KB 220ms
220ms Image
image/svg+xml 172.67.222.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.vdo.ai/core/assets/img/logo.svg
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.222.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:37 GMT
via: 1.1 varnish-v4
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 696d93f489bc4120-PRG
x-cache: HIT
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 02 Mar 2020 08:12:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2B%2BeKnhhi5xdxbLHH0%2FJdu7f0S%2FABCSBys6Jbj30TSM1cqzvcW8zaoL1QReduXqqEBBqpnRSJ8TK6Mllpx5IHOxinzGSFGX%2FNsYnsuCpOKoUoaBIbv7WDBMcOA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 545370 371796
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
access-control-allow-credentials: true
content-type: image/svg+xml
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET 51.mp4
c1.vdo.ai/sample/ 0
0

GET
H3 200 container.html Show response
4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DCE0 6 KB
3 KB 9ms
7ms Document
text/html 142.250.186.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://levelingsolo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 30 Sep 2021 12:50:36 GMT
expires: Fri, 30 Sep 2022 12:50:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 206
Partial Content 51.mp4
c1.vdo.ai/sample/ 190 KB
191 KB 363ms
183ms Media
video/mp4 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/sample/51.mp4
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash: 06e9e20b3a7952f10c833841ee412c20f7f3fbc0094e9ccd9b2262584134d34a

Request headers

Referer: https://levelingsolo.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 30 Sep 2021 12:50:37 GMT
Last-Modified: Tue, 17 Nov 2020 15:21:52 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5fb3ea90-2f973"
Content-Type: video/mp4
Content-Range: bytes 0-194930/194931
Connection: keep-alive
Content-Length: 194931

GET
H3 200 bridge3.482.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame FA8F 576 KB
189 KB 22ms
7ms Document
text/html 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.482.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f10.1e100.net

Software

sffe /

Resource Hash

3491fbeef78def538210b2f240f06d2ffc67d92844206622d7069f1003718092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.482.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://levelingsolo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 193423
date: Thu, 23 Sep 2021 13:43:14 GMT
expires: Fri, 23 Sep 2022 13:43:14 GMT
last-modified: Thu, 23 Sep 2021 13:33:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 601642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 63ms
16ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/d82ca80e/www-widgetapi.vflset/ 135 KB
44 KB 51ms
18ms Script
text/javascript 216.58.212.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d82ca80e/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f14.1e100.net

Software

sffe /

Resource Hash

410b77cfed895ed4121c51db552980b028e957881909f803f67192c4ad59b315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 10:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Sat, 25 Sep 2021 00:00:24 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 30 Sep 2022 10:41:32 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 42EE 4 KB
635 B 34ms
18ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 11:13:03 GMT
server: ESF
date: Thu, 30 Sep 2021 12:50:36 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 04F8 3 KB
580 B 24ms
17ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 11:14:56 GMT
server: ESF
date: Thu, 30 Sep 2021 12:50:36 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 04F8 1 KB
913 B 73ms
19ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:33:13 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/ Frame 04F8 18 KB
8 KB 61ms
8ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/abg_lite_fy2019.js

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:49:19 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 04F8 3 KB
1 KB 70ms
18ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:48:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04F8 122 KB
37 KB 53ms
37ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 30 Sep 2021 12:50:37 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 04F8 14 KB
6 KB 61ms
9ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:47:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 04F8 0
0 33ms
16ms Image
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSurJZGUiKs928g6oiPaPFxo42B_2OP39gy1vowD_-Da6N-gjpPjooD5EoJbLccT_u1U3wMpFYICWKozHATloIbr7_wKg
Requested by: Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 a05f1579543550f3e279366fb116adbd.js Show response
www.gstatic.com/mysidia/ Frame 04F8 27 KB
12 KB 31ms
6ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 03:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11147
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 01:21:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 29 Dec 2021 03:59:53 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/elements/html/ Frame 42EE 17 KB
8 KB 64ms
16ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

f0c966edfc6ce40ca892f7e2bc53a95bd27cb94ac8b6fa61fcb30457ff214600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:42:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7655
x-xss-protection: 0
server: cafe
etag: 17297134792721902632
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:42:28 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 42EE 205 B
294 B 36ms
13ms Image
image/png 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 11:57:00 GMT
x-content-type-options: nosniff
age: 3216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 30 Sep 2022 11:57:00 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 42EE 604 B
892 B 36ms
13ms Image
image/png 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:13:48 GMT
x-content-type-options: nosniff
age: 63408
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 29 Sep 2022 19:13:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DCE0 2 KB
533 B 17ms
17ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 11:08:35 GMT
server: ESF
date: Thu, 30 Sep 2021 12:50:36 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Thu, 30 Sep 2021 12:50:36 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame DCE0 1 KB
959 B 51ms
18ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1044
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:33:13 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DCE0 0
0 34ms
33ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1i7xnLJVYajVFrKxgAeWyjePycq9ZYyM8aG0DrCQHxABIJLY30pgyQagAfnBob4DyAEJ4AIAqAMByAObBKoE4gFP0PcY80fKfwZhUX23-ZBYD8LMqdsu86AfShQ2TkvaW-tGN0ul6ue5UTUY9My_0MDnoQHrHOTj_pIobsw7mFZc-86L9aHHy_SjGzhWkw7Zu4DFRLNSdHUQz9MCTwBNI3V6a04w2-fBaQlDpfuxgHOqk9IijNhsNHr-HJJ6IPy5q0iQzoPmVj28B_Ke_p7P-EyKhrZbIzgRYJGdeJ8_IInPHKhrv5AeIpsNzevOGuqDHLKWlEK44HQXbul6UWTuVu2S09EUQBAYw-TPD-ixmolSEpQHMwNpY5ZD51BSegzKVtKRwATZlqyY_gHgBAGSBQQIBBgBkgUECAUYBKAGLoAH773eQagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEPyLD9IIBwiIYRABGB3yCBthZHgtc3Vic3luLTUyOTk3MTQ5MTg2MDkzMDKACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMjM5MzMyMDY0NTA1NTAyMhiymCo&sigh=YbDg4jrVUhg&template_id=494
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/ Frame DCE0 18 KB
7 KB 48ms
17ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/abg_lite_fy2019.js

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:49:19 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame DCE0 3 KB
1 KB 50ms
19ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/window_focus_fy2019.js

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:48:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCE0 122 KB
37 KB 52ms
51ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 30 Sep 2021 12:50:37 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame DCE0 14 KB
6 KB 41ms
10ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:47:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:47:09 GMT

GET
H2 200 a05f1579543550f3e279366fb116adbd.js Show response
www.gstatic.com/mysidia/ Frame DCE0 27 KB
11 KB 13ms
8ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 03:59:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11147
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 01:21:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 29 Dec 2021 03:59:53 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame DCE0 22 KB
23 KB 67ms
8ms Image
image/jpeg 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSArXHKNFuZrxUvKxXu7wybg_-uNIXoA-ZT2U_vntJ7YWk9SB60&usqp=CAI

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

sffe /

Resource Hash

7186085954c1f074a1cb7438e896eed0bde97dc04987ce74462916e6c76cb04c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 13:19:25 GMT
x-content-type-options: nosniff
age: 171072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22779
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 02:38:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 28 Sep 2022 13:19:25 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame DCE0 11 KB
12 KB 81ms
14ms Image
image/jpeg 142.250.184.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQwsI-Lq7AAArAmUC1fPDh3_s2iwW08Y6MwURRs8S8-AkB--wI&usqp=CAI

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f14.1e100.net

Software

sffe /

Resource Hash

b095aa0f7b36de13ddcd6fe34f5d8d0e18d411db8ea6e252acc7a58f707deb0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 09:12:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 02:24:11 GMT
server: sffe
age: 13079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11618
x-xss-protection: 0
expires: Fri, 30 Sep 2022 09:12:38 GMT

GET
H3

200

16244644792186432680
tpc.googlesyndication.com/simgad/ Frame DCE0
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOCAyOLvUxCACBiAAjIIgAiqUIiBuxI
https://tpc.googlesyndication.com/simgad/16244644792186432680

43 KB
43 KB

25ms
9ms

Image
image/png

142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16244644792186432680

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

4abd17036c2802f9e1f8d8b804e8bd03ce13ddc55be203081574b9e9563f3dd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 18:53:53 GMT
x-content-type-options: nosniff
age: 64604
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43871
x-xss-protection: 0
last-modified: Thu, 09 Sep 2021 21:00:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Sep 2022 18:53:53 GMT

Redirect headers

timing-allow-origin: *
date: Thu, 30 Sep 2021 12:32:54 GMT
x-content-type-options: nosniff
server: cafe
age: 1063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/16244644792186432680
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Oct 2021 12:32:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 29B7 143 B
163 B 13ms
13ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm6roqPaYzgfVSNWzncI4FccPYgev1d5n6Ob0SCypAS03Tyu6zZC6yrXbAXxCo
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 30 Sep 2021 12:34:13 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame DCE0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd820d4d9bf44bfb793874455174cea7b3d91224ff8845c9cf31f97d43feee8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame DCE0 20 KB
20 KB 8ms
7ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 15:49:32 GMT
x-content-type-options: nosniff
age: 334865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 15:49:32 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 29B7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

47ms
47ms

Document
text/html

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
URL: https://4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm6roqPaYzgfVSNWzncI4FccPYgev1d5n6Ob0SCypAS03Tyu6zZC6yrXbAXxCo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Sep 2021 12:50:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 30-Sep-2021 13:50:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Sep 2021 12:50:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Sep 2021 12:50:37 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 3664320606594358284
tpc.googlesyndication.com/simgad/ Frame 5C6E 59 KB
59 KB 11ms
11ms Image
image/png 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3664320606594358284?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkSl7_sTFsXX_kst8IR7XxgQ9bJcQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3823914152594467&output=html&h=280&slotname=5036591060&adk=1127836827&adf=94180401&pi=t.ma~as.5036591060&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fmbascholarship.statusaboutlove.com%2Fonline-mba-programs-scholarship%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633006236141&bpp=3&bdt=250&idt=98&shv=r20210927&mjsv=m202109240101&ptt=9&saldr=aa&abxe=1&correlator=3325576050530&frm=20&pv=2&ga_vid=1429539003.1633006236&ga_sid=1633006236&ga_hid=83480732&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=632&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062936%2C21065725&oid=3&pvsid=4337922526716469&pem=497&loc=https%3A%2F%2Flevelingsolo.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMfgR10y20&p=https%3A//levelingsolo.com&dtd=114

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

a01b4363c7c7b5aa019091e1bde7995ba45efd9f7d96abfcda5e5b7a2294175b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 07:52:55 GMT
x-content-type-options: nosniff
age: 17862
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60826
x-xss-protection: 0
last-modified: Thu, 03 Jun 2021 13:57:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 30 Sep 2022 07:52:55 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/ Frame 5C6E 18 KB
7 KB 8ms
8ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:49:19 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 5C6E 3 KB
1 KB 10ms
9ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:48:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C6E 122 KB
37 KB 32ms
32ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 30 Sep 2021 12:50:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 5C6E 14 KB
6 KB 9ms
9ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:48:01 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 5C6E 27 KB
11 KB 11ms
10ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 03:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11096
x-xss-protection: 0
server: cafe
etag: 8885281346021324493
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 03:42:30 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5C6E 0
0 25ms
24ms Fetch
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C12jZnLJVYaK_EuuV9u8PsrCYkA6nkOKgY7TOocCyDu_1koDgJRABIIqR6G9gyQagAbTz9csDyAECqAMByAPJBKoEngJP0EU4zoX2xfeWcyz0i3tRBA9_6wOWyo5wAd_Tt5IxE2aNajmJO5rgthm2MwApKbGDArPQn0jv-ePXskYGzr5V_9bfeJP9dpYFxI-JtHqDbjuXlC8Jaei6THX5CMll0H6frAfHeid6B3MjlpeOwGVt-HNUZBSNF7AXuPINOix0N5gsDfQ4rjBoI5qsFDoFGc3YWibu5eoEN5ovxXlU6dEZ022YTQbmjSi7xoS6PFivbs9ocb0LAtqsdGTGQ1D5BNEQWZphUehGwEKwd0eBbOp8P_Brg9fuN1q3gU8OOX2BWOIW8tFeVrWdmA8UR7R_GcR9UTny6r1jU-suTaPkp7chXr1rCdT5Kb_v7PIhMBcEkLBF3lQ4JL16LZrZR-aLwASfg5KTzAOSBQQIBBgBkgUECAUYBKAGAoAHtIyKNKgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQucIJ0ggHCIBhEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zODIzOTE0MTUyNTk0NDY3GAA&sigh=Yg-QjaAyprk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3823914152594467&output=html&h=280&slotname=5036591060&adk=1127836827&adf=94180401&pi=t.ma~as.5036591060&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fmbascholarship.statusaboutlove.com%2Fonline-mba-programs-scholarship%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633006236141&bpp=3&bdt=250&idt=98&shv=r20210927&mjsv=m202109240101&ptt=9&saldr=aa&abxe=1&correlator=3325576050530&frm=20&pv=2&ga_vid=1429539003.1633006236&ga_sid=1633006236&ga_hid=83480732&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=632&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062936%2C21065725&oid=3&pvsid=4337922526716469&pem=497&loc=https%3A%2F%2Flevelingsolo.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMfgR10y20&p=https%3A//levelingsolo.com&dtd=114
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 30 Sep 2021 12:50:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109240101/ 142 KB
51 KB 36ms
36ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109240101/reactive_library_fy2019.js?bust=31062936

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109240101/show_ads_impl_fy2019.js?bust=31062936

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bd52e464460f8d044849f85c030375a58baf3765932fe631e49585f8480ef388

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52318
x-xss-protection: 0
server: cafe
etag: 6144444234163641814
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Sep 2021 12:50:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=2&c=ca-pub-3823914152594467

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 12:50:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 17ms
16ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-3823914152594467&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=true&a=6%2C1%2C5%2C7&apv=20210928_113528&sat=1632937318580&afm=0&as_count=1&d_count=1&ng_count=0&am_count=0&atf_count=1&mdns=0.066&alldns=0.066&allp=18&fd=(0%2C4%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=8738&su=levelingsolo.com&pvc=4337922526716469&r=0.1

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 12:50:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A1B0 143 B
163 B 14ms
13ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3823914152594467&output=html&h=280&slotname=5036591060&adk=1127836827&adf=94180401&pi=t.ma~as.5036591060&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fmbascholarship.statusaboutlove.com%2Fonline-mba-programs-scholarship%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633006236141&bpp=3&bdt=250&idt=98&shv=r20210927&mjsv=m202109240101&ptt=9&saldr=aa&abxe=1&correlator=3325576050530&frm=20&pv=2&ga_vid=1429539003.1633006236&ga_sid=1633006236&ga_hid=83480732&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=632&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062936%2C21065725&oid=3&pvsid=4337922526716469&pem=497&loc=https%3A%2F%2Flevelingsolo.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMfgR10y20&p=https%3A//levelingsolo.com&dtd=114
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm6roqPaYzgfVSNWzncI4FccPYgev1d5n6Ob0SCypAS03Tyu6zZC6yrXbAXxCo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3823914152594467&output=html&h=280&slotname=5036591060&adk=1127836827&adf=94180401&pi=t.ma~as.5036591060&w=336&fwrn=4&fwrnh=100&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fmbascholarship.statusaboutlove.com%2Fonline-mba-programs-scholarship%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633006236141&bpp=3&bdt=250&idt=98&shv=r20210927&mjsv=m202109240101&ptt=9&saldr=aa&abxe=1&correlator=3325576050530&frm=20&pv=2&ga_vid=1429539003.1633006236&ga_sid=1633006236&ga_hid=83480732&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=632&ady=468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062936%2C21065725&oid=3&pvsid=4337922526716469&pem=497&loc=https%3A%2F%2Flevelingsolo.com%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=TMfgR10y20&p=https%3A//levelingsolo.com&dtd=114

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 30 Sep 2021 12:34:13 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 50MIN.jpg
c1.vdo.ai/videos/categories/ 66 KB
66 KB 204ms
204ms Image
image/jpeg 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.vdo.ai/videos/categories/50MIN.jpg
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash: d8c42f2ad91ef03e95f22162f252499b78c25b75cf9f430129f2feb4bdbce5d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 12:50:37 GMT
Last-Modified: Thu, 16 Sep 2021 08:46:16 GMT
Server: nginx/1.12.2
ETag: "61430458-108bd"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 67773

GET
DATA 200
OK truncated
/ Frame 5C6E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41a9ce84af205ec9321652cd750377265d13373bda55da9b493b7d5e964ff176

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H/1.1 204
No Content 50MIN.m3u8
c1.vdo.ai/videos/categories/ Frame 0
0 295ms
98ms Preflight
text/plain 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.m3u8
Protocol: HTTP/1.1
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: vdoai
Origin: https://levelingsolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Thu, 30 Sep 2021 12:50:37 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 200
OK 50MIN.m3u8 Show response
c1.vdo.ai/videos/categories/ 37 KB
37 KB 194ms
193ms XHR
application/vnd.apple.mpegurl 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.m3u8
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash: 24c067974c4c0804f2c7f620253ce416bafe1c71ff1e2e4b644faa6da77bdf71

Request headers

Referer: https://levelingsolo.com/
vdoai: true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 30 Sep 2021 12:50:37 GMT
Last-Modified: Tue, 30 Jun 2020 06:47:56 GMT
Server: nginx/1.12.2
ETag: "5efae01c-93f1"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37873

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=2&c=ca-pub-3823914152594467

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 12:50:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=levelingsolo.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109240101/show_ads_impl_fy2019.js?bust=31062936

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Sep 2021 12:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/ Frame 9050 10 KB
5 KB 14ms
13ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109240101/show_ads_impl_fy2019.js?bust=31062936

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://levelingsolo.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm6roqPaYzgfVSNWzncI4FccPYgev1d5n6Ob0SCypAS03Tyu6zZC6yrXbAXxCo; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 30 Sep 2021 04:03:35 GMT
expires: Thu, 14 Oct 2021 04:03:35 GMT
content-type: text/html; charset=UTF-8
etag: 297313706323796346
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4617
x-xss-protection: 0
age: 31622
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK 4399e328-c589-4727-a70f-4404691ae55f
https://levelingsolo.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://levelingsolo.com/4399e328-c589-4727-a70f-4404691ae55f
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 5417
Content-Type: application/javascript

GET
BLOB 200
OK f79b737e-4b10-40c7-88bf-9102f2cc4853
https://levelingsolo.com/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://levelingsolo.com/f79b737e-4b10-40c7-88bf-9102f2cc4853
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 77017
Content-Type: application/javascript

GET
BLOB 200
OK 9e7ff3b2-018a-4423-b6f9-43a5188cb5ef
https://levelingsolo.com/ 75 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://levelingsolo.com/9e7ff3b2-018a-4423-b6f9-43a5188cb5ef
Requested by: Host: levelingsolo.com
URL: https://levelingsolo.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 77017
Content-Type: application/javascript

GET
H3 200 bridge3.482.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A538 576 KB
189 KB 7ms
7ms Document
text/html 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.482.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f10.1e100.net

Software

sffe /

Resource Hash

3491fbeef78def538210b2f240f06d2ffc67d92844206622d7069f1003718092

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.482.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://levelingsolo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 193423
date: Thu, 23 Sep 2021 13:43:14 GMT
expires: Fri, 23 Sep 2022 13:43:14 GMT
last-modified: Thu, 23 Sep 2021 13:33:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 601643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 93ms
93ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 30 Sep 2021 12:50:37 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 93ms
92ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 30 Sep 2021 12:50:37 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 92ms
91ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 30 Sep 2021 12:50:37 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 95ms
95ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 30 Sep 2021 12:50:37 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=83480732&t=event&_s=6&dl=https%3A%2F%2Flevelingsolo.com%2F&ul=en-us&de=UTF-8&dt=Solo%20Leveling%20Manga%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=pageview&el=v-levelingsolo&_u=SACAAUABC~&jid=&gjid=&cid=1429539003.1633006236&tid=UA-113932176-34&_gid=532807237.1633006236&gtm=2ou9r0&z=1262897537

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 09:45:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11137
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=83480732&t=event&_s=7&dl=https%3A%2F%2Flevelingsolo.com%2F&ul=en-us&de=UTF-8&dt=Solo%20Leveling%20Manga%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video&ea=began_atf&el=v-levelingsolo&_u=SACAAUABC~&jid=&gjid=&cid=1429539003.1633006236&tid=UA-113932176-34&_gid=532807237.1633006236&gtm=2ou9r0&z=177770698

Requested by

Host: levelingsolo.com
URL: https://levelingsolo.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 09:45:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11137
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a

Request headers

Referer
Origin: https://levelingsolo.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/ Frame 9050 18 KB
7 KB 9ms
8ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:49:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7607
x-xss-protection: 0
server: cafe
etag: 5036643633216217121
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:49:19 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 9050 3 KB
1 KB 9ms
9ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:48:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9050 122 KB
37 KB 19ms
18ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37837
x-xss-protection: 0
server: sffe
etag: "1632742272549041"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Thu, 30 Sep 2021 12:50:37 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 9050 14 KB
6 KB 9ms
9ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:48:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6194
x-xss-protection: 0
server: cafe
etag: 2541472377268313288
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 12:48:01 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/ Frame 9050 27 KB
11 KB 10ms
9ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210927/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 03:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32887
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11096
x-xss-protection: 0
server: cafe
etag: 8885281346021324493
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Oct 2021 03:42:30 GMT

GET
H3 200 13799216116986333067
tpc.googlesyndication.com/simgad/ Frame 9050 25 KB
25 KB 11ms
10ms Image
image/png 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13799216116986333067?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkAvJk36BbjDW8ep-HMcilmwTsOIQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

5f585298e5101f5d969662761ec8b6ad691d81892a40038990bda6d922f96402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 14:20:18 GMT
x-content-type-options: nosniff
age: 81019
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25956
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 09:39:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Sep 2022 14:20:18 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A1B0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
17 B

73ms
73ms

Document
text/html

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm6roqPaYzgfVSNWzncI4FccPYgev1d5n6Ob0SCypAS03Tyu6zZC6yrXbAXxCo; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Sep 2021 12:50:37 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 30-Sep-2021 13:50:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Sep 2021 12:50:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Sep 2021 12:50:37 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 -1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5AB5 35 KB
13 KB 10ms
8ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 09:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 28 Sep 2022 09:51:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5AE8 143 B
163 B 14ms
14ms Document
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm6roqPaYzgfVSNWzncI4FccPYgev1d5n6Ob0SCypAS03Tyu6zZC6yrXbAXxCo; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 30 Sep 2021 11:53:50 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5AE8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

46ms
46ms

Document
text/html

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUm6roqPaYzgfVSNWzncI4FccPYgev1d5n6Ob0SCypAS03Tyu6zZC6yrXbAXxCo; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Sep 2021 12:50:37 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 30-Sep-2021 13:50:37 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 30 Sep 2021 12:50:37 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 30 Sep 2021 12:50:37 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 -1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js Show response
pagead2.googlesyndication.com/bg/ Frame 9AE5 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210927/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 09:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 28 Sep 2022 09:51:48 GMT

GET
H/1.1 206
Partial Content 50MIN.ts Show response
c1.vdo.ai/videos/categories/ 272 KB
272 KB 98ms
98ms XHR
video/mp2t 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash: 8450af35d1bd59352ce8dc85bac2b69eb4544d701bbb63a1aba0228e6f77ef38

Request headers

Referer: https://levelingsolo.com/
vdoai: true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-278239

Response headers

Date: Thu, 30 Sep 2021 12:50:37 GMT
Last-Modified: Tue, 30 Jun 2020 06:48:33 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5efae041-9ce1398"
Content-Type: video/mp2t
Content-Range: bytes 0-278239/164500376
Connection: keep-alive
Content-Length: 278240

OPTIONS
H/1.1 204
No Content 50MIN.ts
c1.vdo.ai/videos/categories/ Frame 0
0 97ms
97ms Preflight
text/plain 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.ts
Protocol: HTTP/1.1
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://levelingsolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Thu, 30 Sep 2021 12:50:37 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 91ms
90ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_stories.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d3e2e4865d4da500004a465c33f6edef70398bf549465336918182b921ae8bff

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 12:50:38 GMT
X-Proxy-Origin: 216.131.114.222; 216.131.114.222; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5c3a7e94-b813-40ae-92f6-2757685a2166
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://levelingsolo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 206
Partial Content 50MIN.ts Show response
c1.vdo.ai/videos/categories/ 250 KB
250 KB 97ms
97ms XHR
video/mp2t 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash: 0aa4eafc9d2f6c21475adc994f678ce561805a84494e14e127f1ce2de727ac72

Request headers

Referer: https://levelingsolo.com/
vdoai: true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=278240-534295

Response headers

Date: Thu, 30 Sep 2021 12:50:38 GMT
Last-Modified: Tue, 30 Jun 2020 06:48:33 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5efae041-9ce1398"
Content-Type: video/mp2t
Content-Range: bytes 278240-534295/164500376
Connection: keep-alive
Content-Length: 256056

OPTIONS
H/1.1 204
No Content 50MIN.ts
c1.vdo.ai/videos/categories/ Frame 0
0 97ms
97ms Preflight
text/plain 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.ts
Protocol: HTTP/1.1
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://levelingsolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Thu, 30 Sep 2021 12:50:38 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C6E 42 B
64 B 32ms
17ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0bSpbXtmpPMROveY2uG14iF0ssTH9FhpT-s6wYMeniUL3gVMSpnLc8LnNHqPXpe1XMA_Phf_OpKR9YAEDCHeD3mH_QWsjNt82Nbi-xplN2Wikd10&sai=AMfl-YSBwQXFxU3hFBp7Fuk6LPUq3YX7sL4_NNdpSSKCXcJj2xHPi4W3kMnA_rfPh6JfSlDCA3bfF8DxDazA&sig=Cg0ArKJSzHVNGQ622bJ3EAE&id=lidar2&mcvt=1000&p=468,632,748,968&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210927&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1127836827&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633006236256&rpt=1064

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Sep 2021 12:50:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK logger Show response
analytics.vdo.ai/ 0
321 B 96ms
96ms XHR
text/html 54.39.16.115
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.vdo.ai/logger
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/dependencies_hbv4_latest/vdo.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.16.115 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns555277.ip-54-39-16.net
Software: openresty/1.19.3.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 30 Sep 2021 12:50:38 GMT
Content-Encoding: gzip
Server: openresty/1.19.3.1
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

OPTIONS
H2 204 zero1
zero1.technoratimedia.com/openrtb/bids/ Frame 0
0 95ms
95ms Preflight 129.159.70.95
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://zero1.technoratimedia.com/openrtb/bids/zero1?src=prebid_prebid_4.38.0
Protocol: H2
Server: 129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://levelingsolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Thu, 30 Sep 2021 12:50:38 GMT
access-control-allow-headers: content-type
access-control-allow-origin: https://levelingsolo.com
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 684968109
age: 0
via: 1.1 varnish

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ 0
178 B 492ms
164ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://levelingsolo.com
date: Thu, 30 Sep 2021 12:50:38 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 zero1 Show response
zero1.technoratimedia.com/openrtb/bids/ 0
293 B 97ms
97ms XHR
text/plain 129.159.70.95
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://zero1.technoratimedia.com/openrtb/bids/zero1?src=prebid_prebid_4.38.0
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 30 Sep 2021 12:50:38 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 441524340
access-control-allow-origin: https://levelingsolo.com
access-control-allow-credentials: true

GET
H2 200 ROS Show response
ads.us.e-planning.net/hb/1/30135/1/levelingsolo.com/ 63 B
384 B 19ms
19ms XHR
application/json 5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/hb/1/30135/1/levelingsolo.com/ROS?rnd=0.16928584847817607&e=300x250_0%3A300x250&ur=https%3A%2F%2Flevelingsolo.com%2F&r=pbjs&pbv=4.38.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Flevelingsolo.com%2F
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: b438d942a508f452149cc18f55223e0b2df2c3b3e481cc24b8b40b4c7682fd21

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 30 Sep 2021 12:50:38 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://levelingsolo.com
expires: Thu, 30 Sep 2021 12:50:38 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 63
x-sid: AMS-606

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 259 B
1 KB 115ms
115ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

914e98b6c09aee7bdf1fbb77acc1eb798cbaef69ab75b4113949579e024c701b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 12:50:38 GMT
X-Proxy-Origin: 216.131.114.222; 216.131.114.222; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 96851e44-33a3-4c18-92a4-9e39b5695c21
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://levelingsolo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 259
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 261 B
1 KB 117ms
117ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

dbe8891f01bdbb12dedba0a4a5eff1a41f7deb5b2d6dac956a3c62a2c06aff15

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://levelingsolo.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 12:50:38 GMT
X-Proxy-Origin: 216.131.114.222; 216.131.114.222; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9dced3b7-3f6d-4ce0-a2f0-78e1ce38fa6c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://levelingsolo.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 261
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 206
Partial Content 50MIN.ts Show response
c1.vdo.ai/videos/categories/ 182 KB
182 KB 97ms
97ms XHR
video/mp2t 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash: 82153e2ae2c8e781851b7bbaa6427220c35e8cf251963668aead03f24a3e5abe

Request headers

Referer: https://levelingsolo.com/
vdoai: true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=534296-720603

Response headers

Date: Thu, 30 Sep 2021 12:50:38 GMT
Last-Modified: Tue, 30 Jun 2020 06:48:33 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5efae041-9ce1398"
Content-Type: video/mp2t
Content-Range: bytes 534296-720603/164500376
Connection: keep-alive
Content-Length: 186308

OPTIONS
H/1.1 204
No Content 50MIN.ts
c1.vdo.ai/videos/categories/ Frame 0
0 97ms
97ms Preflight
text/plain 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.ts
Protocol: HTTP/1.1
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://levelingsolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Thu, 30 Sep 2021 12:50:38 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 21ms
21ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210927&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109240101/show_ads_impl_fy2019.js?bust=31062936

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a6a675088106d6f98799765d6531adafefcd35f7be11e95102b48e366bc2b8fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 30 Sep 2021 12:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8530
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 27ms
27ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109240101/show_ads_impl_fy2019.js?bust=31062936

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 12:50:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 30 Sep 2021 12:50:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1182 12 KB
5 KB 7ms
7ms Document
text/html 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://levelingsolo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Thu, 30 Sep 2021 12:45:14 GMT
expires: Fri, 30 Sep 2022 12:45:14 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CAFB 783 B
534 B 17ms
17ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

60941629a59c4eb7d4138927db663abd97c5519a78273a74898ef4b1a662c5cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3todwr0G2hXzIA7S9ubGfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://levelingsolo.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 30 Sep 2021 12:50:38 GMT
date: Thu, 30 Sep 2021 12:50:38 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-3todwr0G2hXzIA7S9ubGfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CAFB 0
0 47ms
46ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210927&jk=4337922526716469&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 -1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1182 35 KB
13 KB 7ms
7ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-1aq-589pTXQhIX0O0sr0by93NOseZw7_D6wdr9M3ZU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 09:51:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13400
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 28 Sep 2022 09:51:48 GMT

GET
H/1.1 206
Partial Content 50MIN.ts Show response
c1.vdo.ai/videos/categories/ 312 KB
312 KB 98ms
97ms XHR
video/mp2t 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash: 1053d9a7a30c6ee184c90dbcdcfb2735a05f43b0f31de917639b4570fa228a87

Request headers

Referer: https://levelingsolo.com/
vdoai: true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=720604-1039827

Response headers

Date: Thu, 30 Sep 2021 12:50:38 GMT
Last-Modified: Tue, 30 Jun 2020 06:48:33 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5efae041-9ce1398"
Content-Type: video/mp2t
Content-Range: bytes 720604-1039827/164500376
Connection: keep-alive
Content-Length: 319224

OPTIONS
H/1.1 204
No Content 50MIN.ts
c1.vdo.ai/videos/categories/ Frame 0
0 97ms
97ms Preflight
text/plain 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.ts
Protocol: HTTP/1.1
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://levelingsolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Thu, 30 Sep 2021 12:50:38 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 33ms
32ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210927&jk=4337922526716469&bg=!ZGelZyPNAAZNQyuQTUM7ACkAdvg8WqK5pL6Urfe3Ov0ayPyqLv85A35CU0zllIrBRDIHJcRamsIqDgIAAABYUgAAAAtoAQeZAq7XrjnYuAkgCloL3GurLeZAX0IYss-DmKJgPyR_EdAgmahYWhLRU8nTQbrDISxJKfOg4XlrGMCsv6iF1TbIZRRuDv_sG9TMDLeefAPxtzt2OdX9EhBFWVjm0c5baETBqtITasK22eqGFYu-pYkoHZDCdBTLw1bZCbLq2bM_qxvsYFC0xe5I7Qq72bHSvPVTTmmWU0r-DSUkz5gkwc9rnQeEd6-qgaMtQezAtvWBEFPIrCsoMgi8twwFHv-isfZBkIcjqwoPKfqXrZVE9S9NW_bJxzO8ehWENDuVXJRySuvckFScgIlb6pLjzyGyJido5oxvCd80S5AdHvhm5JuWQstkjVv1w3ndfXW5vtVlsDAXnw_5O8IHz4yL2JyVnPv00PBPsaPrkSTMJ4VRU9sxcNI-VG3pGgn02wqY3WvpEW6-QSazDQ2WMMHnJBRbGu85U9Yj0CNT9U6eebCknU53uN2Lw0SHBvIATaZlRD3kb-FQYoNxCbrNLzY07hssOVflntQDOgvo6ca_YZ2Tuj1QW4uFta91bhufqppx_53xdoo3rVaNjEWS4izSsiOfkWJc6ibBQ2pSK6ktR1OuZQk_gB2e7MHRAg_AMecHA9THk4_SFXUgHKaYjiKIHBIF_BRJFWeKDdQNeuR8qW74oLSwLa7zU1rHjhvN7WWCh-WT7RglKxD7R7sZf4L2pfT7AasbkynjxYfvIV1MIQH6OujWna0TK6aZtxFj62omW8G5qjxK7HAUNeHXywmGgR4Ko3OEZFI1JQ_HPGr1JwVNCDO4dp-_0P7e0hyrunJ2O7cjwh7YkhrMSbL3y6-tJjSu9b8Brh9nShfdBmpjD014JxlMx1qJVyBrdiHQX_2ES7PSytUWcg9AMAfFGNKBvfvKjWhy-i4H4I_MtjHrU61LfvdYjg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

OPTIONS
H/1.1 204
No Content 50MIN.ts
c1.vdo.ai/videos/categories/ Frame 0
0 97ms
97ms Preflight
text/plain 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.ts
Protocol: HTTP/1.1
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://levelingsolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Thu, 30 Sep 2021 12:50:39 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content 50MIN.ts Show response
c1.vdo.ai/videos/categories/ 222 KB
222 KB 99ms
99ms XHR
video/mp2t 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash: 05cc0a9e074867b51dae24b020d0472ef449a1e6a02f76c1b41a748885beb682

Request headers

Referer: https://levelingsolo.com/
vdoai: true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=1039828-1267119

Response headers

Date: Thu, 30 Sep 2021 12:50:39 GMT
Last-Modified: Tue, 30 Jun 2020 06:48:33 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5efae041-9ce1398"
Content-Type: video/mp2t
Content-Range: bytes 1039828-1267119/164500376
Connection: keep-alive
Content-Length: 227292

GET
H/1.1 206
Partial Content 50MIN.ts Show response
c1.vdo.ai/videos/categories/ 259 KB
259 KB 98ms
98ms XHR
video/mp2t 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash: 14df3219f1bd9df3fdafa2a0cdc92e9eee9f653561a296df45355cdd97c34450

Request headers

Referer: https://levelingsolo.com/
vdoai: true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=1267120-1531823

Response headers

Date: Thu, 30 Sep 2021 12:50:39 GMT
Last-Modified: Tue, 30 Jun 2020 06:48:33 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5efae041-9ce1398"
Content-Type: video/mp2t
Content-Range: bytes 1267120-1531823/164500376
Connection: keep-alive
Content-Length: 264704

OPTIONS
H/1.1 204
No Content 50MIN.ts
c1.vdo.ai/videos/categories/ Frame 0
0 98ms
98ms Preflight
text/plain 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.ts
Protocol: HTTP/1.1
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://levelingsolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Thu, 30 Sep 2021 12:50:39 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 206
Partial Content 50MIN.ts Show response
c1.vdo.ai/videos/categories/ 297 KB
297 KB 98ms
97ms XHR
video/mp2t 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.ts
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/vdo.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash: 879e582f5109ed6f3d2dfc7a4421deb75224a88c1ee3cd1073e6c21b7678d31b

Request headers

Referer: https://levelingsolo.com/
vdoai: true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=1531824-1835819

Response headers

Date: Thu, 30 Sep 2021 12:50:39 GMT
Last-Modified: Tue, 30 Jun 2020 06:48:33 GMT
Server: nginx/1.12.2
Access-Control-Allow-Origin: *
ETag: "5efae041-9ce1398"
Content-Type: video/mp2t
Content-Range: bytes 1531824-1835819/164500376
Connection: keep-alive
Content-Length: 303996

OPTIONS
H/1.1 204
No Content 50MIN.ts
c1.vdo.ai/videos/categories/ Frame 0
0 97ms
97ms Preflight
text/plain 54.39.51.175
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.vdo.ai/videos/categories/50MIN.ts
Protocol: HTTP/1.1
Server: 54.39.51.175 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns559790.ip-54-39-51.net
Software: nginx/1.12.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: range,vdoai
Origin: https://levelingsolo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.12.2
Date: Thu, 30 Sep 2021 12:50:39 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,vdoai
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F031 52 KB
17 KB 52ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_stories.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://levelingsolo.com/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=733320845183756705; icu=ChgIlO1yEAoYAiACKAIwnuXWigY4AkACSAIKGAicvnYQChgBIAEoATCd5daKBjgBQAFIARCe5daKBhgC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 29 Sep 2021 04:19:48 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 30 Sep 2021 12:50:39 GMT
Age: 30648
X-Served-By: cache-lga21983-LGA, cache-hhn4080-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 208347, 572873
X-Timer: S1633006240.931884,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5B49 52 KB
17 KB 55ms
10ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_stories.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://levelingsolo.com/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=733320845183756705; icu=ChgIlO1yEAoYAiACKAIwnuXWigY4AkACSAIKGAicvnYQChgBIAEoATCd5daKBjgBQAFIARCe5daKBhgC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 29 Sep 2021 04:19:48 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 30 Sep 2021 12:50:39 GMT
Age: 30649
X-Served-By: cache-lga21983-LGA, cache-hhn4065-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 208347, 573087
X-Timer: S1633006240.932418,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame 71E4 17 KB
6 KB 55ms
8ms Document
text/html 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_5.6.0
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_stories.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2F8) /
Resource Hash: 62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e

Request headers

:method: GET
:authority: ad-cdn.technoratimedia.com
:scheme: https
:path: /html/usersync.html?src=prebid_prebid_5.6.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://levelingsolo.com/
accept-encoding: gzip, deflate, br
cookie: tads_uid=GDPR
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 670
cache-control: max-age=900
content-type: text/html; charset=UTF-8
date: Thu, 30 Sep 2021 12:50:39 GMT
etag: "450f-5c7a90520f640"
expires: Thu, 30 Sep 2021 13:05:39 GMT
last-modified: Wed, 21 Jul 2021 21:40:33 GMT
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server: ECAcc (frd/E2F8)
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-varnish: 254158774
content-length: 5566

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F031 0
734 B 14ms
14ms Script
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 12:50:39 GMT
X-Proxy-Origin: 216.131.114.222; 216.131.114.222; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 1871b53f-b555-435d-96df-e29f9e1661f2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5B49 0
734 B 22ms
22ms Script
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 12:50:39 GMT
X-Proxy-Origin: 216.131.114.222; 216.131.114.222; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 193006b9-cc16-4309-b893-d25e1557b876
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame F031 0
734 B 12ms
12ms Script
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 12:50:40 GMT
X-Proxy-Origin: 216.131.114.222; 216.131.114.222; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3c041c7d-ee6f-4695-8a54-79e8675bee18
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5B49 0
734 B 21ms
21ms Script
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 12:50:40 GMT
X-Proxy-Origin: 216.131.114.222; 216.131.114.222; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: aa068915-e9ec-4d56-8c85-6497a66fa6fc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5F3F 52 KB
17 KB 6ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://levelingsolo.com/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=733320845183756705; icu=ChgIlO1yEAoYAiACKAIwnuXWigY4AkACSAIKGAicvnYQChgBIAEoATCd5daKBjgBQAFIARCe5daKBhgC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Wed, 29 Sep 2021 04:19:48 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 30 Sep 2021 12:50:41 GMT
Age: 30650
X-Served-By: cache-lga21983-LGA, cache-hhn4065-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 208347, 573117
X-Timer: S1633006241.421286,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame E7D1 17 KB
6 KB 7ms
6ms Document
text/html 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.38.0
Requested by: Host: a.vdo.ai
URL: https://a.vdo.ai/core/assets/rtb_v4.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2F8) /
Resource Hash: 62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e

Request headers

:method: GET
:authority: ad-cdn.technoratimedia.com
:scheme: https
:path: /html/usersync.html?src=prebid_prebid_4.38.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://levelingsolo.com/
accept-encoding: gzip, deflate, br
cookie: tads_uid=GDPR
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://levelingsolo.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 672
cache-control: max-age=900
content-type: text/html; charset=UTF-8
date: Thu, 30 Sep 2021 12:50:41 GMT
etag: "450f-5c7a90520f640"
expires: Thu, 30 Sep 2021 13:05:41 GMT
last-modified: Wed, 21 Jul 2021 21:40:33 GMT
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server: ECAcc (frd/E2F8)
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-varnish: 254158774
content-length: 5566

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5F3F 0
734 B 16ms
16ms Script
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 12:50:41 GMT
X-Proxy-Origin: 216.131.114.222; 216.131.114.222; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d7e81ba1-f291-4d9f-8b60-204ee0459faf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5F3F 0
734 B 14ms
14ms Script
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 30 Sep 2021 12:50:42 GMT
X-Proxy-Origin: 216.131.114.222; 216.131.114.222; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 509fd064-ad37-46d8-ade6-4d6adb8e6ae1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c1.vdo.ai
URL: https://c1.vdo.ai/sample/51.mp4

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
levelingsolo.com/	1970-01-20 06:22:22	Name: cookielawinfo-checkbox-necessary Value: yes
levelingsolo.com/	1970-01-20 06:22:22	Name: cookielawinfo-checkbox-non-necessary Value: yes
.levelingsolo.com/	1970-01-20 15:07:58	Name: _ga Value: GA1.2.1429539003.1633006236
.levelingsolo.com/	1970-01-19 21:38:12	Name: _gid Value: GA1.2.532807237.1633006236
.levelingsolo.com/	1970-01-19 21:36:46	Name: _gat_gtag_UA_151251999_7 Value: 1
.vdo.ai/	1970-01-19 21:36:48	Name: __cf_bm Value: _OUMjY5Zz9PRHNfweLt6kOeJZdjYZAem0zlBzx1qQMg-1633006236-0-ASmLYC14F216ArvEHEGYOP/hYgVtW6LjWuXZD8pzO7TDGQUVrBkP/pW/gwFt6NkJPFsiTzmdSf2io9ppyxFcMEs=
.levelingsolo.com/	1970-01-19 21:36:46	Name: _gat_gtag_UA_113932176_34 Value: 1
.levelingsolo.com/	1970-01-20 06:58:22	Name: __gads Value: ID=34879731ad3d926c-227d535683c90022:T=1633006236:S=ALNI_MYF8_PCzOuRkz6OHzDBNSFPG8evWg
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 83m2c5tfMl4
.youtube.com/	1970-01-20 01:55:58	Name: VISITOR_INFO1_LIVE Value: rlr3UhgcRJ4
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.doubleclick.net/	1970-01-20 15:07:58	Name: IDE Value: AHWqTUm6roqPaYzgfVSNWzncI4FccPYgev1d5n6Ob0SCypAS03Tyu6zZC6yrXbAXxCo
.adnxs.com/	1970-01-19 23:46:22	Name: uuid2 Value: 733320845183756705
.doubleclick.net/	1970-01-19 21:36:49	Name: DSID Value: NO_DATA
.technoratimedia.com/	1970-01-21 17:24:46	Name: tads_uid Value: GDPR
.adnxs.com/	1970-01-19 23:46:22	Name: icu Value: ChgIlO1yEAoYAiACKAIwnuXWigY4AkACSAIKGAicvnYQChgBIAEoATCd5daKBjgBQAFIARCe5daKBhgC

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://levelingsolo.com/(Line 59) Message: Failed to set referrer policy: The value 'https://www.google.com/' is not one of 'always', 'default', 'never', 'origin-when-crossorigin', 'no-referrer', 'no-referrer-when-downgrade', 'origin', 'origin-when-cross-origin', 'same-origin', 'strict-origin', 'strict-origin-when-cross-origin', or 'unsafe-url'. The referrer policy has been left unchanged.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 78) Message: Origin trial controlled feature not enabled: 'trust-token-redemption'.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 78) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4bb4a68ef448ef8ce755a4b9afbf66db.safeframe.googlesyndication.com
a.vdo.ai
acdn.adnxs.com
ad-cdn.technoratimedia.com
ads.us.e-planning.net
adservice.google.com
analytics.vdo.ai
c1.vdo.ai
cdn.onesignal.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
img.onesignal.com
levelingsolo.com
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
prebid-asia.creativecdn.com
protagcdn.com
s0.2mdn.net
securepubads.g.doubleclick.net
static1.twitcount.com
stats.g.doubleclick.net
syndication.twitter.com
targeting.vdo.ai
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.healthzap.co
www.youtube.com
zero1.technoratimedia.com
c1.vdo.ai
103.132.192.30
104.18.225.52
104.18.226.52
104.21.24.175
104.21.35.132
104.21.57.60
104.244.42.136
129.159.70.95
142.250.181.238
142.250.184.194
142.250.184.206
142.250.184.230
142.250.185.131
142.250.185.193
142.250.185.202
142.250.185.66
142.250.185.99
142.250.186.142
142.250.186.164
142.250.186.97
142.250.186.98
151.101.193.108
152.199.22.191
172.217.16.138
172.217.18.98
172.67.222.146
172.67.75.177
185.172.148.128
185.33.221.87
216.58.212.168
216.58.212.174
5.178.65.246
54.39.16.115
54.39.51.175
74.125.71.156
93.184.220.66
051f88a44798b537df0bc62e78b6acf7ea972819351320019dd4768a8bb2fea0
05cc0a9e074867b51dae24b020d0472ef449a1e6a02f76c1b41a748885beb682
06a1172292af1d4f325343dacfe30edb60ad552d9bf5af3347b2e38ecfdb931d
06e9e20b3a7952f10c833841ee412c20f7f3fbc0094e9ccd9b2262584134d34a
0a37b82cb47cee4c6015ee252c5383571768e892a51a447610417b115c08016f
0aa4eafc9d2f6c21475adc994f678ce561805a84494e14e127f1ce2de727ac72
1053d9a7a30c6ee184c90dbcdcfb2735a05f43b0f31de917639b4570fa228a87
1151c61511dddd42334eb2c13b7ec27f5eff2e911554d9cf22fd0820c6e25a6f
13578d1af4231b0fe1dce97d8c588932ffd2f70cd593575640a8315463bd2c37
14df3219f1bd9df3fdafa2a0cdc92e9eee9f653561a296df45355cdd97c34450
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b808250e44a468f82d19a076166e56187fdb79f1b42a77ab15fb55bb4e0f98a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
24c067974c4c0804f2c7f620253ce416bafe1c71ff1e2e4b644faa6da77bdf71
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
2b428bc45d43e230d1ef93a39bb48f53cadc575474ce4f6fba50d68a5207aa25
2b83715515dba22e4e5eada494e1998b7fbe9a062eebc0e62df9f3abb9ceb108
2e2201192d8a342b5f570c4418dc4dcd2c0460243b4f9ba99c60a7c312d13e50
31baf9c4eda4d6e0b2c41dfd2bca59c25b0c47d2ff5910c851abf8ffb6d890be
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
338ab3f2a325e1b58359c52213760c9954b3d9aa9aefbfc30226efc6e150cfe5
3446f6823d1a6a5f424dbd1836446019e2d3f5b57bb74c251a9adadafc195007
3491fbeef78def538210b2f240f06d2ffc67d92844206622d7069f1003718092
38b0d7ede13016d5dd8d15faf6d912c31e91b59a589bbb7f2b5184d9f21020a8
3a641f236a23c5a62a5bfe6a7dc8c739753e908df1e46349a826808466f68afb
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
410b77cfed895ed4121c51db552980b028e957881909f803f67192c4ad59b315
41a9ce84af205ec9321652cd750377265d13373bda55da9b493b7d5e964ff176
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4975c38424c3785c3f5484b2ed12632915ff171b163831b271a1744e393fcef4
4aa3c991887b7bade387973b566a206c464b1947c7eea475668b2518c201fcac
4abd17036c2802f9e1f8d8b804e8bd03ce13ddc55be203081574b9e9563f3dd0
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d9bac431741073b96fe0d5388397a6413930c598e9ce847ac47756d5fc2c128
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
4f7666008ef241ee8454a1c6e5e9d4ed39a83e13047d9b87f1cd7115b60c9203
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5384f283d6d8f069714ce8ce7d75a1f190b788df9f8922bd3897ba00cdb8d24b
5656c1fc5407eff38062bbead2773b293d8933c5c3b22a30bcedae7609ad2b4a
5818e7907c70160d02c8319a6e58d55b269b66befd72a4aa47d3b6d0b8d2a004
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e57d9f58033daa3d68243392c6d9c7ddd76513af270bbb1a329fcfb7a2d0090
5f585298e5101f5d969662761ec8b6ad691d81892a40038990bda6d922f96402
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60941629a59c4eb7d4138927db663abd97c5519a78273a74898ef4b1a662c5cd
6217131c3ed7a6e0ce1bbaaebf3da326d47fba2f51da3b84ff072c33c7aecbe8
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e
69a244928846a0a6de92dfe03b7866ad0d4ac4f42793cf58d8e866854d0508ba
6a86bd0e204c68ea8187232cbb77dd3bd3ecc97f1cde72072f11ff01e98359db
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
7186085954c1f074a1cb7438e896eed0bde97dc04987ce74462916e6c76cb04c
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
73d958b46847fa025a00564df3010dc62d1b89472d22edaca0d34d9257f89b76
79957868172b22a027d0965e4bbd238e52589f31027dc7cdbe4ae2c14b5438e7
7b6ca722b11ece7b4d120738db3c14b8880487b0646a71812abaa66755033d12
7d09f57e557d83ed800a611c2d73b14e9d3884ac706d56afe6abf04f60aaf790
82153e2ae2c8e781851b7bbaa6427220c35e8cf251963668aead03f24a3e5abe
822d499d2f426b963bd55175843b02b752f810a9a99682e8bed8c1d792e5725c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cc43493664b426bfd23b2df89150ecccb88df396646a19f9223c6cd98afe39
8450af35d1bd59352ce8dc85bac2b69eb4544d701bbb63a1aba0228e6f77ef38
879e582f5109ed6f3d2dfc7a4421deb75224a88c1ee3cd1073e6c21b7678d31b
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
89e74722a5493fa8803b32aeabe7533e6238eb24935b0676fb14739a847f373e
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d432019b85704759c8bf58c285d3b46f9d964e4acbff37e24d2af2817d949ae
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
8e32695eb554644820130b6b6c39187282bfaef34cf5b88b9a8c9b10d2da1e03
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
914e98b6c09aee7bdf1fbb77acc1eb798cbaef69ab75b4113949579e024c701b
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
98d0024367ca4e53177cdee254773e43ffeca617590c504b141dd07c6b9838a3
99052a1481e3c3e401864e5df92489f13d15e7a1709d70c5f42d9cab485875d4
9adf28f17b88f7835611736a9461d0452433a4e12f3ebaafae1689394aeb8d7b
9d1e80dca804946cb3c9100b4a5eb0308572b223af10c30acfb5191fafd05f53
a01b4363c7c7b5aa019091e1bde7995ba45efd9f7d96abfcda5e5b7a2294175b
a3ea75949334134708de40e7e52887025f971fa400c56ab59c4bfec7ae4c92fa
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e
a6a675088106d6f98799765d6531adafefcd35f7be11e95102b48e366bc2b8fa
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a79597d6a7f4758d0bdbcdf02d7da904139ae4095947d883dc6a7027579aa802
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e
b095aa0f7b36de13ddcd6fe34f5d8d0e18d411db8ea6e252acc7a58f707deb0d
b18681a82ac52105a909d98563860994fa9002da2b3d44b2ed98640e49dbfd73
b438d942a508f452149cc18f55223e0b2df2c3b3e481cc24b8b40b4c7682fd21
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
bb5f0939df3cf6eba570971ff593b539c02abdc68cfd01537af4bc439a186047
bd52e464460f8d044849f85c030375a58baf3765932fe631e49585f8480ef388
bd820d4d9bf44bfb793874455174cea7b3d91224ff8845c9cf31f97d43feee8d
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9d9af9e32c8dbc9474fd7c29a5b05fb3fb051b91cbf84eb68636f0040488550
c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064
cabea33759f6e897531f8baae94356f96e3e18b6e6dd8d9a97e6bb9098d6b61a
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3e2e4865d4da500004a465c33f6edef70398bf549465336918182b921ae8bff
d5a94d599f09ee486e62955f09c1857cfa6c029f9b27c568298d60855c265cd8
d8c42f2ad91ef03e95f22162f252499b78c25b75cf9f430129f2feb4bdbce5d5
d9cf9defb127aedf3ee6a008c98e83fe27cddfe03b7a22a4e5b2ebcec7bd9489
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbe8891f01bdbb12dedba0a4a5eff1a41f7deb5b2d6dac956a3c62a2c06aff15
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5668ad294690c0def710438c8462f2eb7ece9e8ef4b7ab53cb93a45d1f8cd7c
e673499e398dc69ace48be0c4b3c5776c3878b2e7197121fa0ba7e6fd166c5a7
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ec688916766f7da6ed29e873c0d05d953bc8270a405563b4dd15f1a657179f8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c966edfc6ce40ca892f7e2bc53a95bd27cb94ac8b6fa61fcb30457ff214600
fb56aafb9f3da535d08485f43b4b2bd1bcbddcd3ac799c3bfc3eb076bf4cdd95
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

levelingsolo.com Open in urlscan Pro 104.21.57.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

194 Requests

98 %HTTPS

0 %IPv6

22 Domains

39 Subdomains

37 IPs

7 Countries

5705 kBTransfer

11546 kBSize

16 Cookies

11 Outgoing links

Redirected requests

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

levelingsolo.com Open in urlscan Pro
104.21.57.60 Public Scan

Screenshot
Live screenshot

Full Image

194
Requests

98 %
HTTPS

0 %
IPv6

22
Domains

39
Subdomains

37
IPs

7
Countries

5705 kB
Transfer

11546 kB
Size

16
Cookies

194 HTTP transactions
4 data transactions